A technical guide on authenticating with the GitHub API using a GitHub App, focusing on setup and JWT token generation in C#.
![[Web dev for beginners] Authenticating users with plain Node.js](https://alldevblogs.blob.core.windows.net/thumbs/article-0a903f7f48e1-full-e14c4168.webp)
A beginner's guide to implementing user authentication in a Node.js web server, covering passwords, Base64 encoding, and dynamic imports.
A guide to implementing secure cookie-based authentication for a YARP Backend for Frontend (BFF) in a .NET Aspire application.
Explains the security risks of community-developed MCP servers and how to centrally manage and secure them using an MCP Gateway.
A guide to securely loading and managing Google Cloud Storage service account credentials in Node.js applications, covering JSON files, environment variables, and direct specification.
A proposed security evaluation framework for Model Context Protocol (MCP) servers, focusing on configuration and implementation risks for developers.
Kubernetes 1.34 focuses on security enhancements, including short-lived registry tokens, scoped anonymous API access, and improved mTLS for pods.
A guide to securely configure GitHub Copilot coding agents with federated identity and RBAC for accessing Azure resources in dev/test environments.
Explains Cross-Site Request Forgery (CSRF) attacks, their impact on web applications using cookie authentication, and foundational defense concepts.
A technical guide on configuring OAuth 2.0 token delegation for an A2A (Agent-to-Agent) system using Python, FastAPI, and security schemes.
AI agents' autonomous and probabilistic nature forces stricter security and authorization models, breaking traditional microservice assumptions.
A guide on using Azure DefaultAzureCredential with managed identities for secure authentication in Semantic Kernel Python projects.
A technical guide on using custom PHP code to hide and secure the WordPress admin login page, offering a lightweight alternative to plugins.
Microsoft introduces linkable identifiers in Entra ID logs, a major update for threat hunters to track authentication activities.
Explains Kubernetes Golden Tickets, a security flaw allowing attackers to forge admin certificates and tokens, with scripted exploitation steps.
The author completes a simplified signup process with account verification for their JourneyInbox app in this coding episode.
A guide on using domain_hint and login_hint parameters to automatically select the correct Microsoft Entra tenant during authentication, improving user experience.
A tutorial on creating your first AI agent using Azure AI Agent Service, focusing on setup with Managed Identity and a code walkthrough.
A guide to securing a personal digital life by migrating to a custom domain email, using a password manager, and implementing YubiKey 2FA.
Developer shares their new role as a Developer Advocate at Pomerium, a Zero Trust access control platform, and discusses the company's open-source approach.
