Readit News logoReadit News
grinich commented on Claude Status – Elevated error rates on the API   status.claude.com/inciden... · Posted by u/throwpoaster
nine_k · 24 days ago
Writing boilerplate code is mostly creative copy-pasting.

If I were to do it, I would have most of the reusable code (e.g. of a RBAC system) written and documented once and kept unpublished. Then I would ask an AI tool to alter it, given a set of client-specific properties. It would be easier to review moderate changes to a familiar and proven piece of code. The result could be copied to the client-specific repo.

grinich · 24 days ago
What do you use for RBAC today? Do you have AI rewrite it every time?
grinich commented on Okta's NextJS-0auth troubles   joshua.hu/ai-slop-okta-ne... · Posted by u/ramimac
hi_hi · a month ago
We've recently moved to Auth0. I'm no security expert. Whats the recommended alternative that provides the same features and price, but without the risks suggested here?
grinich · a month ago
If you’re looking for b2b identity, I’m the founder of WorkOS and we power this for a bunch of apps. Feel free to email me, mg@workos.com
grinich commented on Kratos - Cloud native Auth0 open-source alternative (self-hosted)   github.com/ory/kratos... · Posted by u/curtistyr
adammiribyan · a month ago
Does OpenAI use Ory? I thought they’re using Auth0.
grinich · a month ago
OpenAI uses WorkOS for SSO and SCIM.

https://help.openai.com/en/articles/9627404-openai-chatgpt-s...

grinich commented on Kurt Got Got   fly.io/blog/kurt-got-got/... · Posted by u/tabletcorry
tptacek · 2 months ago
SAML is awful, maybe the worst cryptographic protocol ever devised, and we won't implement it unless we absolutely have to. OIDC is the future.

I'm not exaggerating; you can use the search bar and find longer comments from me on SAML and XMLDSIG. You might just as well ask when we're going to implement DNSSEC.

grinich · 2 months ago
It's so bad

Here is a major vulnerability we disclosed earlier this year:

https://workos.com/blog/samlstorm

grinich commented on Kurt Got Got   fly.io/blog/kurt-got-got/... · Posted by u/tabletcorry
grinich · 2 months ago
I got hit with the same kind of phishing attack a couple months ago

It's pretty incredible the level of UI engineering that went into it.

Some screenshots I took: https://x.com/grinich/status/1963744947053703309

grinich commented on Auth.js is now part of Better Auth   better-auth.com/blog/auth... · Posted by u/ShaggyHotDog
nikcub · 3 months ago
> Chances are, if you’ve used ChatGPT, Google Labs, Cal.com or a million other websites, you’ve already interacted with Auth.js.

I missed OpenAI migrating away from auth0. They must have been one of their largest customers - anybody know the story?

grinich · 3 months ago
They migrated SSO/SAML to WorkOS, and consumer auth to forked open source.
Posted by u/grinich 3 months ago
Did Atlassian copy our logo?twitter.com/grinich/statu...
grinich commented on Vendors that treat single sign-on as a luxury feature   sso.tax/... · Posted by u/vinnyglennon
EE84M3i · 4 months ago
Is there a go-to vendor/library that handles this (OIDC, SAML, SCIM) for SaaS services these days? Just like how everyone uses stripe for billing, everyone uses <vendor> for auth?
grinich · 4 months ago
(self plug since you asked!)

WorkOS does exactly this. It's "Stripe for enterprise features."

https://workos.com

Our customers include OpenAI, Anthropic, xAI, Cursor, Perplexity, Vercel, Replit, Webflow, Clay, Hex, Carta, Plaid, Drata, Vanta, and many others. If you've used these products, you've used WorkOS!

WorkOS makes it easy to "cross the enterprise chasm." Here's a bit more of the backstory: https://x.com/grinich/status/1841569664465568248

We also launched on HN 5 years ago :) https://news.ycombinator.com/item?id=22607402

grinich commented on Vendors that treat single sign-on as a luxury feature   sso.tax/... · Posted by u/vinnyglennon
bks · 4 months ago
Happy workos customer for at least 4 years. Thank you.
grinich · 4 months ago
thank you! feedback very welcome if you have any suggestions for things to improve or ideas for what we should build next
grinich commented on Vendors that treat single sign-on as a luxury feature   sso.tax/... · Posted by u/vinnyglennon
grinich · 4 months ago
I started a startup to fix this exact problem integrating and configuring SSO/SAML.[0]

We launched here on HN 5 years ago[1] and today power SSO for OpenAI, Cursor, Vercel, and a thousand other apps. We also found the initial configuration step to be painful for users, so we built a self-serve wizard that enables enterprise admins to fix issues.[2]

It's still crazy how much complexity there is with enterprise identity systems and managing the user lifecycle for big orgs. It's like the whole thing is made of weird edge cases and even moreso when you add SCIM, RBAC, MFA, etc etc.

(If anyone reading this also loves suffering at the intersection of IAM and developer tools, we are hiring! Email in my profile :))

[0] https://workos.com

[1] https://news.ycombinator.com/item?id=22607402

[2] https://workos.com/admin-portal

grinich · 4 months ago
also if anyone wants to go down the rabbit hole about why SAML is hard to implement, this is a pretty interesting writeup of a major 0-day vuln we discovered earlier this year: https://workos.com/blog/samlstorm
g

u/grinich

KarmaCake day6254February 23, 2009
About
Michael Grinich

WorkOS founder

mg@workos.com

https://twitter.com/grinich

View Original