A Practical Guide to Building Secure SSO

Understanding how to build Single Sign On (SSO) using the OAuth 2.0 framework with OpenID Connect may seem like a daunting task. This practical guide will show you how to build a secure SSO system.…

Read this article

Layering authorization into a web application

How we introduced granular authorization into our application and API. Illustration by Camellia Neri Last year, my team extended Gusto’s authorization system to give admins granular access to their companies’ accounts. In software security terms, authorization is the concept of what a user can do in a system, while…

Read this article