Using Auth0 CLI with Private Cloud

The Auth0 CLI is a handy tool to help with designing and building your Auth0 experience. It lets you do a number of things including: Testing your universal login flow: Emulate your end users' login experience by running auth0 test login. Troubleshooting in real-time: Inspect the events of your Auth0 integration as they happen with … Continue reading Using Auth0 CLI with Private Cloud →

Sending Feedback to Twilio Verify Fraud Guard in Auth0

Auth0 supports Twilio out of the box as a phone provider however in many instances Twilio Verify provides a better experience. The out of the box Twilio integration requires the sender to manage all of the phone numbers and Sender IDs that they need. This can be simple if you only operate in a single … Continue reading Sending Feedback to Twilio Verify Fraud Guard in Auth0 →

Understanding Client Authentication with Okta

In this article, you'll learn how client authentication works with Okta for applications that need to request access tokens securely. The "client" here refers to a server-side or browser-based application or machine making a token requests. We'll walk through different authentication methods supported by Okta, including how to generate your own key pairs and create … Continue reading Understanding Client Authentication with Okta →

Auth0 Forms – Adding Policy Versioning

Auth0 Forms is a tool designed to allow identity flows to be extended with customisable forms and logic, allowing use cases like progressive profiling, policy acceptance, payment collection and more within the hosted login flows you've come to know and love from Auth0. For more detail on forms please refer to my earlier post Auth0 … Continue reading Auth0 Forms – Adding Policy Versioning →

Auth0 Forms – Managing Privacy Policy Acceptance

Auth0 Forms is a powerful tool to extend identity flows with customisable forms and business logic. Forms allows for a hosted secure experience with no need to redirect users to external sites and consistent branding with Universal Login. In this blog post I will talk through how to use forms to ensure all your application … Continue reading Auth0 Forms – Managing Privacy Policy Acceptance →

Global Token Revocation – Auth0 Universal Logout integration with Okta

Auth0 has launched native support for Global Token Revocation and Okta's Universal Logout functionality. This means that Auth0 applications now natively support the ability for federated Okta customers to automatically revoke all of the users sessions and tokens when Identity Threat Protection detects malicious or suspicious behaviour. Now, Auth0 powered applications can offer the same … Continue reading Global Token Revocation – Auth0 Universal Logout integration with Okta →

Automated Unit Testing with the Auth0 Actions Testing library

This article provides a step-by-step guide on setting up an automated unit test suite for Auth0 Actions using Kilterset's Auth0 Actions Testing library. It emphasizes the importance of automated tests for maintaining code reliability and offers practical instructions on creating tests, setting up the testing library, and running tests in the CI/CD pipeline.

Digital Retail Summit NSW Presentation

I had the pleasure of speaking at the Digital Retail Summit for the second year in a row. Below is the presentation that I delivered. If have any questions feel free to reach out to me on LinkedIn. Digital-Retail-Summit-Sydney-June-6-Secure-Identity-is-the-foundation-for-customer-delightDownload

Shared device authentication for consumers – device flow and Okta

The article discusses challenges and solutions for shared device authentication, focusing on consumer scenarios. It explores issues like credential exposure, session takeover, and phishing, proposing decoupled authentication and the OAuth 2.0 Device Authorization Grant as effective solutions. The Okta Customer Identity Cloud (Auth0) and Okta Workforce Identity Cloud (WIC) support this approach for secure shared device authentication.