Blog

Engineering leadership at WorkOS blends product ownership, technical stewardship, and people leadership. Engineering managers stay close to the code, the team, and customers.

Building modern applications increasingly means connecting to multiple third-party services. We built Pipes to handle OAuth flows, token management, and provider setup for you.

A practical guide to creating, sending, and validating JSON Web Tokens in modern JavaScript.

How MCP is evolving from model-driven execution to collaborative workflows with sampling and elicitation.

What asymmetric client authentication is, why it’s safer than client secrets, and how it works in practice.

Why some user interactions cannot safely happen inside the MCP client, and how URL-mode elicitation helps.

The naive approach to RAG authorization creates a scaling nightmare. Here's the pattern that actually works.

A practical guide to onboarding organizations, admins, and users at scale.

Fireworks.ai is betting that inference is the real AI runtime. A look at its PyTorch roots, serving stack, and compound model strategy.

WorkOS Pipes, AuthKit for Platforms, Multiple Roles for SSO and SCIM, & more

The hidden stack that lives between a model that works and a product that scales.

The spec evolution that made zero-config MCP connections possible—and closed a category of security holes

How enterprise software teams can ship faster without breaking trust

Understand how OAuth clients authenticate and when you should use client secrets vs private key JWT.

Build a CIMD-based confidential MCP client in Python using Authorization Code + PKCE.