null I Built a Task Management API in Laravel to Learn the Fundamentals (Here's What Happened) on SitePoint.
#authentication
12 posts
4 Jun
13 May
On a recent software development project that already planned to use AWS, we used AWS Cognito for authentication. Cognito is Amazon’s managed identity platform for web and mobile apps, offering features like MFA, password reset flows, and sign-in. On paper, it’s a strong fit for projects already using AWS. In practice, the rough edges cost […] The post 3 AWS…
9 Apr
Here’s how I replaced Payload CMS’s built-in login system with Better Auth so an Next.js site and its Payload admin panel could share the same authenticated session. Using Payload CMS If you’re comfortable working in a Next.js app, and you haven’t given Payload CMS a try, you really should. It’s a config-first Typescript CMS that […] The post Use Better…
17 Dec 2025
Learn how to debug silent failures in AWS API Gateway HTTP when your OIDC provider doesn't implement the .well-known/openid-configuration endpoint. Enable FailOnWarnings to catch these issues before they break your production deployment.
6 Mar 2025
API security is crucial, as it directly impacts your business’s success and safety. How well you secure your APIs can make or mar your product, and it is of utmost importance to spend time thinking about security. I have seen developers work in Postman without properly securing their credentials, often leaving API keys exposed in shared environments or logging sensitive…
29 Nov 2023
A tool for Identity Federation Security Assertion Markup Language, or SAML, is an open standard for exchanging authentication and authorization data between two parties. It’s a common strategy for single sign-on (SSO), allowing users to sign in once and authenticate with multiple third party applications. Similar to OAuth2.0, SAML promotes data security by preventing direct […] The post SAML Protocol…
18 Jul 2023
Adding AuthN to OAuth2.0 OpenID Connect (OIDC) is an authentication protocol that sits on top of the OAuth2.0 protocol. It provides a standardized way for clients to authenticate users and obtain information about their identity. In simple terms, OpenID Connect allows users to log in to different applications using a single set of credentials. It […] The post OpenID Connect…
23 May 2023
A primer on delegated access OAuth, short for “open authorization”, is a widely used protocol that allows users to grant third-party websites or applications access to their personal information on other websites. It provides a mechanism for secure access delegation across the internet. History Class Prior to the creation of OAuth, sharing of information with […] The post What is…
22 Mar 2023
Demystifying authentication and authorization When you hear the term Auth, what comes to mind? You probably think of signing into a system with your username and password, and you’re half right. But auth is bigger than that. The bucket term also includes everything you can do in a system once you submit those credentials. Auth […] The post AuthN vs…
30 Oct 2022
Pocketbase is an open-source application and alternative to Google Firebase. This is offering realtime database, authentication(including social), and file storage for your next web and mobile application. This article is about how to host the Pocketbase application server which usually runs at 8090 port with your existing application server. If you are using Linux and Apache based server, the following…
27 Jul 2017
Clever Instant Login makes it easy for students to log in to their learning applications, saving valuable instructional time. By using the widely-deployed OAuth 2 protocol, our team tries to save valuable development time and make it easy for our app customers to create integrations. OAuth 2 has been a fairly smooth road, but we […] The post Clever Instant…
8 Feb 2012
After some years of working with (and fighting against) Subversion I decided to setup a Git repository for our company. Every developer should decide on their own what Version Control System he wants to use. Jeremy Skinner wrote an excellent article about hosting a Git repository on Windows which was […] The post Windows Server 2016 or 2019 as a…