Check out the free virtual workshops on how to take your SaaS app to the next level in the enterprise-ready identity journey!

avatar-leebrandt.jpg Lee Brandt

All Posts by Lee Brandt

What Being a Musician Taught Me About Being a Programmer

I’ve been a musician most of my life. I was in bands when I was in junior high up until I joined the Army at 19. I started writing software a few years after getting out of the military and kinda put music to the side. Recently, I’ve started to play in bands again, and something struck me about the dynamics of playing with other musicians and how that prepared me for writing software on...

Read more

Five Open Source Projects We're Thankful For In 2020

As developers, we love open source projects. It can be an easy way to get functionality into your application without having to write it yourself. Plus, it feels good to send a pull request to fix a bug or add a feature. This year for Thanksgiving, the team thought we would list some of the open source projects that we are thankful for. JHipster JHipster is a library for generating and deploying modern web applications...

Read more

Five Engineering Stories That Will Make Your Blood Curdle

If you’ve been an engineer for any considerable time, you’ve probably made some mistakes that made you want to crawl under your desk and hide. You may have even considered packing up your desk! In the spirit of the greatest holiday ever (Halloween), the Developer Advocacy group at Okta has shared some of their scariest engineering stories. Exploit Explorer Back when I still ran my own physical servers, 10 or more years ago, the word...

Read more

Build Your First Deno App with Authentication

The creator of Node.js, Ryan Dahl, has authored a new framework for designing web applications. He went back and fixed some mistakes he made in hindsight, taking advantage of new technologies that were not available at the time he originally wrote Node. The result is Deno (pronounced DEH-no), a framework for writing “Node-like” web applications in TypeScript. Here, I will walk you through creating a basic web application with authentication. You can find almost all...

Read more

5 Talks I can't wait to see at Disclosure 2020

On September 2, 2020, Okta will host Disclosure, our public security conference. There will be two tracks: one that is focused on general computer and network security and one that is aimed at developers who are interested in security as it relates to programming. The conference is virtual and runs from 9 am to 6 pm PT. There are a couple of talks I am super-stoked to see and I wanted to take a quick...

Read more

Build a Basic CRUD App with ASP.NET Core 3.0 and MongoDB

Document databases have become increasingly popular due to their speed and ability to store huge amounts of data or semi-structured data. MongoDB has emerged as a leader in the document database space and, as a consequence, it may be necessary for developers to learn how to interact with MongoDB from .NET applications. This post strips away all the arguments that obscure how document databases can easily serve as a datastore for .NET applications. The app...

Read more

How to Move from Consuming Higher-Order Components to React Hooks

Let’s face it. Higher-Order Components (HOCs) allow developers to really take advantage and extend the functionality of their React components, but they can be cumbersome once you have more than one that you want to use within a component. It’s mostly because of the way they’re used. Not only do you have to use a class component in order, but you also use the HOC by wrapping them around your components. Wrapping the component code...

Read more

Why GUIs Suck (and CLIs are Better)

I’ve always tended to lean toward Command-Line Interfaces (CLIs) over Graphical User Interfaces (GUIs). Maybe it’s because I cut my teeth in computing in the Windows 3.1 days. I split my time between the “new” Windows 95 and Linux (usually RedHat 5 or Debian 2). When things weren’t going well in a GUI (which was a LOT of the time), you just dropped to a terminal, typed in a command, and BAM! you were in...

Read more

Build Reusable React Components

Who doesn’t love beer? When you drink a great beer you want to tell someone. You definitely want to be able to remind yourself of the great beers you’ve had. Enter Brewstr, a beer rating application that allows you to enter a beer you’re drinking and give it a rating. This way, you know what to get next time since there’s no way you’ll remember it later. React gives the ability to create a component...

Read more

How I Learned to Love Default Implementations in C# 8.0

If you haven’t heard, C# 8.0 ships with a new feature that allows you to add default implementations to interfaces. If you’re like me, you may be thinking, “Why? Why would I want to add implementations to interfaces? Isn’t that what abstract classes are for? Doesn’t that go against everything that interfaces stand for?” My immediate reaction to this new feature was visceral and negative,, but I decided to investigate closer and… I think I...

Read more

Build Components in JavaScript Without a Framework

Everyone has their favorite framework, and most developers aren’t shy about sharing those opinions. I guarantee you right now two developers are arguing about their favorite frameworks. Personally, I’ve been using JavaScript frameworks since JQuery was introduced. I’ve written applications for clients using Knockout.js, Angular 1+, React (since before v15), and have made some small learning apps using Stencil and Vue. One of the great things that all of these frameworks bring to the table...

Read more

ASP.NET Core 3.0 MVC Secure Authentication

On September 23rd, Microsoft announced the third major release of its .NET Core framework. This new release boasts better performance, support for Windows Desktop apps, improved support for Docker containers, and more. Naturally, I was excited to see this new release and get authentication hooked into it with Okta! I put together this tutorial to demonstrate how to quickly and securely set up user management with Okta and OIDC (OpenID Connect) in an ASP.NET Core...

Read more

Performance Testing with Apache Bench

Every web developer I know is concerned with the performance of their web applications. How fast will my app load? Will it handle a lot of users? How well will it lots of data? Will it scale? These are just some of the questions that developers ask themselves but very rarely have any idea how to test. Generally, when performance testing, most developers worry about “load testing”, or how an app will perform under load....

Read more

Software Development is a Creative Endeavor

Every time I tell someone I am a software developer, they almost inevitably reply with, “You must be super smart, then.” I don’t feel any smarter than most other people. Truthfully, I feel dumber than most people I meet. To be fair, I do meet a lot of software developers. The preconception is that I am some sort of technical wiz, especially good at math. I assure you I am not. While I have a...

Read more

IInterface Considered Harmful

Developers have been lauded as being early adopters when it comes to technology products, but they seem to be late bloomers when it comes to dropping old habits. It took years of convincing and some guidance from Microsoft to get .NET developers to stop using Hungarian Notation in their programs, but there’s is one last “comfort blanket” it left: developers still use the “I” prefix for interfaces. I want it to stop. Let it go....

Read more

Build a CRUD App with ASP.NET Core 2.2 and SQL Server

I’ve always said that you can tell a lot about a person by the kind of music they listen to. Don’t tell me you haven’t had serious doubts about whether you can be friends with someone when you find out that they like a particular band or artist. In that spirit, I created JudgeMyTaste, an ASP.NET Core web application where people can enter their favorite band or artist so that people on the Internet can...

Read more

Build a CRUD App with ASP.NET Core 2.2 and Entity Framework Core

If you’re like me, you love music. Music is always streaming somewhere in my house at all times. I especially like going to see live music, but it can be hard to know where and when live music is happening. LiveMusicFinder is a web application that allows users to enter when and where some live music is going down. This beta version is very rough, but I will show you how I built it with...

Read more

The Basics of JavaScript Generators

JavaScript does a pretty good job of iterating over collections. But what if you don’t know what the collection is, or how big it will be? What if the thing you want to iterate over doesn’t have an iterator to use? JavaScript generators can help! What Are JavaScript Generators? JavaScript generators are just ways to make iterators. They use the yield keyword to yield execution control back to the calling function and can then resume...

Read more

Build Your First Azure Function in Visual Studio Code

Inevitably it happens. You go to one of those bars that has three trillion beers on tap, and you stare hopelessly at the wall of taps trying to decide what to order. Panic no more! Hop Roulette is here to save you from embarrassment when the bartender asks, “What’ll it be?” Hop Roulette is a simple Azure Function that returns a random beer from an API. What use is this? It gives me a fun...

Read more

The History (and Future) of Asynchronous JavaScript

Everyone knows that JavaScript is eating the world. The problem is, there are lots of developers responsible for building software with JavaScript without a particularly deep knowledge of the language. It is easy to learn the basics and be productive, but newer programmers have a tendency to misuse some of JavaScript. Asynchronous JavaScript is particularly misunderstood. In this post, I will show you the most common ways to make asynchronous JavaScript calls and when to...

Read more

Navigating the ASP.NET Core Identity Landscape

These days, users of web application expect a personalized, secure experience. They want to make sure that they can easily get to their own information, and that no one else can access it. Developers of these web applications want a simple way to manage users and be assured that they have secured their users’ information from prying eyes. For developers of web applications written in ASP.NET Core, there are several choices for managing user identities....

Read more

Build and Understand Express Middleware through Examples

If you’ve done any significant Node development in the past seven or eight years, you’ve probably used Express to build a web server at some point. While you can create a server in Node without using a library, it doesn’t give you a lot out of the box and can be quite cumbersome to add functionality. Express is a minimalist, “unopinionated” server library and has become the de facto standard for building web apps in...

Read more

Build a SPA with ASP.NET Core 2.1, Stripe, and Angular 6

Buying things on the Internet has become a daily activity and is a feature many new projects require. In this tutorial, I will show you how to build an app to sell tickets using an Angular 6 single page app (SPA) using an ASP.NET Core 2.1 backend API. You’ll build both the Angular and ASP.NET Core applications and run them from within VS Code. Let’s get to it! Upgrade to Angular 6 I love to...

Read more

Upgrade your ASP.NET Core 2.1 App to Angular 6

With the release of ASP.NET Core, there are several templates in the DotNet CLI. One of those templates is an Angular template that scaffolds a single page application built with Angular and ASP.NET Core. The problem with that template is that it scaffolds an Angular 4.2.5 project and Angular released Angular 6 in May of 2018! In this post, not only will I show you how to build a base CRUD app with ASP.NET Core...

Read more

Build a Secure CRUD App with ASP.NET Core and React

These days it’s prevalent to have a “back-end” and a “front-end” allowing two (or more) teams to work on a project. Microsoft’s latest version of the ASP.NET Core framework is cross-platform and performant. Pairing it with the power and flexibility of Facebook’s React framework makes it a pretty stable platform. In this tutorial, I will show you how to build a secure CRUD (Create, Read, Update, and Delete) application using these two powerful technologies. When...

Read more

Deploy Your ASP.NET Core Application to Azure

One of the scariest features of Visual Studio is without a doubt right-click to publish. There are very few instances in which you’d actually want to make use of this “feature” and so many more in which it’s a terrible idea. In this post I’ll walk you through the right way to secure and deploy your new ASP.NET Core app to Azure. My method might not be as fast as right clicking to publish, but...

Read more

Build Secure Node Authentication with Passport.js and OpenID Connect

Building local or social login in Node can be simple with Passport.js. There are over 500 strategies already built that make it easy to wire up identity providers. But what do you do if your identity provider doesn’t already have a pre-built strategy? Do you have to build all that stuff yourself? Absolutely not! You can use generic strategies for Passport.js that make it easy to use your provider of choice without writing all the...

Read more

Policy-Based Authorization in ASP.NET Core

The authorization model in ASP.NET Core got a significant overhaul with the introduction of policy-based authorization. Authorization now uses requirements and handlers, which are decoupled from your controllers and loosely coupled to your data models. The result is a more modular, more testable authorization framework that fits into the modern ASP.NET Core approach nicely. If you’ve built a web or mobile app before, you know that even without these changes to ASP.NET Core’s authorization model,...

Read more

Use OpenID Connect for Authorization in Your ASP.NET MVC Framework 4.x App

A common practice in web applications is to have a restricted area for registered users, and perhaps another for administrators. Whether this restricted access area is premium content, or simply the order history for your e-commerce site’s users, it’s important that it be properly secured. OpenID Connect (OIDC) makes it easy, but it can be tricky to set up in ASP.NET MVC framework. In this post, I’ll show you how to create groups and use...

Read more

Add Auth to Your PWA with Okta and Stencil

Progressive Web Applications (PWAs) are the newest technology on the web dev block and they’ve arrived just in time to solve a growing problem. Many companies are struggling to keep isolated development teams across their organization up-to-date when new features are released. Some companies are even trying to decide if it’s worth the cost to develop both a web app and a mobile application. Not surprisingly, it’s a headache most companies are looking to avoid....

Read more

9 Talks I Can't Wait to See at Iterate

This year on February 27th my team at Okta will host our first ever developer conference, Iterate. It will be held in downtown San Francisco at Bespoke and has an incredible lineup of speakers from around the world. I am beyond excited to see some of the things that will be discussed. In this post I’d like to share with you the nine sessions I’m most looking forward to: 1. Our Opening Keynote with Jeff...

Read more

A Developer's Guide To Docker - Docker Swarm

Redundancy is a big deal when scaling websites. However, deploying and managing clusters of containers can quickly become untenable. While there are a few container orchestration tools out there like Kubernetes and Mesosphere (DC/OS), Docker has its own called Docker Swarm Mode. Swarm Mode allows you to deploy, scale, and manage clusters of Docker containers from a single command window. In this tutorial, I’ll show you how to create a swarm, create some virtual machines...

Read more

Build User Registration with Node, React, and Okta

Today’s internet users expect a personalized experience. Developers must learn to develop websites that provide that personalized experience while keeping their user’s information private. Modern web applications also tend to have a server-side API and a client-side user interface. it can be challenging to get make both ends aware of the currently logged in user. In this tutorial, I will walk you through setting up a Node API that feeds a React UI, and build...

Read more

How to Secure Your .NET Web API with Token Authentication

API security can be complex. In many cases, just because you’ve built an API that you want to make public, it doesn’t mean that you want just anybody accessing it. In most cases, you want fine-grained control over who can access the API, but setting up that kind of user management can be a daunting task: you’d have to create your own authorization service that can create API credentials for your users and have the...

Read more

Two Approaches to Setting Up a MERN Stack Application

The trend I’ve seen in web applications is a backend API written in a server-side technology like Node, with a front-end single-page application written in something like React. The problem with these stacks is that it can be hard to run and deploy them as a single unit. The API and UI will need to be started, stopped and deployed separately. That can be a bit of a pain when developing, and if you are...

Read more

Build a Preact App with Authentication

React is a fast, and lightweight library, which has led to fast adoption across the SPA (single-page app) ecosystem. Preact is an even lighter-and-faster alternative to React, weighing in at a measly 3kb! For less complex applications, it can be a great choice. In this tutorial, you’ll build a basic Preact application with a couple of pages and user authentication using the Okta Sign-In Widget. Bootstrap Your App With PreactCLI To get your project started,...

Read more

A Developer's Guide To Docker - Docker Compose

Good developers care as much about efficiency as they do about writing clean code. Containerization can add efficiency to both your workflow and your application, and has thus become all the rage among modern dev. And, as a good developer, you know that manually creating containers from images using docker run ... or even using the Dockerfile to create containers is less than ideal. How would you like to have one command that tells Docker...

Read more

User Authorization in ASP.NET Core with Okta

Authorization is the oft-forgotten piece of identity and access management. The fact is, almost every app needs more than just “are they signed in?” for authorization. Most times, you need to not only know who “they” are, but what access they are supposed to have. For instance, “are they in the administrator group?” or “are they in a group with some special privileges?” Today, you’ll learn how to do this with Okta in an ASP.NET...

Read more

A Developer's Guide To Docker - The Dockerfile

Creating a consistent environment for development, testing, staging, and production is one of the big benefits of using containers. Not only do containers make the entire environment portable, they remove environment-specific problems, like, “Why does it work in test, but not in production?” Usually, it’s a package or framework that’s installed on the test machine that is not on the production server. Containers carry all those dependencies with them, minimizing the possibility for those problems....

Read more

OpenID Connect for User Authentication in ASP.NET Core

In the age of the “personalized web experience”, authentication and user management is a given, and it’s easier than ever to tap into third-party authentication providers like Facebook, Twitter, and Google. And it’s not just the wild, wild web that needs it. Businesses need ways to secure their APIs, and identify users logged into their apps. OpenID Connect is a protocol for authenticating users. It is a specification by the OpenID Foundation describing the best...

Read more

7 Essential .NET Developer Tools for 2017

Every good dev knows that time spent setting up the perfect environment and searching out the latest tools is time well spent. Little things make a huge difference — upgrade your IDE plugins, automate a task or two, or look for new tools and libraries that can increase your efficiency. We’ve taken a crack at an updated list of our favorite .NET developer tools, that can simplify your life and amplify your work. 1. JSON.NET...

Read more

A Developer's Guide To Docker - A Gentle Introduction

It works on my machine. We’ve all heard it. Most of us have said it. It’s been impossible to get around it… until now. Not only can adding Docker to your development environment solve that issue, but it can make it drop-dead simple to onboard new developers, keep a team working forward and allow everyone on the team use their desired tools! Why Containers? “Aren’t containers just lightweight Virtual Machines?” That’s the question I get...

Read more

Seven Awesome New Features In Visual Studio 2017

Microsoft developers have been using Visual Studio for their IDE since before .NET was even a thing. Visual Studio is twenty years old this year, and on March 7th, 2017 Microsoft released the latest version of its flagship developer product, Visual Studio. With this release are a bunch of new features, improvements, and exciting changes for the beloved Microsoft developer environment. Here are seven features in the new IDE that will excite developers using the...

Read more

Build a React Application with User Authentication in 15 Minutes

React has quickly become one of the most favored front-end web frameworks, and is second only to plain old HTML5, according to JAXenter. So it’s no surprise that developers are learning it, and employers are asking for it. In this tutorial, you’ll start with a very simple React app with a couple of pages and some routing built in, and add authentication using Okta’s Sign-In Widget. The Sign-In Widget is an embeddable Javascript widget that...

Read more