Blog

Engineering
May 6, 2026

The self-driving codebase: Building Horizon at WorkOS

A detailed glimpse at Project Horizon: an internal code factory at WorkOS.

Matt Dzwonczyk
Read more
Product
Mar 19, 2026

Pipes MCP: Session-scoped authorization for AI agents

Grant agents time-limited access to OAuth connections using Pipes and MCP.

Ryan Cooke
Mar 19, 2026
Product
Mar 18, 2026

Agent Experience: Build without leaving your terminal

Develop with WorkOS entirely from your terminal, with agent-ready tooling built in.

Nick Nisi
Mar 18, 2026
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Guides
Dec 10, 2025

Cross App Access (XAA): The enterprise way to govern AI app integrations

How the Identity Assertion Authorization Grant (ID-JAG)—marketed by Okta as Cross-App Access (XAA)—lets enterprises manage MCP AI app connections through their IdP, with centralized visibility, policy control, and no consent fatigue.

Maria Paktiti
Dec 10, 2025
Guides
Dec 10, 2025

The Linux Foundation Launches the Agentic AI Foundation—MCP Finds Its Permanent Home

The Linux Foundation unites MCP, goose, and AGENTS.md under open governance. WorkOS breaks down what the new Agentic AI Foundation (AAIF) means for developers.

Zack Proser
Dec 10, 2025
Guides
Dec 9, 2025

Dynamic Client Registration (DCR) in MCP: What it is, why it exists, and when to still use it

A practical guide to OAuth’s original MCP onboarding method: how DCR works, where it breaks at scale, and why it still matters alongside CIMD.

Maria Paktiti
Dec 9, 2025
Guides
Dec 8, 2025

Client ID Metadata Documents (CIMD): How OAuth client registration works in MCP

Scalable, stateless client registration for AI agents: using a URL as your OAuth client ID to access MCP servers.

Maria Paktiti
Dec 8, 2025
Guides
Dec 5, 2025

How AI makes OAuth 2.0 and OIDC non-negotiable for SaaS apps

OAuth 2.0 and OIDC are no longer just for SSO or integrations; they’re the trust layer that makes AI agents safe, scoped, and governable.

Maria Paktiti
Dec 5, 2025
Product
Dec 4, 2025

November Updates

Strengthened SSO Security with Sign-in Consent, CIMD Support for MCP Auth, AuthKit SDK for TanStack Start, & more

Conner Simmons
Dec 4, 2025
Guides
Dec 4, 2025

Amazon Nova Forge: Custom foundation models are no longer just for tech giants

‍AWS’s new “open training” approach could fundamentally reshape who gets to build frontier-grade AI models—and what they can do with their proprietary data.

Zack Proser
Dec 4, 2025
Guides
Dec 4, 2025

MCP Async Tasks: Building long-running workflows for AI Agents

What MCP Tasks are, why they matter, and the full technical guide to implementing them.

Maria Paktiti
Dec 4, 2025
Guides
Dec 3, 2025

The developer’s guide to SaaS multi-tenant architecture

A practical, end-to-end deep dive into data isolation, tenant-aware auth, scaling, and compliance for B2B SaaS.

Maria Paktiti
Dec 3, 2025
Guides
Dec 2, 2025

CIMD vs DCR: The new default for MCP Client Registration in 2025

A technical guide to MCP client registration: Dynamic Client Registration (DCR) vs Client ID Metadata Documents (CIMD).

Maria Paktiti
Dec 2, 2025
Glossary
Dec 1, 2025

What is OAuth 2.0?

How modern apps get access to your data without your password.

Maria Paktiti
Dec 1, 2025
Company updates
Dec 1, 2025

FGA : How WorkOS is rethinking authorization for the next generation of SaaS

WorkOS FGA introduces a new approach to SaaS authorization that extends familiar RBAC into a flexible, hierarchical model designed for real product evolution. Learn why traditional RBAC and schema-driven FGA systems break down as applications grow, how WorkOS’ resource-scoped model avoids rewrites and role explosion, and how it supports enterprise identity mapping, high-cardinality architectures, and emerging AI agent workflows.

Pavan Kulkarni
Dec 1, 2025
Guides
Nov 28, 2025

How to design an RBAC model for multi-tenant SaaS

Keep tenants isolated, roles sane, and your auth layer out of incident reviews.

Maria Paktiti
Nov 28, 2025
Guides
Nov 27, 2025

Authorization in Python: Best practices and patterns that won’t bite you later

The checklist that makes authorization boring, predictable, and surprisingly hard to break.

Maria Paktiti
Nov 27, 2025
News
Nov 26, 2025

MCP 2025-11-25 is here: async Tasks, better OAuth, extensions, and a smoother agentic future

Year two starts with fewer hacks and more infrastructure.

Maria Paktiti
Nov 26, 2025

No results found

Please try a different search

We’re hiring

Our global team is growing and we’re hiring all types of roles.

View open roles
About us

WorkOS builds developer tools for quickly adding enterprise features to applications.

Learn more

This site uses cookies to improve your experience. Please accept the use of cookies on this site. You can review our cookie policy here and our privacy policy here. If you choose to refuse, functionality of this site will be limited.