Archives

All the articles I've archived.

2026 ¹

February ¹

Making IAM Reachable: My Shift to Developer-First Identity

15 Feb, 2026
•

Why I'm moving beyond the IAM bubble and focusing on the future of Identity for AI Agents.

2025 ⁹

May ³

Unwrapping MCP Security: A Walkthrough with the Paypal MCP Server

12 May, 2025
•

A Walkthrough with the Paypal MCP Server
Unwrapping MCP: A Walkthrough with the GitHub MCP Server

7 May, 2025
•

A Walkthrough with the GitHub MCP Server
What is OAuth 2.0 Protected Resource Metadata (PRM)

4 May, 2025
•

What is OAuth 2.0 Protected Resource Metadata (PRM)

April ⁶

mTLS and OAuth2 — Certificate-Bound Tokens

26 Apr, 2025
•

mTLS and OAuth2 — Certificate-Bound Tokens
mTLS and OAuth2 — Client Authentication

25 Apr, 2025
•

mTLS and OAuth2 — Client Authentication
Secure OAuth2: A Simple Story of Two Keys — PKCE

24 Apr, 2025
•

Simple Story of Two Keys — PKCE
Secure OAuth2 (Part -4): Securing Response Using JWT Secured Authorization Response Mode (JARM)

20 Apr, 2025
•

Securing Response Using JWT Secured Authorization Response Mode (JARM)
Secure OAuth2 (Part -3): Push Authorization Request (PAR) to Rescue

18 Apr, 2025
•

Push Authorization Request (PAR) to Rescue
Secure OAuth2 (Part -2): Put it in a JAR (JWT-Secured Authorization Request)

17 Apr, 2025
•

Secure OAuth2 (Part -2): Put it in a JAR (JWT-Secured Authorization Request)

2024 ¹

April ¹

Is Authorization Code Grant Type Secure Enough?

17 Apr, 2024
•

Is Authorization Code Grant Type Secure Enough?

2023 ¹

September ¹

OAuth2 Token Exchange in Practice

26 Sep, 2023
•

OAuth2 Token Exchange in Practice

2021 ¹

April ¹

How to register and manage OAuth2 clients?

20 Apr, 2021
•

How to register and manage OAuth2 clients?

2020 ²

April ²

How do you discover the OAuth2 server configuration?

25 Apr, 2020
•

How do you discover the OAuth2 server configuration?
Understanding OAuth2 Landscape

19 Apr, 2020
•

Understanding OAuth2 Landscape

2019 ¹

October ¹

API Security: How to avoid Broken Object Level Authorization & Broken Function Level Authorization

2 Oct, 2019
•

API Security: How to avoid Broken Object Level Authorization & Broken Function Level Authorization

2018 ⁵

June ¹

Web Browser SSO Profile

9 Jun, 2018
•

Web Browser SSO Profile

May ¹

Reloading SAML: IdP Discovery

12 May, 2018
•

IdP Discovery

April ¹

Reloading SAML: Why do you need SAML Metadata?

1 Apr, 2018
•

Why do you need SAML Metadata?

March ²

Reloading SAML: SAML Basics

26 Mar, 2018
•

SAML Basics
Reloading SAML: Do you really need SAML?

24 Mar, 2018
•

Reloading SAML: Do you really need SAML?