Do you want to add passwordless authentication to your app and don’t know where to start? Read our guide for an overview of the top available methods, their pros and cons, and which one might be the best for you.

Distillation is a technique for creating smaller, faster, and more efficient versions of neural networks while retaining most of their performance.

Do your emails end up in spam? Read this guide to see what you can do to optimize your email deliverability and avoid the spam folder.

DeepSeek R1 is an open-source LLM for conversational AI, coding, and problem-solving. Here's how to run it locally.

Authentik is an open-source Identity Provider (IdP) that allows you to self-host user authentication, single sign-on (SSO), and access controls.

Which products can help you safeguard your app against bots and hackers and how do they compare? Learn what you should look for and what features each vendor offers.

Ente Auth is a modern, secure, and user-friendly two-factor authentication (2FA) solution designed to safeguard online accounts with minimal hassle.

shadcn-ui is a set of reusable React components focused on accessibility, customization, and developer control. It stands out from typical UI libraries by allowing you to own the code directly, thereby reducing external dependencies and version lock-ins.

Announced just this week, DeepSeek-R1 is positioned as a direct competitor to incumbent LLM creators’ flagship models, promising robust reasoning, mathematics, and coding capabilities.

Read about how failed startups that used Google SSO might be susceptible to leaking sensitive information of employees.

Step-by-step tutorial that walks you through the necessary steps to add SSO to your app using SAML, JumpCloud, Node, and WorkOS.

Learn what Zero Trust security is and how it came to be (spoiler alert: Chinese state-sponsored hackers are involved).

Radar can detect threats even when they switch up or spoof their IP address. Here's how.

How will you know once you've found Product Market Fit? Through these signs, which also tell you that you're ready to go upmarket after enterprise customers.

Every day, countless bots attempt to breach applications by exploiting authentication systems. Here's how WorkOS Radar stops them.

How does WorkOS Radar really work? How do you install and set it up and what does it reveal?

Your device leaves a unique trail of digital breadcrumbs whenever you open a web browser. These aren't cookies that you can delete – they're subtle signals from your hardware and software that combine to create something far more permanent: your device fingerprint.

Step-by-step tutorial that walks you through the necessary steps to add SSO to your app using SAML, Okta, Python, and WorkOS.

Step-by-step tutorial that walks you through the necessary steps to add SSO to your app using SAML, Okta, Ruby, and WorkOS.

Step-by-step tutorial on how to add basic user management functionality to your app using Node.js and WorkOS.

This guide explains best practices for keeping your secrets where they belong—secured away from public code and prying eyes.

Your support ticketing system contains sensitive data from multiple organizations and customers. How do you ensure users only see tickets they're authorized to view?

Step-by-step tutorial that walks you through the necessary steps to add SSO to your app using SAML, Okta, Go, and WorkOS.

Step-by-step tutorial that walks you through the necessary steps to add Log in with Google to your app using Go and WorkOS.

Picture this: you've built a powerful authorization system based on Google's Zanzibar design, capable of handling complex permission relationships at scale. Now you want to let developers try it out. How can you let them experiment freely without spinning up countless backend environments?

A critical vulnerability in Microsoft's multi-factor authentication (MFA) system has been discovered by Oasis Security's research team, allowing attackers to bypass time-based one-time passwords (TOTPs) through brute force methods.

Learn how to build and scale authentication systems that serve multiple enterprise customers. This guide explores key concepts in multitenant authentication, from managing organization-specific SSO and security policies to avoiding common pitfalls.

Step-by-step tutorial that walks you through the necessary steps to add SSO to your app using SAML, Entra ID (Azure AD), Node, and WorkOS.

Step-by-step tutorial that walks you through the necessary steps to add Log in with GitHub to your app using Go and WorkOS.

Step-by-step tutorial that walks you through the necessary steps to add SSO to your app using SAML, Okta, Node, and WorkOS.

Explore the top five ABAC solutions in 2024, including their features and who they’re best suited for.

Learn about the best RBAC open-source solutions in 2024 and how they enhance user permission management.

User provisioning is hard, and there are many things you can get wrong if you do it in-house. We gathered some best practices on SCIM to help you with that.

An often overlooked but important component of identity management is customer onboarding.

Launch Week recap (FGA, Radar, Passkeys, Widgets, Actions, Entitlements, Next.js Starter Kit) and more

Compare Stytch, Auth0, and WorkOS to learn what each does, its features, and which one you should use.

Frontegg vs. Auth0 vs. WorkOS: Learn their features, costs, and which is best for your needs.

Compare Clerk vs. AuthO vs. WorkOS to know which one you should use to manage identities in your app.

Want to understand Fine-Grained Authorization’s (FGA) meaning? Read on to learn how it works, benefits, and real-world applications.

Explore how Clerk’s pricing stacks up against WorkOS. Understand the costs and features of each service to make an informed decision for your business.

Auth0 vs. Cognito vs. WorkOS — how do they compare, and which one should you use? Learn everything you need to know here.

Learn what Auth0 offers, how much it costs, and why WorkOS is a better, more affordable alternative.

Discover the best user management software tools in 2024, their key features, and why you should consider them for your app.

Compare RBAC vs. ACL, their differences, how they work together, and which to use.

Explore four top WorkOS alternatives: Auth0, Frontegg, Clerk, and Stytch. Compare their features, pricing, and what they are best suited for.

Explore the top Auth0 alternatives in 2024: WorkOS, Cognito, Firebase, KeyCloak, and Frontegg.

Explore why businesses seek Clerk alternatives, featuring top options like WorkOS, Auth0, Okta, Firebase, and OneLogin.

Discover the top five Frontegg alternatives for 2024. Compare features, pricing, and best use cases to find the perfect fit for your needs.

Learn about user management, including why it’s important, the most important functions, key protocols, and more.

Explore the top user management services in 2024, including WorkOS, Okta, Zluri, and more.

SSO is necessary if you want to sell to enterprise customers, but doing it well is hard. We gathered some best practices that can help you with that.

Learn what access management is, why it matters, how it works, and strategies to protect your business data effectively.

Learn what makes Google Zanzibar the best authorization solution and how WorkOS FGA builds on top of these features.

Learn about the failed authentication events you can get from WorkOS and how you can use them to implement features in your app.

In this tutorial, paired with companion code, you’ll learn to build a secure, scalable document access control system using WorkOS FGA, AWS Lambda Authorizers, and Amazon S3.

Learn everything you need to know about OAuth: what it is, what problem it solves, and how it works.

Review some of the common SAML security vulnerabilities and see how you can defend against them.

Learn how to map groups from external identity providers to user roles in your app using SSO or SCIM.

WorkOS is introducing Entitlements powered by Stripe: one-button setup for enabling immediate, subscription-based access to plans, features, and products. Entitlements are available to all AuthKit customers for free.

Every business starts with an idea, followed by the challenge of picking the right tech stack. In a crowded field where choosing the right technology is key yet time-consuming, starter kits help you focus on building your idea rather than reinventing the basics. That’s why we’re announcing the WorkOS-built Next.js B2B Starter Kit today.

We often think of auth as a binary decision—allowed or denied—but what if you want to factor in private knowledge or custom logic at runtime? Actions let you change how WorkOS behaves and customize user registration and authentication logic with AuthKit. Actions are also free to all AuthKit customers.

Widgets are ready-made components that provide complete enterprise features with a few lines of code. They are now available for free to all AuthKit customers.

FGA is the most flexible and granular authorization system, built for product and engineering teams looking to quickly implement fine-grained permissions in their applications. Use FGA to centralize your authorization logic, implement complex authorization schemes like Google Docs-style permissions, and define precise access control that goes beyond RBAC.

Ever wondered how tools like GitHub's CLI let you authenticate with a single gh auth login command? In this tutorial with companion code repo, we go through the implementation step by step.

Radar enhances AuthKit with powerful security features to protect your application from abuse, fraud, and attacks. It automatically detects authentication patterns that indicate malicious or suspicious behavior and includes six built-in preventions that can be enabled with a single click.

Passkeys allow you to log into your account using biometrics instead of a password. They are now available for free to all AuthKit customers.

XSS attacks are not to be taken lightly. Learn what XSS is, the different types of attacks, and how you can defend against them.

Every provider does SCIM differently. If you don't pay attention, the results can be catastrophic. Read about these differences, the challenges that arise from them, and how WorkOS can help you overcome them.

Learn why it is important for SAML certificates to expire and how having a plan in place to handle expiration can avoid downtime.

Learn how to securely authenticate users accessing your service through a command-line tool, enabling safe, scriptable workflows across terminals, machines, and Docker containers.

What is SCIM, and why do you need to support it in your SaaS? We’ll discuss the SCIM standard in-depth, how it works, and how you can add SCIM support to your app.

Learn about JSON Web Token (JWT) validation, why it’s important, what the best practices are, and how to do it using trusted third-party libraries.

Learn what social logins are, how they work, and how you can integrate them into your app using WorkOS.

Google Zanzibar is a globally distributed authorization system that manages permissions at scale. Learn how it works and which open source implementations are right for you.

RBAC associates permissions with roles, which are then assigned to users. ReBAC allows you to model complex relationships. Which is better for your use case?

User provisioning simplifies onboarding, tightens security, and automates user access management.

Universal Login or Universal SSO streamlines user authentication to log employees into multiple apps quickly and securely. Learn how it works.

Learn what is user deprovisioning, how it works with SCIM, and how you can implement it with WorkOS.

Learn what authentication tokens are, the different types, and how you can generate and secure them.

What is the Okta App Store or Integration Network (OIN), and should you use it?

Learn why Single Sign-On (SSO) is essential, which are the best practices to follow, and how to add SSO to your app using WorkOS.

With RAG and GenAI applications, how can you ensure users only see results from documents they have permission to access? In this runnable tutorial, we demo using WorkOS Fine-Grained Authorization to secure your documents.

Learn how OTP bots work, their role in bypassing MFA, and the top methods to protect your accounts from these cyber threats.

A guide on how to model your SaaS using organizations and WorkOS.

The Microsoft Entra ID app gallery is a collection of thousands of apps pre-integrated with the Microsoft Identity stack. Learn how this gallery can help, and when it's not the right choice.

Implementing SAML on your own can be a challenge. In this article, we’ll show you an easier way of adding SAML support to any app using the WorkOS SSO API.

As apps have become more complex, especially with the rise of user-generated content, the need for a more granular and scalable authorization scheme has become crucial. Unlike other models, Fine-Grained Authorization defines permissions at the resource level, providing precision and the ability to handle millions of authorization requests per second.

SCIM is a widely used protocol, but not many people understand it. This straightforward and comprehensive guide steps through how it works, using real-world examples and API calls and responses.

On September 10th, 2024, a critical security flaw was disclosed in the Ruby-SAML and OmniAuth-SAML libraries, exposing a vulnerability that allows complete authentication bypass. This flaw, CVE-2024-45409, earned the highest possible score of 10 on GitHub's CVE rubric and a 9.8 NIST base score, making it a "worst-case scenario".

Explore the details of Auth0's pricing, its limitations, and what makes WorkOS a more transparent and scalable alternative.

Learn what X.509 certificates are and how to generate them with our comprehensive guide. Easy-to-follow steps included.

A technical guide on how you can migrate your RBAC implementation to Fine-Grained Authorization (FGA) using WorkOS. Learn how to check a user’s access to resources, manage your FGA implementation, and favor performance vs consistency on a per request basis.

Migrate your RBAC implementation to Fine-Grained Authorization (FGA) using WorkOS. Learn what is FGA, how to define resources, relationships, and inheritance rules, and how to test and validate the access model.

Learn what enterprise SSO is, why enterprises need it, how it works, and why you should support it in your SaaS.

Learn what OpenID Connect (OIDC) is, how it works, why you should use it, and how to implement it using WorkOS.

Enterprise Ready Conference, HIPAA compliance, frontend sessions, AuthKit branding customization

Learn what single logout is, its benefits, why it's important, and why it has such limited support.

Learn what sessions are and how you can implement them from scratch or using an auth provider like WorkOS.

AuthKit now supports sessions for public clients, like mobile and single-page apps. Use the WorkOS React SDK to keep your users logged in for longer while keeping them safe from attacks.

Learn what PKCE is, why it's essential for securely authenticating users in mobile and single-page apps, and how you can keep your users safe by using AuthKit and WorkOS.