I’ve been a musician most of my life. I was in bands when I was in junior high up until I joined the Army at 19. I started writing software a few years after getting out of the military and kinda put music to the side. Recently, I’ve started to play in bands again, and something struck me about the dynamics of playing with other musicians and how that prepared me for writing software on...

Read more

Posing this question on Twitter, I was amazed at the amount of responses it got: Check the thread out here. There were definitely some great points from both sides, but I wanted to explore my take on the choice in more depth. For clarity, GUIs are Graphic User Interfaces, and CLIs are Command Line Interfaces. Let’s start with: WHY COMMAND LINE INTERFACES SUCK (Don’t worry, it’s not that dramatic - just using a catchy title!...

Read more

In January of 2020, I was fortunate enough to join a 16 day voyage to Antarctica, and speak at a tech mastermind conference called AntarctiConf. Going to see the seventh continent was one of the coolest experiences of my life, and to top it all off I was joined by other incredible like-minded tech geeks and coders! I highly recommend adding Antartica to your travel bucket list as well, it is such a life-changing place...

Read more

What a year it has been! As I reflect on all I have learned in programming this year, there are a few exciting standouts that I wanted to share with you. By adjusting our thinking we can adopt better habits, therefore kind of setting up our own “action automation”. When you consider your New Year’s Resolutions as a software engineer, try a few of these suggestions out below. You might be surprised how much the...

Read more

I am a long-time relational database nerd, specifically SQL Server. At times in my career, I’ve focused on database design, deployments, migrations, administration, query optimization, and carefully crafting stored procedures, triggers, and views. I’ve written applications on top of SQL Server using Visual Basic, “Classic” ASP, ASP.NET, and, in recent years, Node.js. Yes, it’s true. You can build Node.js applications with SQL Server! In this tutorial, you will learn the basics of creating a Node.js...

Read more

Spring Boot 1.5.x made it easier than ever before to integrate Spring Security with OAuth 2.0 into your application. Spring Boot 2.1.x dials it up to 11 by making OpenID Connect a first class citizen in the stack. In this post, you start with Spring Boot 1.5.19 and Spring Security 4.2.x. You integrate it with Okta’s OAuth service. From there, you move onto Spring Boot 2.1.3 and Spring Security 5.1. You’ll see how integrating with...

Read more

Migrating sensitive user data from one system to another can be difficult (to say the least). While making incremental changes in your codebase to get rid of technical debt can be easy, replacing (or upgrading) something as critical and deeply-intertwined as your user management system can be a nightmare. In this guide, you’ll learn the best strategies and methods for migrating your user accounts from one backend to another in the simplest (and most secure)...

Read more

A few years ago I got “Jeep fever.” I began daydreaming about owning a Jeep, driving around with the top down, and going on trips into the mountains. That’s when it happened. Everywhere I went, I saw Jeeps. I passed countless Jeeps on the road. There were Jeeps in every parking lot. Practically everyone had a Jeep but me. Where did all these Jeeps come from?! Logically, I had to assume there was relatively the...

Read more

If you’re reading this post, there’s a good chance that you’re a web developer who’s very interested in web security. You’ve probably heard about OAuth or OpenID Connect (OIDC) before. You may have even used them at some point in your career. But here’s the thing: almost nobody actually cares about OAuth or OIDC. Not you, not me, and not even other developers in the security industry. To understand why nobody cares about these two...

Read more

For the last several years, JavaScript has been evolving on a steady cadence with new language features. If you’re curious to see what’s in store for the next version of JavaScript, this post is for you! Before we talk about the latest features, it’s important to understand how new ideas become part of the JavaScript language. The Process for New JavaScript Language Features In a nutshell, the language specification that drives JavaScript is called ECMAScript....

Read more

There’s never been a better time to be a programmer. Technology isn’t slowing down. Neither will the demand for innovative solutions to solve new challenges or take advantage of new opportunities. The key differentiation in the marketplace is often the one with the better technology. And companies are willing to pay big bucks for it. Not only are there new challenges and opportunities, but there are also better systems today to support programmers. Languages, code...

Read more

These days, when you hear someone talking about OAuth, it is likely they mean OAuth 2.0. Previous versions of the standard are deprecated. OAuth is an authorization framework that enables you to work with external systems in a secure way using digital identifiers called tokens. One type of token is called an access token. Its function is to allow you to exercise APIs securely. The API service can use the access token to determine if...

Read more

I started programming in Java way back in 1999. I had just started a job as the director of web development at a small startup called eDeploy.com. I wrote a lot of HTML, CSS, and JavaScript for a SaaS product that helped companies install network equipment. The backend for our app was written in Java and we deployed to iPlanet Application Server. At our height, we trusted Loudcloud to run our software. I experienced a...

Read more

There’s a frequent debate amongst development and marketing teams at companies around the world about whether or not their blog or website should be managed through a content management system (CMS) like Wordpress, Drupal, Squarespace, etc. or through a static site generator like Jekyll or Hugo. I’ve been blogging since 2006, writing websites since 2002, and I’ve built just about every possible type of website. Today I’d like to explain why static sites are the...

Read more

A couple weeks ago (Tuesday, Feb. 27) we officially ran the very first Iterate Developer Conference. Not only did we have a ton of fun throwing a developer conference, but it was also a huge success and succeeded in hitting all of our goals. In this post I’ll recap the Iterate experience from start to finish, including some interesting things I learned along the way. If you weren’t lucky enough to attend Iterate, don’t worry...

Read more

Several weeks ago a new critical vulnerability was discovered that affects many SAML implementations. This vulnerability was first reported by Kelby Ludwig of Duo Security and is particularly interesting to us (as a user management company) as it can be used to bypass authentication in a sinisterly simplistic way. In this post, we’ll take an in-depth look at this new SAML vulnerability, what it is, how it works, and what you need to know to...

Read more