Lately I was a little frustrated with the lack of online resources which effectively describe how to effectively leverage session-based SSO on mobile platforms. Read more 29 May 2020 - less than 1 minute read
I often receive the question of how OAuth token audience validation should work in environments where multiple OAuth clients are calling multiple resource services. Generally, the audience or aud claim in OAuth represents the application to which the OAuth token was issued. This can be handy as an additional layer of token validation for certain... Read more 09 May 2020 - 1 minute read
Day to day, I work on the modern Microsoft stack - .NET Core, MSSQL, Linux/Docker, and building out both cloud and security initiatives at my organization. I love my place on the backend side of things, and typically don’t stray far from that area. Ever so occasionally, it’s necessary to dip my toes into JS to finish some light frontend work. J... Read more 04 Jun 2018 - 1 minute read