Tip: This tutorial is part of our series on integrating Okta with popular infrastructure as a code solution. If you’re not into Chef, check out our Ansible, Puppet, and Terraform tutorials. Chef cookbooks are a great way to manage infrastructure at scale. However, like other configuration management tools, Chef works best when cookbooks don’t change often. This is easy to accomplish in typical server setup and configuration tasks like install Nginx and tweak conf file....

Read more

Rockstar chrome extension is a third-party, Non-Okta Application (as defined in Okta’s Master Subscription Agreement). Okta is not involved in making this chrome extension available, and we have neither oversight nor input into its security features and functionality. For questions regarding this, or any other, Non-Okta Application(s) your organization uses in connection with the Okta Service, please contact the application provider directly for more information. Rockstar is a Chrome extension that adds features to the...

Read more

Tip: This tutorial is part of our series on how to integrate Okta with popular Infrastructure as a Code solution. If you’re not into Ansible, check out our Puppet and Terraform tutorials. I love using Ansible to deploy and manage configuration at scale. However, like any other configuration management solution, Ansible works best when playbooks don’t change often. This is easy to accomplish when you manage only server artifacts and binaries, but it can get...

Read more

When you’re using a REST API, especially one that incurs costs or has usage limits, you need to use an API key to access the API in question. For example, if you’re creating a user account with the Okta API, you’ll need to include your API key in that request for it to succeed. Because API keys grant access to API calls which may change important data or incur significant charges. It is therefore important...

Read more

GitHub reconnaissance is a tactic that attackers use to gather information about their targets. Attackers analyze organizations’ GitHub repositories and check for sensitive data that has been accidentally committed or information that could lead to the discovery of a vulnerability. For this tutorial, let’s build a scanner that automates the GitHub recon process! We will be scanning your GitHub repositories using the method mentioned in the “Tightening Up Your GitHub Security” post. You will be...

Read more

If you use Puppet to automate configuration management across dynamic server fleets, there’s a question about identity & access management – how do you get accounts and credentials on the machines? A common practice is to push SSH Keys for every admin user to every server. This has major security implications, however. What happens when an administrator leaves the company? It is usually up to someone to clear out those keys on each machine, oftentimes...

Read more

Java has been at the forefront of microservice architectures since they came to prominence a few years ago. It’s a popular language with well-known, high-quality frameworks, like Spring Boot, Spring Cloud, Spring Data, and Spring Security. Spring Boot 2.0 introduced a new web framework called Spring WebFlux. Previous versions of Spring Boot only shipped with Spring MVC as an option. WebFlux offers a way for developers to do reactive programming. This means you can write...

Read more

Introduction to C# 9 (and a bit of C# 8, too) Let’s start with a background on how C# 9 got here (implementation examples start in the next section). The last few years in computer science, we’ve observed the rising popularity of the #FreeLunchOver concept. The idea is that CPU technology, based on electrical signals and Von Neumann architecture, has reached its intrinsic limits. As long as integrated circuits were slower than light, we knew...

Read more

MicroProfile is an open-source community project with the goal to encourage the development of Java microservice solutions. It was created in 2016 in response to the changing needs of modern web development. In particular, it seeks to foster the development of smaller, less monolithic services (microservices) that can run on faster release cycles than the typical, old-school Enterprise Java application. Shortly after its creation, it joined the Eclipse foundation. MicroProfile, in essence, is a set...

Read more

GraphQL is an incredibly powerful query language for APIs that helps improve performance and extensibility in your APIs. The query language is designed to allow developers to query exactly the data they need. As your API grows in size and scope, current consumers are unaffected by changes since their queries should return the same data. Apollo Client is a state management library for JavaScript. It fits seamlessly into React applications and can handle fetching, caching,...

Read more