A deep dive into the MCP Registry's architecture, exploring design decisions, implementation details, and the sophisticated systems that enable standardized server distribution while maintaining flexibility for custom implementations.

We localized AuthKit into 90 languages in 5 weeks. Learn how we did it, and how you can do it for your web-based product.

Learn how attackers exploit human behavior to bypass multi-factor authentication, and how to stop them.

Everything you need to know to secure your MCP server using OAuth 2.1 and PKCE, server and auth metadata, client registration, JWT validation, and role-based access control.

A complete developer’s guide to SAML certificates: X.509, signing, encryption, rotation, and management for secure Single Sign-On (SSO).

A step-by-step guide to moving users, organizations, MFA, and enterprise features from Auth0 to WorkOS, so you can scale with predictable pricing and an enterprise ready platform.

New this month: AuthKit in 90 languages, Native AuthKit integration for Convex, Multiple Role support for AuthKit, and more

AI agents are powerful, but without access control, they can create serious risks. Learn how to manage permissions safely with RBAC, OAuth, and Audit Logs.

Discover the new features from WorkOS Fall Launch Week 2025, including multiple roles in AuthKit, Convex integration, localization, custom email providers, and feature flags in Slack—built to help you ship Enterprise Ready apps faster.

The WorkOS Slack app brings transparency to your feature rollouts, helping teams coordinate better and debug faster.

WorkOS now lets you send transactional emails through your own provider—like SES, Postmark, Resend, or SendGrid—giving you full control over deliverability, reputation, and visibility while keeping the simplicity of WorkOS auth flows.

AuthKit now automatically translates into ~90 languages based on your users' operating system settings.

AuthKit is now the default authentication option for Convex projects, enabling zero config Enterprise Ready authentication for real-time applications

AuthKit now supports assigning multiple roles per organization membership, giving users the union of permissions across roles. This feature eliminates role explosion and makes access control more flexible and intuitive.

A practical guide to securing MCP model–agent interactions: prevent prompt injection, privilege escalation, replay attacks, and data exfiltration with validation gateways, signing, DLP, and scoped creds.

SAML certificates don’t work the same way as web SSL certificates. Here’s why self-signed certificates are the secure, standard choice for SAML, and when a CA-signed certificate might still make sense.

A guide to understanding air-gapped environments, why enterprises rely on them, and how WorkOS can deliver modern authentication even in the most isolated deployments.

The WorkOS team recently hosted a 2-day Enterprise MCP hackathon with approximately 100 attendees.

Discover the top 5 Auth0 alternatives in 2025 — including WorkOS, Microsoft Entra ID, Amazon Cognito, Firebase Authentication, and Keycloak — with a head-to-head comparison and migration tips.

Step-by-step tutorial on integrating Single Sign-On, Multi-Factor Authentication, and Passwordless login into your .NET app with WorkOS.

A developer-friendly guide to Proof Key for Code Exchange (PKCE): how it works, the problems it solves, and why it’s essential for secure OAuth flows, regardless of the application type.

If you’ve built a custom Identity Provider, you’ll need to implement SCIM client functionality yourself. This guide shows you how to build a standards-compliant SCIM 2.0 client that can provision users and groups using WorkOS as the SCIM service provider.

By creating a central catalog of available servers, the MCP Registry has solved the discovery problem—but that's only half the equation. The real challenge lies in authentication.

Learn the best practices for implementing multi-factor authentication (MFA), from reducing MFA fatigue to improving user experience, with guidance for both B2C and B2B apps.

MCP-UI represents more than an incremental improvement to agent interfaces—it's a fundamental shift toward interactive, context-aware AI systems that can deliver rich experiences directly within conversational flows.

Product engineers don’t just write code, they own the whole delivery lifecycle.

Representatives from OpenAI and Anthropic discuss the origins of MCP, early adoption challenges, security concerns, and the future of AI tool integration at MCP Night 2.0.

Marissa Felix and Kenneth Sinder from Notion's API team demonstrate how their MCP server bridges the gap between documentation and implementation, enabling developers to go from product requirements to working code with a single prompt.

Harald Kirschner from VSCode/GitHub shares how they systematically identified and solved the five biggest MCP pain points, transforming the developer experience from frustrating to delightful.

New this month: Standalone OAuth for MCP, Feature Flags API, BYOK in Vault, disposable email blocking, & more

A 2025 guide to the top SCIM providers (WorkOS, Auth0, and Stytch) for SaaS teams that need enterprise ready user provisioning.

Block's Richard Moot demonstrates how they reduced their entire Square API platform—over 30 APIs with 200+ endpoints—down to just three MCP tools using an elegant layered approach.

Step-by-step guide to building a secure "sign out of all devices" feature using the WorkOS Sessions API in Node.js.

Eric Zakariasson from Cursor shares compelling data about how developers are actually using MCP in production, revealing adoption patterns and the most popular MCP servers in their ecosystem.

Valentina Bearzotti from Basement Studio demonstrated XMCP, a framework that might be the fastest way to create and deploy MCP servers, featuring file-system-based routing and one-command deployment.

At MCP Night 2.0, the team from Mux delivered one of the most compelling demonstrations of how MCP can transform video infrastructure for AI applications.

Liad Yosef and Ido Solomon from Monday.com demonstrate MCP-UI at MCP Night 2.0, showcasing how their framework brings rich, interactive user interfaces directly into AI agent conversations.

Learn what’s new in OAuth 2.1, why it’s replacing OAuth 2.0, and how to upgrade your app securely with modern best practices.

A practical guide to securing Model Context Protocol (MCP) deployments. Learn the key risks of MCP and the best practices for both servers and clients to build safer, more reliable AI integrations.

Learn how WorkOS acts as an OAuth bridge that removes authentication complexity so you can focus on building your MCP server's core functionality.

Bad sign-ups cost you money, skew your metrics, waste engineering time, and create compliance risks. Here’s how to block them before they hurt your SaaS.

Learn Apple’s 2025 App Store authentication requirements and see how to implement Sign in with Apple and other social logins using WorkOS AuthKit with OAuth 2.0 PKCE in your iOS app.

MCP vs A2A explained. Learn how these AI agent protocols differ, where each falls short, and why most real systems need both working together.

A 2025 guide to the top SSO solutions for SaaS apps, including features, pros, cons, and pricing, so you can choose the right provider to secure enterprise customers fast.

Learn how to set up Okta SAML Single Sign-On (SSO) and SCIM user provisioning with WorkOS in just one day using Node.js, enabling secure authentication and automated user management for your enterprise customers.

Why identity provider diversity is harder than it looks, and how WorkOS solves it with only one integration.

Learn how to use the WorkOS Sessions API to list and revoke user sessions, implement “sign out everywhere,” and strengthen SaaS security with enterprise-grade session management.

Learn how to implement organization-level feature flags in your B2B SaaS to enable features for specific customers, manage entitlements, and handle rollouts with a step-by-step guide using WorkOS Feature Flags.

On August 7, 2025, MCP Night 2.0 brought together 700 engineers, founders, and researchers at the Regency Ballroom in San Francisco for an evening of demos, discussions, and networking around the Model Context Protocol.

We’ve reimagined our technical interview to focus on what really matters: problem-solving.

Learn how the Model Context Protocol (MCP) handles authentication and authorization using OAuth 2.1 and API keys. This guide covers common patterns, security considerations, current limitations, and how to build a standards-compliant MCP server.

A guide for SaaS teams facing synthetic identity, deepfake, and account abuse risks. Learn how AI-driven fraud is reshaping digital security, and how WorkOS Radar enables real-time detection and prevention before damage is done.

Learn how to leverage Model Context Protocol’s six core features to build secure and scalable AI applications.

Learn the difference between MFA and SSO, why they’re not interchangeable, and how using both creates seamless and secure enterprise access management.

Discover why the decades-old SAML protocol remains indispensable for enterprise SSO and federation, how it compares to modern OpenID Connect, and what the future of identity federation holds.

ChatGPT’s release in late 2022 marked the beginning of the large language model era. But 2024 brought a quieter, more technical shift: the rise of reasoning LLMs. Two years later—how is it actually going?

Step-by-step tutorial that walks you through the necessary steps to add automated user provisioning to your app using SCIM, Google Workspace, Ruby, and WorkOS, with just a few lines of code.

Discover how SCIM (System for Cross-domain Identity Management) transforms B2B SaaS scalability by automating user provisioning, enhancing security, and enabling enterprise growth with WorkOS.

New this month: Convex Integration, Country Blocks, SMS Challenges, Custom Fonts, & More

WorkOS and Convex join forces to bring seamless Enterprise Ready authentication to the modern TypeScript backend.

Anthropic’s Computer Use gives Claude direct control over your desktop, letting it interact with native apps and the web like a human. OpenAI’s Computer Using Agent runs GPT-4o in a secure virtual browser, where it follows high-level instructions to navigate web UIs and complete tasks.

Authenticate users in your Go command-line tool with a secure OAuth 2.0 Device Code flow using WorkOS. This tutorial shows how to implement login via the terminal, step by step.

A complete technical guide to understanding SAML assertions, covering their structure, responses, lifecycle, common errors, debugging best practices, and step-by-step implementation of SAML SSO using WorkOS.

Can an LLM build a non-trivial UI component? I tested Claude, Gemini, and o3 on a tree-based combobox and shared what worked, what didn’t, and where they fell short.

AI-powered deepfakes and impersonation attacks are skyrocketing. Learn real-world examples, defensive strategies, and how WorkOS helps secure enterprise authentication and identity systems.

Explore the key differences between MFA (Multi-Factor Authentication) and Passwordless Authentication. Learn which approach is more secure, user-friendly, and scalable for your organization in 2025.

Authenticate users in your Python command-line tool with a secure OAuth 2.0 Device Code flow using WorkOS. This tutorial shows how to implement login via the terminal, step by step.

A technical deep-dive to building enterprise ready user management in B2B SaaS, covering SSO, SCIM, RBAC, MFA, audit logs, and what to build vs. buy.

Transform your AI-generated prototype into a secure, scalable solution that enterprise customers will actually buy. Learn the essential steps to bridge the gap between Lovable's rapid development and true enterprise readiness.

Lost your phone or can’t access your authenticator app? Learn how backup MFA codes work, why they matter, and how to use them to stay secure and in control.

A practical guide to designing user-friendly multi-factor authentication (MFA) flows that improve security without sacrificing user experience, covering both enrollment and sign-in best practices.

While most companies struggle with AI proof-of-concepts, industry leaders have quietly published the playbooks behind these enterprise successes. Here's what separates Enterprise Ready AI agents from expensive experiements.

How to turn your Model Context Protocol (MCP) server from a developer demo into a secure, scalable, enterprise ready platform, with best practices for auth, identity, governance, and beyond.

42% of companies abandoned most AI initiatives in 2025 — up from just 17% in 2024. After analyzing dozens of enterprise deployments, we found 4 patterns that separate winners from the graveyard of abandoned prototypes.

Learn what SAML is, how it enables secure Single Sign-On (SSO), how it differs from OAuth, and how to set it up, all explained in plain English.

Learn how to add enterprise-grade OAuth2 authentication to XMCP servers with AuthKit in just a few lines of configuration. Perfect for securing AI tools, multi-tenant platforms, and internal applications.

Learn how SSO and automated user provisioning help B2B SaaS companies meet compliance standards like SOC 2, ISO 27001, HIPAA, and GDPR, and how WorkOS can get you enterprise-ready fast.

A comprehensive guide to the OAuth 2.0 Authorization Code Grant, including how the flow works, how to implement it with PKCE, and what’s new in OAuth 2.1.

Learn how to add Multi-Factor Authentication (MFA) to your homegrown authentication system using WorkOS, with detailed code examples for TOTP and SMS-based flows.

A technical dive into man-in-the-middle (MITM) attacks—how they work, real-world tactics used by attackers, and best-practice defenses to protect software systems, APIs, and network traffic.

A beginner-friendly introduction to AI agents, exploring what they are, how they work, the different types, and why they matter in today’s AI-driven world.

Learn how MCP Roots define resource boundaries in distributed systems, enabling clients to scope server behavior with clear, URI-based context declarations.

Authenticate users in your Node.js command-line tool with a secure OAuth 2.0 Device Code flow using WorkOS. This tutorial shows how to implement login via the terminal, step by step.

These agentic AI examples in Python show the difference between systems that can reason and make decisions autonomously, and traditional more deterministic programming paradigms.

Not long ago, we worked hard to keep bots off our websites. Today, we’re optimizing for them, especially LLMs like GPT and Claude. Here's how companies are opening up their content, while still fighting abuse where it counts.

SMS-based multi-factor authentication (MFA) is still common, but it's fundamentally insecure. This article explains why developers should avoid SMS MFA and adopt stronger, phishing-resistant alternatives like TOTP and WebAuthn.

We built an MCP server template with Vercel's MCP adapter and secured by WorkOS AuthKit that you can use to rapidly deploy secured MCP servers globally.

Learn how Single Sign-On (SSO) works, the differences between SAML and OIDC, and how to add enterprise-grade authentication to your app in minutes with WorkOS.

A technical deep dive into the key differences between B2B and consumer authentication, with real-world examples and a breakdown of how WorkOS simplifies enterprise-ready auth.

Learn how to design APIs, documentation, authentication, and UIs that LLM-powered AI agents can reliably use. This guide covers agent-friendly patterns for error handling, rate limiting, pricing, and product integration.

A visual overview of how Causal, Predictive, Generative, and Agentic AI relate — and why understanding their interplay matters for building smarter systems.

Make your website legible and preferred by LLMs like ChatGPT and Claude. A practical guide to modern SEO for AI crawlers, structured data, and bot-friendly surfaces, without compromising security.

New this month: Custom CSS for AuthKit, WorkOS Feature Flags, CLI Auth, & more

Learn how to design, build, and test AI agents powered by LLMs. This guide covers model selection, tool usage, prompt design, agent orchestration, authentication, and safety best practices.

Allow users to sign in via CLIs and on TVs and other non-traditional devices

Connect AuthKit to the tools you already use.

Now you can integrate WorkOS as a third-party auth provider in Supabase—unlocking Enterprise Ready authentication for your app in minutes.

Designed for B2B applications, Feature Flags let you easily create organization-specific rules and roll out new features faster and more safely. Best of all, they’re integrated with AuthKit and can be enabled with just a few clicks.

Now you can tailor your AuthKit login experience with precision using custom CSS—style individual elements, test hover states, and preserve your changes as you go. All without sacrificing core functionality.

A new runtime feature in the MCP ecosystem lets servers ask the user for exactly the context they need—when they need it.