Things Developers Get Wrong About the Backend for Frontend Pattern
Since I published my overview of the Backend for Frontend (BFF) pattern , the questions I've received fall into surprisingly consistent patterns. The …
Open Source
⚑ Report a ProblemLatest Open Source news from Tech News
All topics
AI
agents
ai
api
architecture
automation
aws
beginners
career
claude
database
devchallenge
devops
discuss
javascript
linux
llm
machinelearning
mcp
opensource
performance
productivity
programming
python
rust
security
showdev
tutorial
typescript
webdev
The Vercel/Context.ai Breach Wasn't a Vulnerability. It Was a Delegation Path.
On April 19, 2026, Vercel disclosed an incident involving one of its employee accounts. The confirmed chain was not a zero-day and not a cloud misconf…
Claude Code OAuth deep dive: how EmblemAI's MCP server handles auth
Claude Code OAuth deep dive: how EmblemAI's MCP server handles auth Most posts about MCP skip the auth part. Understandable — MCP is exciting, OAuth i…
Building Apps That Act on Behalf of OSC Users (OAuth + PKCE in 50 Lines)
Most cloud platforms lock you into a single-tenant model. Your app gets one set of credentials. Every user's data, every provisioned resource, every d…
RFC 7523 Deep Dive: JWT Profile
Introduction I perfectly understand how human users authenticate in modern web apps via OAuth 2.0. A browser opens, the user clicks "Allow" on a conse…
RFC 7636 Deep Dive: How PKCE Kills Authorization Code Interception Attacks
Introduction Last time, we tore apart the core mechanics of RFC 6749 (Authorization Code Grant) . RFC 6749 Deep Dive: Understanding OAuth 2.0 Design D…