Blog

Guides
Oct 7, 2025

A developer’s guide to MCP auth

Everything you need to know to secure your MCP server using OAuth 2.1 and PKCE, server and auth metadata, client registration, JWT validation, and role-based access control.

Maria Paktiti
Read more
Guides
Aug 6, 2025

Understanding MCP features: Tools, Resources, Prompts, Sampling, Roots, and Elicitation

Learn how to leverage Model Context Protocol’s six core features to build secure and scalable AI applications.

Maria Paktiti
Aug 6, 2025
Guides
Jul 22, 2025

Why most enterprise AI projects fail — and the patterns that actually work

42% of companies abandoned most AI initiatives in 2025, up from just 17% in 2024. After analyzing dozens of enterprise deployments, we found 4 patterns that separate winners from the graveyard of abandoned prototypes.

Zack Proser
Jul 22, 2025
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
News
Jan 14, 2026

Baseten is betting big on open source models

A conversation with Philip Kiely from Baseten at AWS re:Invent 2025.

Noelle Festa
Jan 14, 2026
News
Jan 14, 2026

Ben Gilbert and David Rosenthal from Acquired on what makes companies last

A conversation with the hosts of Acquired podcast.

Noelle Festa
Jan 14, 2026
News
Jan 14, 2026

10 takeaways from AWS re:Invent 2025

We spent a week at re:Invent interviewing founders, CTOs, and builders across the developer tools ecosystem. Here's everything we learned.

Noelle Festa
Jan 14, 2026
Tutorials
Jan 14, 2026

How to handle JWT in JavaScript

A practical guide to creating, sending, and validating JSON Web Tokens in modern JavaScript.

Maria Paktiti
Jan 14, 2026
Guides
Jan 13, 2026

Beyond request-response: How MCP servers are learning to collaborate

How MCP is evolving from model-driven execution to collaborative workflows with sampling and elicitation.

Maria Paktiti
Jan 13, 2026
Guides
Jan 12, 2026

What is Private Key JWT: Deep dive into asymmetric client authentication

What asymmetric client authentication is, why it’s safer than client secrets, and how it works in practice.

Maria Paktiti
Jan 12, 2026
Guides
Jan 9, 2026

Understanding URL-mode elicitation in MCP

Why some user interactions cannot safely happen inside the MCP client, and how URL-mode elicitation helps.

Maria Paktiti
Jan 9, 2026
Jan 8, 2026

Authorization for RAG at Scale: Why You Shouldn't Sync Every Document

The naive approach to RAG authorization creates a scaling nightmare. Here's the pattern that actually works.

Zack Proser
Jan 8, 2026
Guides
Jan 8, 2026

Customer and user onboarding for real-world B2B SaaS

A practical guide to onboarding organizations, admins, and users at scale.

Maria Paktiti
Jan 8, 2026
Guides
Jan 8, 2026

Fireworks.ai: The PyTorch Team's Bet on Inference as the New Runtime

Fireworks.ai is betting that inference is the real AI runtime. A look at its PyTorch roots, serving stack, and compound model strategy.

Zack Proser
Jan 8, 2026
Product
Jan 7, 2026

December Updates

WorkOS Pipes, AuthKit for Platforms, Multiple Roles for SSO and SCIM, & more

Conner Simmons
Jan 7, 2026
Guides
Jan 7, 2026

The enterprise infrastructure layer behind successful AI applications

The hidden stack that lives between a model that works and a product that scales.

Maria Paktiti
Jan 7, 2026
Guides
Jan 7, 2026

How MCP Clients Find Your Auth Server (Without You Telling Them)

The spec evolution that made zero-config MCP connections possible—and closed a category of security holes

Zack Proser
Jan 7, 2026
Guides
Jan 6, 2026

Feature Flags as a Change Management Strategy for B2B Apps

How enterprise software teams can ship faster without breaking trust

Zack Proser
Jan 6, 2026
Glossary
Dec 22, 2025

Private Key JWT vs Client Secret: Choosing the right OAuth authentication for confidential clients

Understand how OAuth clients authenticate and when you should use client secrets vs private key JWT.

Maria Paktiti
Dec 22, 2025

No results found

Please try a different search

We’re hiring

Our global team is growing and we’re hiring all types of roles.

View open roles
About us

WorkOS builds developer tools for quickly adding enterprise features to applications.

Learn more

This site uses cookies to improve your experience. Please accept the use of cookies on this site. You can review our cookie policy here and our privacy policy here. If you choose to refuse, functionality of this site will be limited.