Blog

Product

Jun 27, 2025

Authenticate CLI tools seamlessly with OAuth Device Flow

Allow users to sign in via CLIs and on TVs and other non-traditional devices

Eric Roberts

Product

Jun 26, 2025

Introducing AuthKit Add-ons

Connect AuthKit to the tools you already use.

Enterprise Ready authentication for Supabase, powered by WorkOS

Now you can integrate WorkOS as a third-party auth provider in Supabase—unlocking Enterprise Ready authentication for your app in minutes.

Understanding the OAuth 2.0 Client Credentials flow

Learn how to use OAuth for secure machine-to-machine communication with the Client Credentials flow.

What is Arcade.dev? An LLM tool calling platform

Large Language Models (LLMs) excel at producing text, but many applications need them to do more: raise GitHub issues, star a repository, or send Twilio messages in real time.

RBAC best practices

Ensure the right people have the right access. Check out our RBAC best practices guide and avoid common pitfalls.

How to build RBAC with WorkOS and Node

Step-by-step tutorial that walks you through the necessary steps to add role-based access control (RBAC) to your app using WorkOS and Node.

The battle against bots: How to detect and stop them

Bots are everywhere. How can you distinguish the bad from the good, and how can you stop them? Read our guide for practical steps on how to stop bots and protect your app.

Scaling up: Why Fine-Grained Authorization is key as your product moves upmarket

When your goal is selling to enterprises, sooner or later, you will have to leave RBAC for a fine-grained authorization model. Read more about why that is and how you can make the move.

What is federated identity?

Learn what federated identity is, how it works, its pros and cons, and how it differs from SSO and social logins.

January Updates

Custom Logout URIs, Session Inactivity Timeouts, and AuthKit Next.js SDK v1.0

Which auth providers support SCIM?

Do you plan on outsourcing SCIM and you don't know where? Read this article for a list of auth providers that support SCIM and a comparison of the features they offer.

Passwordless authentication: your options explained

Do you want to add passwordless authentication to your app and don’t know where to start? Read our guide for an overview of the top available methods, their pros and cons, and which one might be the best for you.

Email deliverability and spam prevention: why your emails aren’t getting delivered and how to fix it

Do your emails end up in spam? Read this guide to see what you can do to optimize your email deliverability and avoid the spam folder.

How to run DeepSeek locally

DeepSeek R1 is an open-source LLM for conversational AI, coding, and problem-solving. Here's how to run it locally.

What is Authentik?

Authentik is an open-source Identity Provider (IdP) that allows you to self-host user authentication, single sign-on (SSO), and access controls.

Defending against bad actors: WorkOS Radar vs Castle vs Auth0 vs Stytch vs Arcjet

Which products can help you safeguard your app against bots and hackers and how do they compare? Learn what you should look for and what features each vendor offers.

What is Ente Auth?

Ente Auth is a modern, secure, and user-friendly two-factor authentication (2FA) solution designed to safeguard online accounts with minimal hassle.

Zack Proser

Jan 23, 2025

We’re hiring

Our global team is growing and we’re hiring all types of roles.

View open roles

About us

WorkOS builds developer tools for quickly adding enterprise features to applications.

Learn more