Blog

Aug 21, 2025

How WorkOS solved enterprise auth for MCP servers

Learn how WorkOS acts as an OAuth bridge that removes authentication complexity so you can focus on building your MCP server's core functionality.

Zack Proser

Guides

Sep 9, 2025

Implementing a generic SCIM client: A practical guide

If you’ve built a custom Identity Provider, you’ll need to implement SCIM client functionality yourself. This guide shows you how to build a standards-compliant SCIM 2.0 client that can provision users and groups using WorkOS as the SCIM service provider.

Product Engineering at WorkOS

Product engineers don’t just write code, they own the whole delivery lifecycle.

How WorkOS Radar does rate limiting with device fingerprinting

Radar can detect threats even when they switch up or spoof their IP address. Here's how.

How do you know when you’ve hit product-market fit?

How will you know once you've found Product Market Fit? Through these signs, which also tell you that you're ready to go upmarket after enterprise customers.

How WorkOS Radar's bot detection works

Every day, countless bots attempt to breach applications by exploiting authentication systems. Here's how WorkOS Radar stops them.

How WorkOS Radar really works

How does WorkOS Radar really work? How do you install and set it up and what does it reveal?

How to build SAML SSO with WorkOS, Okta, and Python

Step-by-step tutorial that walks you through the necessary steps to add SSO to your app using SAML, Okta, Python, and WorkOS.

How to build SAML SSO with WorkOS, Okta, and Ruby

Step-by-step tutorial that walks you through the necessary steps to add SSO to your app using SAML, Okta, Ruby, and WorkOS.

How to build a user management dashboard with WorkOS and Node

Step-by-step tutorial on how to add basic user management functionality to your app using Node.js and WorkOS.

How to implement row-level security with WorkOS FGA and Postgres: tutorial and code

Your support ticketing system contains sensitive data from multiple organizations and customers. How do you ensure users only see tickets they're authorized to view?

How to build SAML SSO with WorkOS, Okta, and Go

Step-by-step tutorial that walks you through the necessary steps to add SSO to your app using SAML, Okta, Go, and WorkOS.

How to build Log in with Google using Go and WorkOS

Step-by-step tutorial that walks you through the necessary steps to add Log in with Google to your app using Go and WorkOS.

We shipped our auth server to your browser with WASM. Here's how it's going

Picture this: you've built a powerful authorization system based on Google's Zanzibar design, capable of handling complex permission relationships at scale. Now you want to let developers try it out. How can you let them experiment freely without spinning up countless backend environments?

AuthQuake: Microsoft's MFA system vulnerable to TOTP brute force attack

A critical vulnerability in Microsoft's multi-factor authentication (MFA) system has been discovered by Oasis Security's research team, allowing attackers to bypass time-based one-time passwords (TOTPs) through brute force methods.

What is multitenant authentication?

Learn how to build and scale authentication systems that serve multiple enterprise customers. This guide explores key concepts in multitenant authentication, from managing organization-specific SSO and security policies to avoiding common pitfalls.