What’s a SAML ACS URL, and why do you keep getting asked for one when setting up SSO? This guide explains what it is, how it works, and how to use it.
Ned O'LearyLearn what unphishable MFA is and why it matters. (Hint: phishing is a big, big problem!)
Ned O'LearyWhat is token entropy, and why does it matter for security? This is a maximally simple, minimally technical primer for developers.
Ned O'LearyWhat's the difference between authentication and authorization? I'll break down AuthN vs. AuthZ in simple terms. I'll cover what they mean, how they work, and why they matter for SaaS apps.
Ned O'LearyLooking for an API key management service? This guide breaks down what these tools do, why they matter, and how to choose the right one—with real product recommendations.
Ned O'LearyJIT provisioning creates user accounts automatically at first login via SSO. It's a fast, secure way to onboard users in SaaS apps.
Ned O'LearyA comparison of the best open source authentication providers in 2025 — including Keycloak, Authentik, Ory, and Tesseral. Ideal for developers building secure auth on open source foundations.
Ned O'LearyUser management in SaaS is more than just login—it’s about access, security, and control. This guide covers key practices like roles, permissions, and audit logs to help you scale safely.
Ned O'LearyWhen we talk about "deprovisioning" in business software, we generally mean that we're removing a user's access to an application or deleting a user's account. Notably, we usually handle deprovisioning programmatically over the SCIM protocol.
Ned O'LearyIf you're wondering how you'll implement auth in Next.js, here are some of the major options you should consider, including both open source tools and proprietary commercial services.
Ned O'LearyMagic links actually aren't magic. They're just a user-friendly authentication factor. I'll cover what they are, what they're for, and how you can set them up.
Ned O'LearyWe often hear from people that have used Keycloak in the past -- or are currently using Keycloak -- that have started to look for an alternative. Tesseral may be a good fit!
Ned O'LearyIdentity gets confusing. There are a lot of opaque acronyms to navigate. Here, I'll explain the difference between SAML and SCIM as simply as I can.
Ned O'LearyAuth0 is a good solution for some companies. Tesseral may be a more suitable open source alternative for many startups.
Ned O'LearyAuthentication protocols like SAML get really confusing. Here, I try to explain in minimally technical terms the difference between an identity provider (IDP) and a service provider (SP).
Ned O'LearyThere's a lot of confusing jargon in the world of auth. Here's a quick, minimally technical rundown of the difference between SSO and OAuth.
Ned O'LearyWhile you can technically use Auth0's 'Private Cloud' service, it's really a lot easier just to go with something open source!
Ned O'LearyEvery SaaS app needs auth. If you're unsure how to approach auth for your SaaS, this article might help guide your decisions.
Ned O'LearySAML vs. OIDC explained simply for developers and non-developers alike
Megan O'Leary