Home / Companies / WorkOS / Blog / March 2026

March 2026 Summaries

50 posts from WorkOS

Filter
Month: Year:
Post Summaries Back to Blog
AI agents face significant challenges in interacting with applications due to the limitations of traditional human-centric authentication methods, such as login screens, which are the primary bottleneck for their utility. Various hack approaches, like cookie syncing and credential injection, have been used to bypass these barriers, but they introduce security risks and lack control, auditability, and scoped permissions. The text argues for the adoption of OAuth 2.1, which provides a more secure and structured framework for agent authentication by offering scoped permissions, time-limited access, auditability, and revocability, allowing agents to act within defined boundaries. The use of OAuth enables agents to access applications securely and transparently, aligning with organizational security models and providing enterprise IT teams with necessary visibility and control. This transition marks a shift from ad-hoc, insecure methods to a standardized, robust approach to integrating AI agents with software systems, emphasizing the need for proper identity management and secure access protocols.
Mar 31, 2026 2,029 words in the original blog post.
AI agents have evolved beyond simple chatbots to autonomously manage complex tasks across various systems, raising critical security and governance challenges. The OWASP Top 10 for Agentic Applications outlines the most significant risks these systems face, such as goal hijacking and rogue agents, and emphasizes two foundational design principles: least agency and strong observability. Least agency involves limiting an agent's autonomy in decision-making and actions, requiring nuanced consideration of dimensions like scope, planning depth, delegation breadth, and action reversibility. Strong observability goes beyond logging to provide continuous, queryable insights into what agents are doing, why, and under whose authority, ensuring that every action is traceable and verifiable. These principles are interdependent; without observability, least agency becomes blind constraint, and without least agency, observability becomes unmanageable. Implementing these principles requires a robust identity infrastructure that assigns agents their own identities and enforces fine-grained, resource-scoped permissions, enabling a feedback loop where least agency informs observability and vice versa. The WorkOS platform offers solutions like RBAC and Fine-Grained Authorization to help implement these principles without building an entire infrastructure from scratch, addressing the vulnerabilities outlined in the OWASP framework.
Mar 31, 2026 3,273 words in the original blog post.
WorkOS Pipes is a feature designed to simplify the process of connecting third-party services to applications by managing OAuth flows, credential storage, and token refreshes, allowing developers to avoid dealing with these complexities directly. By using Pipes, applications can securely connect to services like GitLab, GitHub, Slack, Google, and Salesforce, among others, while the backend handles token requests to access provider APIs. This tutorial demonstrates how to use Pipes to integrate GitLab into a Node app, guiding users through configuring the provider, adding the Pipes widget for account management, and retrieving tokens to access GitLab data. The approach is scalable, making it easy to add more integrations with minimal changes and allowing developers to focus on building application features without maintaining OAuth infrastructure.
Mar 30, 2026 1,509 words in the original blog post.
AI agents have evolved beyond simple chatbots to autonomously perform complex tasks such as scheduling meetings, managing finances, and executing workflows without constant human oversight. This shift has introduced new security concerns, prompting the OWASP GenAI Security Project to release a list of the top 10 risks associated with autonomous AI systems, crucial for developers working with AI-powered applications. Key issues include agent goal hijacking, tool misuse, identity abuse, and memory poisoning, highlighting the need for principles like least agency and strong observability to mitigate risks. Effective security measures involve giving agents their own scoped identity, implementing fine-grained authorization, and ensuring robust audit trails to maintain accountability. WorkOS offers solutions to enforce authentication and authorization at every layer, thereby addressing many of these security challenges.
Mar 30, 2026 3,435 words in the original blog post.
Impossible travel detection leverages the physical impossibility of a person being in two places at once to identify potential security breaches such as credential theft and session hijacking. This method involves analyzing login events from different locations and times; if the travel speed between them exceeds what's physically feasible, the event is flagged as suspicious. Despite its simplicity, naive implementations often result in false positives due to factors like VPNs, mobile network routing, and GeoIP inaccuracies. To reduce noise, mature systems incorporate device fingerprinting, IP classification, user behavior baselines, and session context to filter out benign anomalies. WorkOS Radar, a security layer integrated with AuthKit, exemplifies this approach by using device fingerprinting and geolocation tracking to maintain a low false positive rate, offering configurable response actions such as blocking, challenging, or notifying users of suspicious activity. Radar is part of a broader defense strategy that includes bot detection and credential stuffing defenses, allowing users to customize rules for specific scenarios and manage alerts through a real-time dashboard.
Mar 30, 2026 1,732 words in the original blog post.
Impossible travel detection leverages a fundamental physical constraint—that a person cannot be in two places at once—to identify and mitigate potential security threats like credential theft and account takeover. By comparing login data points such as location and timestamp, the detection system flags suspicious activity if the implied travel speed between locations exceeds feasible limits, typically benchmarked against commercial aviation speeds. Despite its simplicity, naive implementations can generate many false positives due to factors like VPN usage, mobile network routing, and GeoIP inaccuracies. To enhance accuracy, mature systems incorporate device fingerprinting, IP reputation, user behavior baselines, and session context to filter out benign anomalies. WorkOS Radar offers a sophisticated implementation of impossible travel detection by integrating with AuthKit and using device fingerprinting and geolocation tracking to minimize false positives while allowing configurable response actions. This detection mechanism, part of a broader security framework, provides a high-signal tool for identity security by exploiting the immutable laws of physics to thwart attackers, offering seamless integration and real-time insights for users seeking robust authentication threat protection.
Mar 30, 2026 1,732 words in the original blog post.
The focus of the security industry has shifted from merely protecting credentials to addressing the vulnerabilities posed by token replay attacks, where attackers intercept and reuse valid tokens to impersonate legitimate users without needing passwords or MFA challenges. These attacks bypass traditional security measures like SSO and MFA, as they occur after successful authentication. The text illustrates how token replay attacks are executed by capturing tokens via network interception, malware, compromised third-party integrations, or log exposure, and then reusing these tokens to access systems and data. It emphasizes the importance of implementing a layered defense strategy, including short token lifetimes, refresh token rotation, sender-constrained tokens with Demonstrating Proof-of-Possession (DPoP), enforcing Proof Key for Code Exchange (PKCE), binding tokens to contextual signals, and deploying behavioral detection to mitigate such attacks. The piece further advises developers to audit token storage, enforce short-lived access tokens, rotate refresh tokens, adopt DPoP, require PKCE, monitor for anomalies, and manage third-party integrations as essential practices in safeguarding against token replay attacks, asserting that these measures should be integral to the security posture of any organization using OAuth for authentication and authorization.
Mar 27, 2026 1,715 words in the original blog post.
Scopes and claims are integral yet distinct components in the OAuth 2.0 and OpenID Connect frameworks, each serving unique purposes within the authorization process. Scopes function as permission requests, representing broad categories of access that a client application seeks on behalf of a user, and they are presented during the authorization request. These scopes determine which claims, or factual assertions about an entity such as a user, are included in a token. Claims are more granular and are embedded within tokens, providing specific data like user identity or email, which the authorization server issues and resource servers later validate for access. While scopes outline the types of access a user consents to, claims deliver the actual data once access is granted, with their relationship ensuring that only necessary information is shared based on the granted permissions. Understanding the differentiation and interplay between scopes and claims is crucial for developing effective and user-friendly authorization models.
Mar 27, 2026 1,191 words in the original blog post.
Developers often encounter the "invalid redirect URI" error when integrating OAuth-based authentication, which typically arises from mismatches between the redirect URIs registered on the dashboard and those used in different environments, such as local development, staging, and production. The redirect URI plays a crucial role in the OAuth 2.0 authorization code flow by acting as the callback endpoint where an authorization server sends the user post-authentication, ensuring security against unauthorized code interception. WorkOS offers distinct environments with specific redirect URI rules, such as permissive Sandbox environments for local testing and strict production rules requiring HTTPS and domain ownership. While local development can use wildcard ports for flexibility, production environments should avoid wildcards due to security risks. For staging and review apps, wildcard subdomains can streamline the process, but must adhere to strict rules to prevent vulnerabilities. Instead of configuring local environments with production credentials, which poses security risks, developers should use WorkOS's impersonation feature to view user experiences securely, ensuring proper auditing and avoiding the complexity of redirect URI management. This approach emphasizes the importance of keeping environment-specific credentials and configurations separate to minimize errors and enhance security.
Mar 27, 2026 2,106 words in the original blog post.
The Model Context Protocol (MCP) is an open standard developed by Anthropic to facilitate seamless connectivity between AI models and external tools, data sources, and services, transforming how AI applications integrate with real-world systems. Since its introduction in November 2024, MCP has been widely adopted by major tech companies like OpenAI, Google DeepMind, and Microsoft, significantly reducing the complexity of creating custom integrations for AI applications by establishing a universal protocol. MCP was donated to the Agentic AI Foundation under the Linux Foundation in December 2025, making it a community-governed standard. The protocol works by allowing AI applications to connect to tools through a single MCP server, thereby simplifying integration from an N×M problem to an N+M solution. It supports both local and remote server connections, uses JSON-RPC 2.0 for communication, and introduces async tasks for long-running operations. The protocol's architecture includes interactive user interfaces with MCP Apps, enhancing user interaction through rich HTML interfaces. MCP's governance is under the Agentic AI Foundation, with development organized around working groups focusing on transport evolution, agent communication, enterprise readiness, and governance maturation. Despite its rapid adoption and ecosystem growth, MCP faces challenges in enterprise observability, multi-tenancy, rate limiting, and configuration portability, with ongoing efforts to address these through future roadmap developments.
Mar 26, 2026 3,266 words in the original blog post.
The aud claim in JSON Web Tokens (JWTs) is crucial for identifying the intended recipients of a token, as it prevents token replay attacks where a token meant for one service is misused by another. While developers often validate other claims like iss (issuer) and exp (expiration), neglecting aud validation can lead to vulnerabilities, especially in environments where multiple services share the same identity provider. Proper aud validation involves ensuring that the service's identifier is explicitly listed in the token's audience, and it should handle both string and array formats to prevent errors. Additionally, using specific audience values rather than generic ones is essential to maintain security. Developers must avoid common pitfalls such as skipping aud validation, using overly broad audience values, and misusing aud to encode roles or permissions. Integrating aud validation with other claims like iss, sub, and scope ensures that tokens are appropriately authorized for the services they are intended for, reinforcing security against unauthorized access.
Mar 25, 2026 1,742 words in the original blog post.
WorkOS has introduced a free, browser-based JWT (JSON Web Token) Debugger designed to simplify the process of decoding and verifying JWTs without requiring developers to rely on third-party sites. The tool allows users to decode tokens, inspect headers and payloads, verify signatures, and check claims such as expiration dates, all while ensuring that no data leaves the browser for enhanced security. As JWTs are integral to modern authentication flows like OAuth 2.0 and OpenID Connect, the debugger is particularly useful for diagnosing issues in auth flows by providing immediate insights into token validity and claims. The tool is part of WorkOS's broader suite of authentication and identity tools, aimed at streamlining the development of secure applications by offering maintained, up-to-date resources integrated with their existing developer documentation and services.
Mar 24, 2026 530 words in the original blog post.
Authentication is a critical boundary between applications and the outside world, facing increasingly sophisticated threats such as bot farms, credential stuffing, and phishing attacks. Modern authentication systems must address these challenges through comprehensive strategies that include bot detection, password security, email verification, and geographic compliance. Additionally, they need to safeguard against brute force and credential stuffing, phishing, and account takeovers using device fingerprinting, behavioral analysis, and constant-time comparison functions. Post-authentication, attention is required for session management, CSRF protection, and secure recovery flows to mitigate risks like token theft and account takeovers. Multi-factor authentication (MFA) adds a layer of security, though its effectiveness depends on the method used, with WebAuthn and passkeys offering significant resistance to phishing. Organizations must also consider the operational aspects of authentication, such as detecting account sharing and multi-accounting, monitoring dependencies, and preventing secret leakage, all while maintaining robust logging and incident response capabilities. Managed services like WorkOS's AuthKit and Radar can help streamline authentication security by providing integrated solutions that address these threats effectively, allowing teams to focus on product development rather than security infrastructure maintenance.
Mar 24, 2026 6,732 words in the original blog post.
Integrating the "Sign in with Slack" feature into applications is streamlined through WorkOS, an OAuth/OIDC provider that simplifies the authentication process by handling the technical details. By creating a Slack App and configuring it with a Redirect URI and client credentials obtained from the WorkOS dashboard, developers can easily implement Slack authentication in their apps. The process involves setting up AuthKit in a Next.js framework, which is facilitated by the @workos-inc/authkit-nextjs SDK, providing features like session management and route protection. WorkOS enables further functionality, such as additional social logins, multi-factor authentication, and enterprise SSO, without altering the application code. This setup offers a seamless authentication experience, minimizing friction for users already engaged with Slack, and supports a wide range of authentication methods and security features.
Mar 24, 2026 1,765 words in the original blog post.
React Router has evolved into a comprehensive full-stack framework with the integration of Remix in its version 7, offering server-side rendering and a robust authentication model that impacts every layer of a React app. Authentication in this context requires managing sessions server-side with encrypted cookies, rather than relying on client-side storage, which necessitates careful selection of an authentication provider that aligns with React Router's architecture. This text compares five authentication solutions—WorkOS, Auth0, Better Auth, Supabase Auth, and Firebase Authentication—focusing on their integration with React Router's architecture, including loaders, actions, and server-side sessions. WorkOS stands out with its dedicated SDK for React Router, offering seamless integration and enterprise features like SAML SSO and SCIM provisioning, while other providers may require more manual configuration and lack specific React Router support. The choice of provider affects an app's scalability, security, and ability to meet enterprise demands, emphasizing the importance of selecting a solution that aligns with the application's future needs rather than just its current state.
Mar 23, 2026 3,144 words in the original blog post.
The Model Context Protocol (MCP) faces significant challenges in achieving enterprise deployment readiness, with issues such as lack of standardized audit trails, static secret-based authentication, undefined gateway behavior, and non-portable configurations. Despite its growing adoption since being open-sourced by Anthropic in 2024, these obstacles hinder large-scale production use. The 2026 roadmap, led by David Soria Parra, highlights enterprise readiness as a critical priority, alongside transport evolution, agent communication, and governance maturation. The roadmap emphasizes the necessity for structured observability that integrates with existing enterprise compliance systems and proposes shifting away from static secrets towards SSO-integrated flows. It also addresses the need for clear gateway and proxy patterns to ensure consistent authorization and session management across intermediaries. Configuration portability is identified as a deployment blocker due to its current client-specific nature. While solutions to these gaps are still in the pre-RFC stage, the roadmap encourages community involvement, particularly from those in enterprise environments, to shape the development of these features. The roadmap also notes that most enterprise readiness solutions will likely emerge as extensions rather than core specification changes to avoid complicating the protocol for all users. Organizations deploying MCP are advised to anticipate these challenges and proactively design architectures that can accommodate future standardizations.
Mar 23, 2026 1,636 words in the original blog post.
As AI agents become increasingly capable of performing tasks autonomously, traditional API billing methods like subscriptions and API keys fall short, leading to the development of two new protocols: Coinbase's x402 and Stripe's Machine Payments Protocol (MPP). x402 offers an open, straightforward approach by embedding payments directly into HTTP requests using the HTTP 402 status code, allowing agents to make per-request micropayments without accounts or subscriptions. Meanwhile, Stripe's MPP, launched in 2026, facilitates session-based streaming payments, providing compliance and fraud detection benefits through Stripe's infrastructure. While x402 is ideal for low-frequency, agent-driven micropayments, MPP is better suited for high-frequency scenarios due to its session aggregation model. Both protocols have their strengths, with x402 emphasizing openness and minimal setup, and MPP providing a more robust compliance framework. As such, a hybrid approach that combines x402, MPP, and traditional billing may offer the most flexibility in addressing different use cases, with Stripe supporting all methods through its platform.
Mar 23, 2026 3,294 words in the original blog post.
FastAPI is a popular Python framework for building APIs due to its speed, async capabilities, and automatic documentation generation, but securing these APIs with a reliable authentication layer can be challenging. The text outlines how to use WorkOS, a purpose-built identity platform, to handle authentication tasks such as JWT handling, session management, and secure cookie storage, thus allowing developers to focus on business logic rather than building an auth system from scratch. The tutorial guides readers through setting up a FastAPI project, integrating it with WorkOS AuthKit, and implementing session-based authentication to protect API endpoints, using an Expense Tracker API as an example. WorkOS simplifies the authentication process by managing sign-in UI, session tokens, cookie encryption, and supports additional scenarios like machine-to-machine authentication and enterprise SSO without requiring significant code changes.
Mar 20, 2026 2,218 words in the original blog post.
WorkOS Widgets now offer developers the ability to integrate enterprise features like user management, domain verification, and SSO setup directly into their applications using Widget Skills, which utilize AI coding agents to generate app-native implementations. This enhancement allows workflows to be seamlessly incorporated into a developer's existing framework, maintaining the same functionalities as WorkOS Widgets, but with the flexibility to style and structure it according to the app's design system. The code created through Widget Skills is customized and resides within the developer's repository, providing a tailored experience without being confined to a set UI. Supporting a wide range of frameworks and languages, Widget Skills leverage the same APIs as the original WorkOS Widgets, ensuring consistency in enterprise workflows while granting developers greater control and ownership over their application's code. This tool is now available and encourages teams to adopt a more integrated approach to implementing WorkOS-powered workflows.
Mar 20, 2026 606 words in the original blog post.
When using Directory Sync with Azure Entra ID, a common issue arises where users in child groups are not provisioned into applications due to SCIM's lack of support for nested group expansion. Azure Entra ID supports nested groups internally, but during SCIM provisioning, only the literal membership of the assigned group is synced, excluding users in nested groups. This design choice by Microsoft can result in various operational challenges, such as users being unable to log in, unexpected group hierarchies appearing flattened, and silent permission failures. To address these issues, organizations can choose to flatten group memberships, assign child groups directly, or supplement SCIM with the Microsoft Graph API for transitive member lookups. These solutions depend on the structure of the customer's Entra directory and their ability to manage these configurations. Unlike Google Workspace, which natively supports nested groups through pull-based APIs, Entra requires careful management and documentation to avoid provisioning issues and ensure accurate user access.
Mar 20, 2026 1,756 words in the original blog post.
CORS (Cross-Origin Resource Sharing) is a browser security feature designed to manage how web pages from one origin can request resources from a different origin, which is essential for maintaining secure web application interactions. Developers frequently encounter CORS errors when working with APIs from a browser because the server's response headers do not align with what the browser expects, triggering various types of errors such as the absence of the 'Access-Control-Allow-Origin' header or preflight request failures. The document explains nine common CORS errors, including methods for diagnosing and resolving these issues, emphasizing that solutions always involve server-side configuration adjustments to align with browser security requirements. It underscores the importance of understanding CORS mechanisms and correctly setting response headers to ensure secure and functional cross-origin requests, highlighting that CORS does not protect against server-to-server abuses and is solely a browser-enforced policy.
Mar 19, 2026 2,316 words in the original blog post.
Pipes MCP introduces a session-scoped authorization model that enhances security for agent workflows by limiting their access to OAuth-connected systems like Snowflake, Google Drive, and Salesforce to the duration of a specific task. Unlike traditional OAuth models, which provide long-lived tokens that can be refreshed indefinitely, Pipes MCP requires explicit human approval for session initiation and automatically revokes access when the session ends, thus preventing agents from acting unpredictably beyond their assigned tasks. This system leverages existing Pipes connections, requiring no additional integration with third-party providers, and enforces access checks at runtime, making authorization explicit and manageable. By providing a deployable Model Context Protocol (MCP) server, developers can integrate this model into their infrastructure, allowing agents to interact with connected providers as tools within a time-bound session and ensuring that authorization does not silently extend itself. This approach addresses the ongoing debate regarding agent identity and authorization by treating agents as acting on behalf of a user, with access limited to a specific task or session and governed by human-in-the-loop approval, offering a practical solution for securing agent interactions with third-party systems.
Mar 19, 2026 663 words in the original blog post.
The iss (issuer) claim in JSON Web Tokens (JWTs) identifies the principal that issued the token and is crucial for security, as it helps ensure that tokens are only accepted from trusted sources. Despite its importance, the iss claim is often under-validated, leading to security vulnerabilities where attackers can forge tokens that are mistakenly accepted by systems. Proper validation involves explicitly checking the iss claim against a trusted list of issuers and not relying solely on signature validation, as this could allow a malicious actor to present a valid-looking token. Common pitfalls include not validating the iss claim, accepting issuers from uncontrolled dynamic lists, and mishandling string comparisons due to case sensitivity or URL formatting. The iss claim interacts with other claims like sub (subject) and aud (audience), requiring careful handling to prevent identity confusion and token forwarding attacks. Best practices for iss claim validation include always validating it, maintaining a whitelist of trusted issuers, using exact string matching, and combining iss with sub for user identification, thereby strengthening security against token forgery attacks.
Mar 18, 2026 1,295 words in the original blog post.
WorkOS has introduced a series of upgrades aimed at integrating coding agents more seamlessly into the development workflow, moving beyond the traditional human-centric infrastructure tools. These enhancements enable agents to handle tasks such as configuration, diagnostics, and resource management directly from the command line, minimizing the need for manual intervention and dashboard navigation. Key features include the ability to install WorkOS Skills for better agent understanding of APIs, integrate AuthKit without account creation, and use the workos doctor command to identify and resolve common misconfigurations. Additionally, WorkOS now supports declarative environment setup with the workos seed command, allowing agents to define and synchronize WorkOS environments efficiently. Resource commands provide authenticated access to core APIs, enabling agents to query real data for debugging and verification purposes. Together, these improvements transform WorkOS into a more agent-friendly platform, supporting modern development practices where agents and terminals collaborate to enhance efficiency and reduce friction.
Mar 18, 2026 1,221 words in the original blog post.
In the evolving landscape of AI, two types of routing—model routing and tool routing—play pivotal roles in enhancing an AI agent's capabilities. Model routing involves selecting different large language models (LLMs) for specific tasks based on factors such as cost, speed, and intelligence, allowing for efficient and cost-effective processing. Conversely, tool routing expands what an agent can accomplish by integrating various specialized tools and services, enabling functionalities like image generation, code execution, and content management. The combination of these tools transforms AI agents from mere conversational entities into versatile assistants capable of executing complex tasks. This approach, akin to the Unix philosophy of combining small, sharp tools, emphasizes that the true power of AI lies not in the sophistication of the model alone but in its ability to orchestrate and utilize a wide array of tools effectively. As AI ecosystems grow, the strategic integration of model and tool routing can significantly enhance an agent's utility, demonstrating that a well-orchestrated system with specialized tools can surpass even the most advanced standalone models.
Mar 18, 2026 1,124 words in the original blog post.
Prompt injection is identified as the primary security vulnerability in applications utilizing large language models (LLMs), as noted by its top ranking in the OWASP Top 10 for LLM Applications since 2025. This type of attack exploits the way LLMs interpret instructions, targeting the lack of a mechanism to differentiate between trusted and untrusted data. As LLMs process input as a single text stream, they are vulnerable to adversarial instructions that can lead to unintended actions, making it difficult to eliminate this threat entirely. The problem is exacerbated by the absence of a parameterized query equivalent for LLMs, unlike in SQL injection, and the stochastic nature of LLMs further complicates deterministic security guarantees. Prompt injection attacks can be direct, indirect, multi-modal, or agentic, each presenting unique challenges. Effective defense strategies involve layered security measures, including system prompt hardening, input scanning, output validation, privilege minimization, and adversarial testing. Moreover, compliance with regulations such as the EU AI Act mandates defenses against such vulnerabilities. The field requires continuous adaptation, with a focus on building security into LLM integrations from the onset to manage risks associated with prompt injection effectively.
Mar 17, 2026 2,273 words in the original blog post.
A colleague's experience of losing months of data due to a lack of account-level sync in AI tools underscores the fragility of local session states, which are not portable, composable, or durable. Many AI tools store data locally, making it vulnerable to loss when switching devices or experiencing outages. To address this, the text advocates for externalizing context into durable, agent-agnostic systems such as using Obsidian for knowledge management, Linear for task and project state, and version-controlled markdown files for project documentation. This approach allows for seamless switching between tools and ensures that project context is not tied to a specific platform. The use of tools like Model Context Protocol (MCP) and services like OpenRouter further enhances flexibility, allowing users to switch between models and providers without losing their workflow context. By maintaining control over their data and using a system-agnostic approach, users can adapt to the rapidly changing AI tooling landscape without being locked into a single provider or platform.
Mar 17, 2026 2,001 words in the original blog post.
AuthKit Analytics is a new feature integrated into AuthKit that provides users with insight into user activity and organization growth without the need for third-party tools. This analytics dashboard delivers immediate visibility into metrics such as active users, new versus returning users, and user activity across organizations, allowing teams to understand product usage and growth trends over time. The tool is designed to be accessible directly within the WorkOS platform, enabling users to monitor engagement and performance at both the individual and organization levels. AuthKit Analytics is particularly beneficial for teams lacking robust analytics tooling, offering a streamlined, maintenance-free way to gain insights without additional infrastructure. With its focus on organization-level visibility, it helps businesses identify which accounts are growing or stagnating and understand the health of their customer base. This tool eliminates the need for external integrations and is available immediately for all AuthKit users, inviting feedback to enhance its utility further.
Mar 17, 2026 567 words in the original blog post.
MiniMax M2.5, an open-weight Mixture of Experts model with 230 billion parameters, has emerged as the most-used AI model on OpenRouter due to its efficiency and cost-effectiveness, processing over 2.45 trillion tokens in a week as of February 2026. Despite only activating 10 billion parameters per inference, M2.5 is capable of handling most conversational tasks, coding across languages, and office productivity, making it a preferred choice for AI interactions due to its low cost compared to models like Claude Opus 4.6. While it excels in speed and general-purpose tasks, M2.5 falls short in deep reasoning and math-heavy applications, where models like Claude Opus and GPT-5.2 are superior. Its open-weight nature, released under a modified MIT license, allows users to run, customize, and deploy it without API dependency, enhancing cost predictability and reliability. The model's rise illustrates a shift in the AI landscape, suggesting a tiered approach where M2.5 manages routine tasks, reserving complex tasks for more specialized models, thereby significantly reducing operational costs.
Mar 17, 2026 1,088 words in the original blog post.
Modern software products often span multiple platforms like web, mobile, and desktop, requiring a unified authentication system that treats them as one cohesive product. WorkOS addresses this need by supporting multiple applications as distinct entities within its dashboard, allowing developers to manage authentication consistently across different surfaces. Each application receives its own client ID and configuration, enabling specific session policies, redirect URIs, and credentials tailored to the platform while sharing an underlying user pool. This ensures that users have a seamless and unified login experience, avoiding duplicate accounts and fragmented data. Developers benefit from clear separation and application-level control, which simplifies the authentication model and enhances user experience. The approach allows for platform-appropriate session behaviors and seamless recovery flows, making it a valuable improvement for teams building multi-surface products.
Mar 16, 2026 651 words in the original blog post.
Employing diverse AI models for code review can significantly enhance code quality by mitigating the blindspots inherent when a single model reviews its own output, as demonstrated by the use of Cursor's Bugbot for reviewing Claude Code pull requests. Bugbot, which matured post-beta in July 2025, has shown impressive performance by identifying over 1.5 million issues and achieving a 76% resolution rate, thanks to its ability to detect logic bugs, edge cases, security issues, and stylistic inconsistencies that a model like Claude might miss. By automatically reviewing PRs, providing inline comments, and using Autofix to resolve issues, Bugbot streamlines the review process, allowing developers to focus on more complex aspects like architecture and business logic rather than mechanical errors. The tool's effectiveness is further supported by testimonials from companies like Sentry, Discord, and Rippling, which highlight its ability to catch significant bugs early and improve the efficiency of code reviews. Setting up Bugbot involves enabling it on repositories, configuring review triggers, and possibly implementing project-specific review rules, with pricing set at $40 per user per month, offering a clear return on investment by preventing costly errors from reaching production. This approach underscores the value of cross-model reviews in a future where AI-generated code becomes prevalent, reinforcing the principle that diverse perspectives, whether human or AI, catch what uniformity might overlook.
Mar 16, 2026 1,618 words in the original blog post.
An intriguing development in AI tools is the ability to generate visual diagrams that effectively illustrate complex systems, as exemplified by Claude Code's integration with Excalidraw, an open-source virtual whiteboard tool. These visual representations go beyond traditional text explanations by providing clear, structured diagrams, such as the detailed physics diagram Claude generated to explain the TheraBody TheraCube's thermoelectric cooling process. This capability extends to self-describing agentic systems like OpenClaw, which can dynamically generate visual maps of their own architecture, skills, and connections. These visual system snapshots are particularly beneficial for managing complexity in agentic systems, assisting with onboarding, debugging, change verification, and architecture reviews, thereby alleviating some of the challenges associated with traditional documentation and configuration management. As agentic systems become increasingly complex, tools like the Excalidraw skill enable these systems to visually express their configurations, enhancing comprehension and collaboration.
Mar 16, 2026 1,108 words in the original blog post.
AI tooling is revolutionizing various domains through a pattern of compression, which involves reducing the time, effort, and specialized skills required to access and utilize knowledge. This concept of compression isn't about technically making files smaller but rather about collapsing extensive processes into more accessible forms. For instance, AI systems such as Retrieval-Augmented Generation (RAG) allow legal professionals to access relevant case law instantly, eliminating the need for lengthy manual research. Similarly, AI can compress entire workflows, enabling a single person to execute projects that previously required multiple specialists, thereby reducing the production of intermediary artifacts like design documents and tickets. This compression extends to skills, as AI tools bridge the gap between understanding a problem and executing a solution, allowing individuals to operate across domains they aren't specialized in, although this raises questions about the future training of specialists. The compounding effect of knowledge, time, and skill compression accelerates the creation and sharing of knowledge, but it also introduces risks of losing serendipitous discoveries, missing fundamental design flaws, or overlooking nuances that experts would catch. Ultimately, while compression offers significant advantages, it requires careful judgment to determine which processes can be safely accelerated and which require more deliberate attention to avoid accumulating hidden costs.
Mar 16, 2026 1,673 words in the original blog post.
OpenClaw is an open-source autonomous AI agent that exemplifies the future of personal AI assistants by running on dedicated hardware like the System76 Meerkat, secured with Tailscale and Guardian for networking and access control. Unlike traditional AI services, OpenClaw integrates seamlessly into the user's workflow, allowing for real-time interactions via platforms like Discord, where voice messages transcribed through OpenAI's Whisper API can prompt the AI to execute tasks or improve its own functionalities. The system stands out not for its pre-installed features but for its ability to autonomously upgrade itself based on user feedback, enabling a dynamic and evolving tool that minimizes friction in daily tasks. This self-improvement loop allows users to address inefficiencies on the fly, transforming OpenClaw into a personalized, ever-evolving assistant that enhances productivity without requiring the user to divert their attention from their primary work. By collapsing the gap between ideation and execution, OpenClaw offers a high-leverage solution that shifts the paradigm of personal tooling economics, encouraging immediate fixes and continuous enhancement in response to user needs.
Mar 16, 2026 1,168 words in the original blog post.
Running autonomous AI agents like OpenClaw can be costly when relying on expensive models such as Claude Opus 4.6 for every task, leading to high monthly expenses. OpenClaw, an open-source AI agent, was initially set to use Opus for all interactions, which proved to be an inefficient use of resources, especially for simple tasks that didn't require high-level reasoning. By adopting a tiered model strategy with OpenRouter, the author optimized costs by routing different types of requests to appropriate models: MiniMax for general chat, Opus for complex reasoning, and Claude Sonnet 4.6 for implementation tasks. This approach resulted in a dramatic 17x reduction in total costs without compromising the quality of work, demonstrating the importance of model routing in managing AI operation expenses effectively.
Mar 16, 2026 1,031 words in the original blog post.
Over the past fifteen years, REST APIs have been crucial for software integration, offering a reliable, stateless interface supported by extensive tooling for developers. However, the emergence of LLM-powered agents necessitates a new approach due to REST's limitations in dynamic discovery, state management, and integration consistency. The Model Context Protocol (MCP), introduced by Anthropic, addresses these gaps by providing a JSON-RPC-based standard that allows AI applications to discover and interact with APIs through stateful sessions, without replacing REST but rather complementing it. MCP standardizes AI interactions through a consistent protocol, enabling runtime discovery, session management, and OAuth 2.1-based authentication, thus facilitating AI-native workflows that REST cannot accommodate alone. MCP servers typically wrap existing REST APIs, translating high-level MCP tools into REST calls, ensuring that REST continues to handle business logic while MCP caters to the needs of AI agents, thus offering a seamless integration layer for both traditional and AI-driven applications.
Mar 13, 2026 3,103 words in the original blog post.
Secure and seamless automated user provisioning is crucial for SaaS platforms targeting enterprises, with SCIM (System for Cross-domain Identity Management) becoming a key standard for managing user lifecycle events such as provisioning, deprovisioning, and attribute updates. Instead of building in-house solutions, many startups opt to integrate with SCIM providers to efficiently manage these functions. SCIM facilitates the synchronization of user accounts between identity providers and applications, ensuring that new employees gain access to necessary apps immediately and that access is promptly revoked when employees leave. This automation reduces security risks and IT workload, making SaaS products more attractive to enterprise clients. The text evaluates three SCIM solutions—WorkOS, Auth0, and Stytch—highlighting WorkOS as the most suitable for fast-growing SaaS companies due to its predictable pricing, ease of integration, and independent ownership, while noting that Auth0 and Stytch may be better suited for companies already embedded in their ecosystems.
Mar 12, 2026 3,177 words in the original blog post.
AI agents have transformed the API threat landscape by acting autonomously on behalf of users, necessitating a shift in security approaches. Unlike traditional API clients that execute actions based on direct human input, AI agents make independent decisions which can lead to unintended consequences, highlighting the need for robust security measures. The text advocates for using OAuth as a foundational security protocol to manage agent permissions through short-lived access tokens, scopes for limiting actions, and claims for context-aware decisions. It emphasizes the importance of audience-restricted tokens to prevent misuse across different services and highlights the necessity for step-up authorization for high-privilege actions, ensuring user control over sensitive operations. The document underscores the risks associated with autonomous chaining, LLM-mediated decisions, non-human speed, and delegation depth, urging organizations to implement comprehensive validation for every request to safeguard against potential threats. WorkOS is mentioned as a solution that provides machine-to-machine authentication, fine-grained authorization, and extensive audit logs, catering specifically to the security needs of modern B2B applications interacting with AI agents.
Mar 11, 2026 2,309 words in the original blog post.
A JSON Web Key Set (JWKS) is a standardized method for representing and distributing public cryptographic keys, primarily used for verifying JSON Web Tokens (JWTs) in a secure and efficient manner. A JWKS is an array of JSON Web Keys (JWKs), each representing a public key, allowing multiple keys to be available simultaneously to support key rotation, multiple algorithms, and separation of concerns. This setup enables stateless, distributed token verification without repeatedly contacting the authorization server. JWKS endpoints serve these keys over HTTPS, ensuring that clients can fetch and cache them to verify JWTs locally, enhancing security by maintaining the private key within the authorization server and only exposing public keys. Key rotation is seamless as new keys can be added without disrupting service, and clients can identify the correct key through the 'kid' (key ID) parameter. JWKS is deeply integrated with OAuth 2.0 and OpenID Connect, and tools like WorkOS manage the complexities of key generation, rotation, and endpoint hosting, allowing developers to focus on application development while ensuring compliance with modern security standards.
Mar 10, 2026 5,558 words in the original blog post.
Replit Agent is an efficient platform for rapidly developing and deploying apps directly from your browser by using AI to write code and set up databases. While Replit offers a built-in authentication system called Replit Auth suitable for prototypes, it lacks advanced features like enterprise SSO and audit logs, which are crucial for production apps. This tutorial demonstrates how to integrate WorkOS AuthKit into a Replit-generated Node.js/Express app to provide a more robust authentication layer, including email/password authentication, social login, passwordless auth, and enterprise SSO, without rebuilding the app from scratch. The guide walks through the steps of installing necessary SDKs, configuring the WorkOS dashboard, managing secrets securely, setting up routes for login and callbacks, and applying authentication middleware. It emphasizes the benefits of WorkOS, such as handling various authentication methods, multi-factor authentication, and organization-specific policies, making it a compelling choice for apps targeting enterprise users.
Mar 10, 2026 1,437 words in the original blog post.
WorkOS Pipes simplifies the process of integrating third-party applications like Salesforce into user-facing apps by handling OAuth flows, token storage, and refresh logic, thus allowing developers to focus on core functionalities. The tutorial describes how to build a Node.js app using WorkOS Pipes to connect users' Salesforce accounts and automatically create Lead records through a seamless integration process. By utilizing a pre-built React component called the Pipes widget, developers can enable users to connect to their Salesforce orgs without managing complex OAuth infrastructure. The process involves configuring Salesforce as a provider in the WorkOS dashboard, embedding the Pipes widget in the frontend, and writing backend logic to fetch fresh Salesforce access tokens from WorkOS for API calls, which eliminates the need for storing tokens or managing refresh cycles. Additionally, WorkOS Pipes supports various other providers like GitHub, Slack, and Google, offering a scalable solution for multi-tenant integrations across different platforms.
Mar 09, 2026 2,163 words in the original blog post.
Sign in with Apple offers a streamlined OAuth/OIDC authentication process for Apple users, allowing them to access web apps without creating new accounts, and providing privacy features like email address relay. The setup, which is slightly more involved than other social logins, requires an App ID, Service ID, and private key obtained from the Apple Developer Portal, and is facilitated through WorkOS, which manages the OAuth integration and displays a "Sign in with Apple" button on the hosted login page. This guide details the configuration process, including setting up Private Email Relay and integrating AuthKit in a Next.js app using the @workos-inc/authkit-nextjs SDK. WorkOS also provides options to add other authentication methods and features such as email and password authentication, social logins, Multi-Factor Authentication, and more, with the ability to extend functionality for enterprise customers, including SSO, directory sync, and audit logs.
Mar 06, 2026 2,677 words in the original blog post.
Lovable enables rapid creation of full-stack Next.js applications from natural language prompts, but to make these apps ready for real users, a robust authentication system like WorkOS AuthKit is necessary. WorkOS AuthKit provides comprehensive authentication features, including email/password, social login, passwordless options, MFA, passkeys, and enterprise SSO, all integrated with minimal code. The guide details a step-by-step process for integrating WorkOS authentication into a Lovable-generated Next.js app, covering installation, configuration of environment variables, and setting up protected routes and login flows. By incorporating these authentication measures, developers can securely manage user access and cater to both individual and enterprise customers. WorkOS further supports advanced features like role-based access control, organization-specific auth policies, and enterprise solutions such as Directory Sync and Audit Logs, which can be incrementally added as application requirements evolve.
Mar 05, 2026 1,303 words in the original blog post.
The workshop held at the WorkOS office in San Francisco demonstrated the practical capabilities of Claude Code and Cowork in building a complete go-to-market pipeline within a single session, highlighting the real-time application of voice-first development and agentic workflows. The event, attended by 150 people with 800 registrations, underscored the massive interest in these technologies. The workshop included modules on data scraping, competitive intelligence, positioning, personalized emails, content creation, and scheduling tasks, all managed in a single chat to maintain context. The session showcased the power of speaking commands to multiple agents simultaneously, enabling faster and more efficient workflow management. Additionally, the use of Cowork's plugin system ensured uniformity in output across teams, while the potential for scheduled tasks and cloud-based operations was discussed. The event concluded with a Q&A session with Lydia from Anthropic's Claude Code team, covering topics like the differences between Cowork and Claude Code, the development process, and future advancements in scheduled tasks and collaboration features. The workshop emphasized the composability of these tools, allowing for high-quality, automated content production that was previously unattainable.
Mar 05, 2026 1,936 words in the original blog post.
The author recounts their journey of developing evaluation systems for two AI-powered developer tools at WorkOS, focusing on the challenge of determining whether the tools genuinely enhance developer experiences. The first tool, WorkOS CLI, utilizes the Claude Agent SDK to automatically install WorkOS AuthKit across various frameworks, but its outputs vary widely, complicating testing. To address this, the author created an evaluation system using fixture projects to establish baseline states for comparison post-installation, grading the outputs on both functional and quality metrics. The second tool involves generating structured context documents for WorkOS features to enhance AI-driven developer assistance. Here, the evaluation involves A/B testing to see if context improves LLM outputs, revealing that some contexts inadvertently degrade performance. Both systems emphasize statistical measurement rather than deterministic testing, with a focus on tracking trends, understanding nuances through saved transcripts, and calibrating evaluations against real-world scenarios, ultimately leading to a more data-driven approach to shipping AI tools.
Mar 04, 2026 3,365 words in the original blog post.
WorkOS Pipes simplifies the process of sending Slack notifications from SaaS applications by handling the complexities of OAuth flows, token storage, and refresh logic, allowing developers to bypass the traditional setup requirements such as implementing OAuth 2.0, managing user tokens, and handling token expiry or revocation. The tutorial outlined in the text demonstrates how to build a Node.js app using the Pipes widget that enables users to connect their Slack workspace without writing OAuth code, post notifications to a chosen channel, and manage these connections seamlessly, with WorkOS providing a valid Slack access token upon request. Once integrated, this pattern can be applied to multiple providers such as GitHub, Google, and Salesforce, thus extending the app's functionality without additional OAuth infrastructure. By configuring Slack in the WorkOS dashboard, embedding the Pipes widget into the app, and using provided tokens to interact with Slack's API, developers can efficiently manage third-party connections, send notifications, and expand their app's capabilities to include rich, interactive notifications using Slack's Block Kit, all while maintaining user-specific credential isolation and ensuring token validity.
Mar 04, 2026 1,984 words in the original blog post.
Dashboards, once essential for simplifying complex tasks and enabling non-engineers to configure SaaS infrastructure, are becoming bottlenecks in the era of AI-assisted development. While dashboards allowed for a user-friendly interface to manage configurations in the early days of cloud computing, the shift towards Infrastructure as Code has rendered many manual dashboard interactions obsolete. This evolution has introduced a friction point, as AI agents, which are increasingly responsible for setting up and deploying applications, struggle with dashboards designed for human interaction rather than programmatic access. Despite the availability of APIs, most infrastructure products still require some human intervention for initial setup, resulting in a mismatch between the speed of code generation and the pace of infrastructure configuration. To fully embrace automation, infrastructure companies must rethink their setup processes, ensuring they are accessible and operable by AI agents without human input. This shift would not only accelerate development but also democratize access, allowing more people to bring their ideas to fruition without needing in-depth operational expertise. In this emerging landscape, dashboards will transform from interactive control panels into informative displays that monitor and explain the actions of autonomous systems, requiring companies to prioritize agent-first design over human-oriented interfaces.
Mar 03, 2026 1,340 words in the original blog post.
Password policies have often been based on outdated security guidelines, leading users to create easily predictable passwords like "Password1!" despite complexity requirements. Modern password cracking leverages powerful GPUs to test billions of guesses per second, emphasizing the need for policies that protect against offline attacks by focusing on password length rather than complexity. The National Institute of Standards and Technology (NIST) now recommends prioritizing longer passphrases over complex ones, as they offer higher entropy and are easier to remember. Additionally, regular password rotation without evidence of a compromise is discouraged, as it often results in predictable password transformations. Instead, checking passwords against breached credential lists is a critical defense, preventing the reuse of compromised passwords. Implementing strong password policies involves using secure hashing algorithms like Argon2id, which are resistant to GPU-accelerated attacks, and ensuring passwords are salted to prevent precomputed attacks. While passwordless solutions such as passkeys are becoming more prevalent, robust password policies remain essential as the ecosystem transitions. Delegating authentication to specialized platforms can simplify this process, ensuring compliance with evolving security standards.
Mar 03, 2026 3,270 words in the original blog post.
WorkOS has secured $100 million in Series C financing, elevating its valuation to $2 billion, with Meritech and Sapphire leading the round and participation from various other investors. The platform is widely used by leading AI companies such as OpenAI and Anthropic, enabling them to meet enterprise requirements like SSO, SCIM, and auditability from the onset. As the cost of writing code decreases and demand for AI surges, the software lifecycle is rapidly compressing, with WorkOS positioned to support this shift through its expanded platform offering features like granular permissions, integrations, and abuse detection. The company's focus on reliability and scale, demonstrated by five nines uptime and billions of API requests monthly, underscores its commitment to making agentic software secure and reliable by default. With the new funding, WorkOS aims to further enhance its platform, catering to both small-scale projects and large enterprises, while continuing to hire across San Francisco, New York, and remote locations.
Mar 02, 2026 350 words in the original blog post.
Better Auth has gained popularity as a TypeScript-first authentication library, offering a modern alternative to NextAuth with a strong developer experience and a clean plugin architecture. However, as applications scale and enterprise requirements arise, limitations such as the lack of SAML SSO, SCIM provisioning, pre-built UI components, and managed infrastructure prompt developers to consider alternatives. The guide explores five Better Auth alternatives for 2026, including WorkOS, Supabase Auth, Firebase Authentication, Stack Auth, and Ory, each catering to different needs ranging from integrated backend platforms and open-source flexibility to enterprise-ready solutions. WorkOS stands out for B2B SaaS companies due to its comprehensive features like pre-built UI, SSO, SCIM, and compliance tools, making it a suitable choice for teams targeting enterprise customers. In contrast, Supabase Auth and Firebase Authentication are better suited for startups and those within the Google ecosystem, while Stack Auth and Ory offer open-source options with varying degrees of customization and infrastructure requirements. The right choice depends on specific use cases, team expertise, and growth trajectory, with WorkOS providing a robust option for those needing enterprise features without the operational burden.
Mar 02, 2026 2,205 words in the original blog post.