A technical guide on disabling the sign-up option in a Microsoft Entra External ID user flow using the Microsoft Graph Beta API and PowerShell.
Explains how to implement secure cookie-based authentication in an Angular frontend, comparing it to the Authorization Code flow with PKCE.
A developer built a unified task dashboard using Next.js, Vercel Edge Functions, and live API calls to aggregate data from ClickUp, Notion, and Google Calendar.
Argues against using API keys for securing enterprise AI tools like LLMs and agents, highlighting security flaws and recommending better alternatives.
Explains methods to restrict access to action methods in ASP.NET Core MVC using filters and the Authorize attribute.
A guide on using GitHub Actions to securely checkout a specific branch from a private repository, enabling reusable components in CI/CD workflows.
Explains how to forward authenticated user requests from a .NET BFF to a downstream API using YARP and OAuth 2.0 token exchange.
Explores the emerging security research landscape around the Model Context Protocol (MCP), a new standard for AI model communication.
A technical guide on authenticating with the GitHub API using a GitHub App, focusing on setup and JWT token generation in C#.
![[Web dev for beginners] Authenticating users with plain Node.js](https://alldevblogs.blob.core.windows.net/thumbs/article-0a903f7f48e1-full-e14c4168.webp)
A beginner's guide to implementing user authentication in a Node.js web server, covering passwords, Base64 encoding, and dynamic imports.
A guide to implementing secure cookie-based authentication for a YARP Backend for Frontend (BFF) in a .NET Aspire application.
Explains the security risks of community-developed MCP servers and how to centrally manage and secure them using an MCP Gateway.
A guide to securely loading and managing Google Cloud Storage service account credentials in Node.js applications, covering JSON files, environment variables, and direct specification.
A proposed security evaluation framework for Model Context Protocol (MCP) servers, focusing on configuration and implementation risks for developers.
Kubernetes 1.34 focuses on security enhancements, including short-lived registry tokens, scoped anonymous API access, and improved mTLS for pods.
A guide to securely configure GitHub Copilot coding agents with federated identity and RBAC for accessing Azure resources in dev/test environments.
Explains Cross-Site Request Forgery (CSRF) attacks, their impact on web applications using cookie authentication, and foundational defense concepts.
A technical guide on configuring OAuth 2.0 token delegation for an A2A (Agent-to-Agent) system using Python, FastAPI, and security schemes.
AI agents' autonomous and probabilistic nature forces stricter security and authorization models, breaking traditional microservice assumptions.
A guide on using Azure DefaultAzureCredential with managed identities for secure authentication in Semantic Kernel Python projects.
