Everything you need to know to secure your MCP server using OAuth 2.1 and PKCE, server and auth metadata, client registration, JWT validation, and role-based access control.
By creating a central catalog of available servers, the MCP Registry has solved the discovery problem—but that's only half the equation. The real challenge lies in authentication.
42% of companies abandoned most AI initiatives in 2025, up from just 17% in 2024. After analyzing dozens of enterprise deployments, we found 4 patterns that separate winners from the graveyard of abandoned prototypes.
In this step-by-step tutorial, learn how to configure and validate your WorkOS webhooks from your development machine by using ngrok's secure, public URLs.
Learn the key differences between SP-initiated and IdP-initiated SSO authentication, including pros, cons, and when to use each method for better security.
In this blog post you'll learn how the Engineering team at WorkOS communicates asynchronously using Threads
Discover what makes for a good changelog and the best practices you should follow to create an effective one.
Designing a dark mode version of your app comes with its own challenges. In this post, we will share some of the lessons we learned during the implementation of dark mode at WorkOS.
In this guide, we'll explore 15 ways to keep your teammates and customers secure at your growing startup from threats such as data breaches, phishing, cryptojacking, ransomware, and DDoS attack.
The size of your startup, no matter how small, won’t keep it safe. In this post, we cover five common threats facing your startup and explain how they work.
One time passwords (OTPs), such as those created by authenticator apps and Yubikeys, are a common way to add additional security to application authentication.
Nullable references are a familiar sight in many programming languages. Today we'll be exploring how to stack optionals in TypeScript and where null and undefined fall short.
Architecting SSO from a Systems Design perspective: what code and data lives where, who controls what, and what this ultimately means for your business as you grow your app
Developers are tired of being tied to the technology stack their CMS vendor requires. Is a headless CMS the solution? Learn more in our Developer's Guide to Headless CMSs.
I’m delighted to announce our Series A financing! In this post I’ll share more details about the problem WorkOS is solving, why we are solving it, and what the future holds if we are successful in our mission.
Creating great developer documentation is harder than it looks. Learn from Stripe, Twilio, GitHub, and more to learn how you can create docs like the greats. Acquire more users, retain more users
Zendesk crossed the chasm between the SMB market and the enterprise market, all while expanding its product line and developing the features that made enterprises want to adopt its products.
What does federated mean? Learn how that federation applies to search, identity, and databases.
Our global team is growing and we’re hiring all types of roles.
WorkOS builds developer tools for quickly adding enterprise features to applications.
This site uses cookies to improve your experience. Please accept the use of cookies on this site. You can review our cookie policy here and our privacy policy here. If you choose to refuse, functionality of this site will be limited.
.webp)
.webp)
