<!DOCTYPE html><html lang="en"><head><link rel="shortcut icon mask-icon" type="image/svg+xml" href="https://cdn.auth0.com/website/website/favicons/auth0-favicon.svg"/><link rel="shortcut icon" type="image/svg+xml" href="https://cdn.auth0.com/website/website/favicons/auth0-favicon.svg"/><link rel="shortcut icon" type="image/png" href="https://cdn.auth0.com/website/website/favicons/auth0-favicon-48.png"/><link rel="icon" sizes="16x16" type="image/png" href="https://cdn.auth0.com/website/website/favicons/auth0-favicon-16.png"/><link rel="icon" sizes="32x32" type="image/png" href="https://cdn.auth0.com/website/website/favicons/auth0-favicon-32.png"/><link rel="icon" sizes="48x48" type="image/png" href="https://cdn.auth0.com/website/website/favicons/auth0-favicon-48.png"/><link rel="icon" sizes="96x96" type="image/png" href="https://cdn.auth0.com/website/website/favicons/auth0-favicon-96.png"/><link rel="icon" sizes="144x144" type="image/png" href="https://cdn.auth0.com/website/website/favicons/auth0-favicon-144.png"/><link rel="apple-touch-icon" sizes="180x180" href="https://cdn.auth0.com/website/website/favicons/auth0-favicon-180.png"/><link rel="stylesheet" href="https://cdn.auth0.com/styleguide/core/3.0.0/core.min.css"/><script class="optanon-category-4" type="text/plain">window.twttr=function(t,e,r){var n,i=t.getElementsByTagName(e)[0],w=window.twttr||{};return t.getElementById(r)?w:((n=t.createElement(e)).id=r,n.src="https://platform.twitter.com/widgets.js",i.parentNode.insertBefore(n,i),w._e=[],w.ready=function(t){w._e.push(t)},w)}(document,"script","twitter-wjs");</script><script class="optanon-category-4" type="text/plain">(function (h, o, t, j, a, r) {h.hj = h.hj || function () { (h.hj.q = h.hj.q || []).push(arguments) }; h._hjSettings = { hjid: 301495, hjsv: 5 }; a = o.getElementsByTagName('head')[0]; r = o.createElement('script'); r.async = 1; r.src = t + h._hjSettings.hjid + j + h._hjSettings.hjsv; a.appendChild(r);}(window, document, '//static.hotjar.com/c/hotjar-', '.js?sv='))</script><script class="optanon-category-4" type="text/plain"> window._6si = window._6si || []; window._6si.push(['enableEventTracking', true]); window._6si.push(['setToken', '17aa5119e1d44eeab301f44113230d69']); window._6si.push(['setEndpoint', 'b.6sc.co']); (function() { var gd = document.createElement('script'); gd.type = 'text/javascript'; gd.async = true; gd.src = '//j.6sc.co/6si.min.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(gd, s); })();</script><link rel="canonical" href="https://auth0.com/blog/"/><title>Auth0 Blog</title><meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=5.0"/><meta charSet="utf-8"/><meta name="description" content="Everything you need to know about Identity Infrastructure, Access Management, SSO and JWT Authentication. Company updates &amp; Technology Trends."/><meta property="fb:app_id" content="534074790006350"/><meta property="og:type" content="website"/><meta property="og:title" content="Auth0 Blog"/><meta property="og:site_name" content="Auth0 - Blog"/><meta property="og:description" content="Everything you need to know about Identity Infrastructure, Access Management, SSO and JWT Authentication. Company updates &amp; Technology Tr..."/><meta property="og:image" content="https://cdn.auth0.com/blog/illustrations/auth0.png"/><meta property="og:url" content="https://auth0.com/blog/"/><meta name="twitter:site" content="@auth0"/><meta name="twitter:creator" content="@auth0"/><meta name="twitter:title" content="Auth0 Blog"/><meta name="twitter:description" content="Everything you need to know about Identity Infrastructure, Access Management, SSO and JWT Authentication. Company updates &amp; Technology Trends."/><meta name="twitter:url" content="https://auth0.com/blog/"/><meta name="twitter:card" content="summary"/><meta name="twitter:image" content="https://cdn.auth0.com/blog/illustrations/auth0.png"/><meta name="twitter:image:height" content="512"/><meta name="twitter:image:width" content="1024"/><meta name="HandheldFriendly" content="True"/><meta name="MobileOptimized" content="320"/><meta class="swiftype" name="title" data-type="string" content="Auth0 Blog"/><meta class="swiftype" name="type" data-type="enum" content="blog"/><meta class="swiftype" name="popularity" data-type="integer" content="1"/><link rel="manifest" href="https://auth0.com/blog/manifest.json"/><link type="application/atom+xml" rel="alternate" href="https://auth0.com/blog/rss.xml" title="Auth0 Blog"/><link type="application/opensearchdescription+xml" rel="search" href="https://auth0.com/blog/osd.xml"/><link rel="preload" href="https://gdpr-service.herokuapp.com/get-country-region" as="fetch" crossorigin="anonymous"/><meta name="next-head-count" content="34"/><noscript data-n-css=""></noscript><script defer="" nomodule="" src="/blog/_next/static/chunks/polyfills-5cd94c89d3acac5f.js"></script><script src="/blog/_next/static/chunks/webpack-1b139f7f105f29d0.js" defer=""></script><script src="/blog/_next/static/chunks/framework-7937d74165d2993d.js" defer=""></script><script src="/blog/_next/static/chunks/main-c16094a955a57664.js" defer=""></script><script src="/blog/_next/static/chunks/pages/_app-7c3c48415dd9d54f.js" defer=""></script><script src="/blog/_next/static/chunks/9236dd9e-5d3c864289962a6d.js" defer=""></script><script src="/blog/_next/static/chunks/d81dd7c5-881fac382d625749.js" defer=""></script><script src="/blog/_next/static/chunks/1332-207222a61b837ea7.js" defer=""></script><script src="/blog/_next/static/chunks/1160-44dd30190751e9f9.js" defer=""></script><script src="/blog/_next/static/chunks/9418-4267d210fc322e4b.js" defer=""></script><script src="/blog/_next/static/chunks/6554-9e23ed423103e3ee.js" defer=""></script><script src="/blog/_next/static/chunks/501-049ecaad17680508.js" defer=""></script><script src="/blog/_next/static/chunks/pages/blog-5ee0e4108a0c4e37.js" defer=""></script><script src="/blog/_next/static/fqTJ5IMwwhr2DeM4g1WmL/_buildManifest.js" defer=""></script><script src="/blog/_next/static/fqTJ5IMwwhr2DeM4g1WmL/_ssgManifest.js" defer=""></script><script src="/blog/_next/static/fqTJ5IMwwhr2DeM4g1WmL/_middlewareManifest.js" defer=""></script><style data-styled="" data-styled-version="5.2.1">html{line-height:1.15;-webkit-text-size-adjust:100%;}/*!sc*/ body{margin:0;}/*!sc*/ main{display:block;}/*!sc*/ h1{font-size:2em;margin:0.67em 0;}/*!sc*/ hr{box-sizing:content-box;height:0;overflow:visible;}/*!sc*/ pre{font-family:monospace,monospace;font-size:1em;}/*!sc*/ a{background-color:transparent;}/*!sc*/ abbr[title]{border-bottom:none;-webkit-text-decoration:underline;text-decoration:underline;-webkit-text-decoration:underline dotted;text-decoration:underline dotted;}/*!sc*/ b,strong{font-weight:bolder;}/*!sc*/ code,kbd,samp{font-family:monospace,monospace;font-size:1em;}/*!sc*/ small{font-size:80%;}/*!sc*/ sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline;}/*!sc*/ sub{bottom:-0.25em;}/*!sc*/ sup{top:-0.5em;}/*!sc*/ img{border-style:none;}/*!sc*/ button,input,optgroup,select,textarea{font-family:inherit;font-size:100%;line-height:1.15;margin:0;}/*!sc*/ button,input{overflow:visible;}/*!sc*/ button,select{text-transform:none;}/*!sc*/ button,[type="button"],[type="reset"],[type="submit"]{-webkit-appearance:button;}/*!sc*/ button::-moz-focus-inner,[type="button"]::-moz-focus-inner,[type="reset"]::-moz-focus-inner,[type="submit"]::-moz-focus-inner{border-style:none;padding:0;}/*!sc*/ button:-moz-focusring,[type="button"]:-moz-focusring,[type="reset"]:-moz-focusring,[type="submit"]:-moz-focusring{outline:1px dotted ButtonText;}/*!sc*/ fieldset{padding:0.35em 0.75em 0.625em;}/*!sc*/ legend{box-sizing:border-box;color:inherit;display:table;max-width:100%;padding:0;white-space:normal;}/*!sc*/ progress{vertical-align:baseline;}/*!sc*/ textarea{overflow:auto;}/*!sc*/ [type="checkbox"],[type="radio"]{box-sizing:border-box;padding:0;}/*!sc*/ [type="number"]::-webkit-inner-spin-button,[type="number"]::-webkit-outer-spin-button{height:auto;}/*!sc*/ [type="search"]{-webkit-appearance:textfield;outline-offset:-2px;}/*!sc*/ [type="search"]::-webkit-search-decoration{-webkit-appearance:none;}/*!sc*/ ::-webkit-file-upload-button{-webkit-appearance:button;font:inherit;}/*!sc*/ details{display:block;}/*!sc*/ summary{display:list-item;}/*!sc*/ template{display:none;}/*!sc*/ [hidden]{display:none;}/*!sc*/ data-styled.g52[id="sc-global-ecVvVt1"]{content:"sc-global-ecVvVt1,"}/*!sc*/ @font-face{font-family:'Aeonik';font-style:normal;font-weight:400;font-display:swap;src:local('Aeonik-Regular'),url('https://cdn.auth0.com/website/cic-homepage/fonts/Aeonik-Regular.woff2') format('woff2');}/*!sc*/ @font-face{font-family:'Aeonik';font-style:normal;font-weight:500;font-display:swap;src:local('Aeonik-Medium'),url('https://cdn.auth0.com/website/cic-homepage/fonts/Aeonik-Medium.woff2') format('woff2');}/*!sc*/ @font-face{font-family:'Aeonik Mono';font-style:normal;font-weight:400;font-display:swap;src:local('AeonikMono-Regular'),url('https://cdn.auth0.com/website/okta-fonts/AeonikMono-Regular.woff2') format('woff2');}/*!sc*/ @font-face{font-family:'Aeonik Mono';font-style:normal;font-weight:500;font-display:swap;src:local('AeonikMono-Medium'),url('https://cdn.auth0.com/website/okta-fonts/AeonikMono-Medium.ttf') format('woff2');}/*!sc*/ @font-face{font-family:'Inter';font-style:normal;font-weight:400;font-display:swap;src:local('Inter-Regular'),url('https://cdn.auth0.com/website/fonts/Inter-Regular.woff2') format('woff2');}/*!sc*/ @font-face{font-family:'Inter';font-style:normal;font-weight:500;font-display:swap;src:local('Inter-Medium'),url('https://cdn.auth0.com/website/fonts/Inter-Medium.woff2') format('woff2');}/*!sc*/ @font-face{font-family:'Inter';font-style:normal;font-weight:700;font-display:swap;src:local('Inter-Bold'),url('https://cdn.auth0.com/website/fonts/Inter-Bold.woff2') format('woff2');}/*!sc*/ :root{--content-width:120rem;--font-main:'fakt-web',sans-serif;}/*!sc*/ .lightbox{width:100%;height:100%;position:fixed;top:0;left:0;background:rgba(0,0,0,0.85);z-index:9999999;line-height:0;cursor:pointer;}/*!sc*/ .lightbox-image{max-width:100%;cursor:pointer;margin:0 auto;display:block;}/*!sc*/ .lightbox img{position:relative;top:50%;left:50%;-ms-transform:translateX(-50%) translateY(-50%);-webkit-transform:translate(-50%,-50%);-webkit-transform:translate(-50%,-50%);-ms-transform:translate(-50%,-50%);transform:translate(-50%,-50%);max-width:100%;max-height:100%;}/*!sc*/ @media screen and (min-width:1200px){.lightbox img{max-width:1200px;}}/*!sc*/ @media screen and (min-height:1200px){.lightbox img{max-height:1200px;}}/*!sc*/ .lightbox span{display:block;position:fixed;bottom:13px;height:1.5em;line-height:1.4em;width:100%;text-align:center;color:white;text-shadow:-1px -1px 0 #000,1px -1px 0 #000,-1px 1px 0 #000,1px 1px 0 #000;font-family:'fakt-web','Helvetica Neue',Hevetica,sans-serif;font-size:18px;}/*!sc*/ .lightbox .videoWrapperContainer{position:relative;top:50%;left:50%;-ms-transform:translateX(-50%) translateY(-50%);-webkit-transform:translate(-50%,-50%);-webkit-transform:translate(-50%,-50%);-ms-transform:translate(-50%,-50%);transform:translate(-50%,-50%);max-width:900px;max-height:100%;}/*!sc*/ .lightbox .videoWrapperContainer .videoWrapper{height:0;line-height:0;margin:0;padding:0;position:relative;padding-bottom:56.333%;background:black;}/*!sc*/ .lightbox .videoWrapper iframe{position:absolute;top:0;left:0;width:100%;height:100%;border:0;display:block;}/*!sc*/ .lightbox #prev,.lightbox #next{height:50px;line-height:36px;display:none;margin-top:-25px;position:fixed;top:50%;padding:0 15px;cursor:pointer;-webkit-text-decoration:none;text-decoration:none;z-index:99;color:white;font-size:60px;font-family:'fakt-web','Helvetica Neue',Hevetica,sans-serif;}/*!sc*/ .lightbox.gallery #prev,.lightbox.gallery #next{display:block;}/*!sc*/ .lightbox #prev{left:0;}/*!sc*/ .lightbox #next{right:0;}/*!sc*/ .lightbox #close{height:50px;width:50px;position:fixed;cursor:pointer;-webkit-text-decoration:none;text-decoration:none;z-index:99;right:0;top:0;}/*!sc*/ .lightbox #close:after,.lightbox #close:before{position:absolute;margin-top:22px;margin-left:14px;content:'';height:3px;background:white;width:23px;-webkit-transform-origin:50% 50%;-ms-transform-origin:50% 50%;transform-origin:50% 50%;-webkit-transform:rotate(-45deg);-ms-transform:rotate(-45deg);transform:rotate(-45deg);}/*!sc*/ .lightbox #close:after{-webkit-transform:rotate(45deg);-ms-transform:rotate(45deg);transform:rotate(45deg);}/*!sc*/ .lightbox,.lightbox *{-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none;}/*!sc*/ body{box-sizing:border-box;font-family:var(--font-main);font-size:2rem;line-height:3.2rem;}/*!sc*/ html{font-size:10px;}/*!sc*/ data-styled.g53[id="sc-global-guUULU1"]{content:"sc-global-guUULU1,"}/*!sc*/ html{font-size:62.5%;}/*!sc*/ body.modal-open{overflow:hidden;}/*!sc*/ data-styled.g54[id="sc-global-gUclnr1"]{content:"sc-global-gUclnr1,"}/*!sc*/ .etdOck{margin:0;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;background:linear-gradient(0deg,rgba(255,255,255,0.40) 0%,rgba(255,255,255,0.40) 100%),radial-gradient(123.72% 71.29% at 7.15% 100%,#FFF 0%,rgba(255,255,255,0.00) 100%),radial-gradient(234.4% 144.94% at 84.62% 0%,#FFF 0%,rgba(255,255,255,0.00) 100%),linear-gradient(26deg,rgba(255,255,255,0.17) -32.04%,rgba(255,255,255,0.00) 133.43%);border-width:0;border-radius:0.6rem;border-style:solid;color:#000000;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;font-size:1.6rem;line-height:2.4rem;-webkit-box-pack:center;-webkit-justify-content:center;-ms-flex-pack:center;justify-content:center;padding:1.2rem 3.2rem;width:100%;height:-webkit-fit-content;height:-moz-fit-content;height:fit-content;-webkit-text-decoration:none;text-decoration:none;-webkit-transition:all 0.4s ease-in-out;transition:all 0.4s ease-in-out;font-family:Aeonik,sans-serif;font-style:normal;font-weight:500;position:relative;overflow:hidden;box-shadow:0px -16px 24px 0px rgba(255,255,255,0.48) inset,0px 4px 4px 0px rgba(0,0,0,0.25);}/*!sc*/ @media screen and (min-width:900px){.etdOck{width:-webkit-fit-content;width:-moz-fit-content;width:fit-content;}}/*!sc*/ .etdOck:active{color:#191919;background:linear-gradient(0deg,rgba(0,0,0,0.20) 0%,rgba(0,0,0,0.20) 100%),linear-gradient(0deg,rgba(255,255,255,0.70) 0%,rgba(255,255,255,0.70) 100%),radial-gradient(120.32% 83.76% at 50% 100%,#FFF 0%,rgba(255,255,255,0.00) 100%),radial-gradient(47.47% 14.92% at 50% 0%,#FFF 0%,rgba(255,255,255,0.00) 100%),radial-gradient(67.49% 95.06% at 50% 15.5%,#FFF 0%,rgba(255,255,255,0.36) 100%),radial-gradient(33.16% 50% at 50% 0%,#FFF 0%,rgba(255,255,255,0.00) 100%);}/*!sc*/ .etdOck:hover{-webkit-transition:all 0.4s ease-in-out;transition:all 0.4s ease-in-out;color:#191919;background:linear-gradient(0deg,rgba(255,255,255,0.70) 0%,rgba(255,255,255,0.70) 100%),radial-gradient(120.32% 83.76% at 50% 100%,#FFF 0%,rgba(255,255,255,0.00) 100%),radial-gradient(47.47% 14.92% at 50% 0%,#FFF 0%,rgba(255,255,255,0.00) 100%),radial-gradient(67.49% 95.06% at 50% 15.5%,#FFF 0%,rgba(255,255,255,0.36) 100%),radial-gradient(33.16% 50% at 50% 0%,#FFF 0%,rgba(255,255,255,0.00) 100%);cursor:pointer;}/*!sc*/ .etdOck:hover{box-shadow:0px 8px 28px 0px rgba(255,255,255,0.08);}/*!sc*/ .etdOck:active{box-shadow:0px 8px 28px 0px rgba(255,255,255,0.08);}/*!sc*/ .etdOck:disabled{box-shadow:0px -16px 24px 0px rgba(255,255,255,0.48) inset,0px 4px 4px 0px rgba(0,0,0,0.25);}/*!sc*/ .etdOck span{z-index:3;}/*!sc*/ .etdOck:hover{background:linear-gradient(0deg,rgba(255,255,255,0.40) 0%,rgba(255,255,255,0.40) 100%),radial-gradient(123.72% 71.29% at 7.15% 100%,#FFF 0%,rgba(255,255,255,0.00) 100%),radial-gradient(234.4% 144.94% at 84.62% 0%,#FFF 0%,rgba(255,255,255,0.00) 100%),linear-gradient(26deg,rgba(255,255,255,0.17) -32.04%,rgba(255,255,255,0.00) 133.43%);}/*!sc*/ .etdOck::before{content:'';width:100%;height:100%;display:inline-block;background:linear-gradient(0deg,rgba(255,255,255,0.70) 0%,rgba(255,255,255,0.70) 100%),radial-gradient(120.32% 83.76% at 50% 100%,#FFF 0%,rgba(255,255,255,0.00) 100%),radial-gradient(47.47% 14.92% at 50% 0%,#FFF 0%,rgba(255,255,255,0.00) 100%),radial-gradient(67.49% 95.06% at 50% 15.5%,#FFF 0%,rgba(255,255,255,0.36) 100%),radial-gradient(33.16% 50% at 50% 0%,#FFF 0%,rgba(255,255,255,0.00) 100%);opacity:0;position:absolute;-webkit-transition:all 0.4s ease-in-out;transition:all 0.4s ease-in-out;}/*!sc*/ .etdOck:hover::before{opacity:1;}/*!sc*/ .cmgpvv{margin:0;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;background:linear-gradient(26deg,rgba(255,255,255,0.15) -32.04%,rgba(255,255,255,0.00) 133.43%);border-width:1.5px;border-color:linear-gradient(29.98deg,rgba(255,254,250,0.7) 23.72%,rgba(255,254,250,0) 107.71%);border-radius:0.6rem;border-style:solid;color:#FFFEFA;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;font-size:1.6rem;line-height:2.4rem;-webkit-box-pack:center;-webkit-justify-content:center;-ms-flex-pack:center;justify-content:center;padding:1.2rem 3.2rem;width:100%;height:-webkit-fit-content;height:-moz-fit-content;height:fit-content;-webkit-text-decoration:none;text-decoration:none;-webkit-transition:all 0.4s ease-in-out;transition:all 0.4s ease-in-out;font-family:Aeonik,sans-serif;font-style:normal;font-weight:500;position:relative;overflow:hidden;border:none;}/*!sc*/ @media screen and (min-width:900px){.cmgpvv{width:-webkit-fit-content;width:-moz-fit-content;width:fit-content;}}/*!sc*/ .cmgpvv:active{color:rgba(255,254,250,0.8);border-color:linear-gradient(29.98deg,rgba(255,254,250,0.8) 23.72%,rgba(255,254,250,0) 107.71%);background:linear-gradient(0deg,rgba(0,0,0,0.20) 0%,rgba(0,0,0,0.20) 100%),linear-gradient(26deg,rgba(255,255,255,0.08) -32.04%,rgba(255,255,255,0.00) 133.43%);}/*!sc*/ .cmgpvv:hover{-webkit-transition:all 0.4s ease-in-out;transition:all 0.4s ease-in-out;border-color:linear-gradient(29.98deg,rgba(255,254,250,0.8) 23.72%,rgba(255,254,250,0) 107.71%);color:#FFFEFA;background:radial-gradient(72.18% 56.98% at 50% 100%,rgba(255,255,255,0.20) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(100.79% 100% at 50% 0%,rgba(255,255,255,0.40) 0%,rgba(255,255,255,0.00) 100%),linear-gradient(26deg,rgba(255,255,255,0.08) -32.04%,rgba(255,255,255,0.00) 133.43%);cursor:pointer;}/*!sc*/ .cmgpvv span{z-index:3;}/*!sc*/ .cmgpvv:hover{background:linear-gradient(26deg,rgba(255,255,255,0.15) -32.04%,rgba(255,255,255,0.00) 133.43%);}/*!sc*/ .cmgpvv::before{content:'';width:100%;height:100%;display:inline-block;background:radial-gradient(72.18% 56.98% at 50% 100%,rgba(255,255,255,0.20) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(100.79% 100% at 50% 0%,rgba(255,255,255,0.40) 0%,rgba(255,255,255,0.00) 100%),linear-gradient(26deg,rgba(255,255,255,0.08) -32.04%,rgba(255,255,255,0.00) 133.43%);opacity:0;position:absolute;-webkit-transition:all 0.4s ease-in-out;transition:all 0.4s ease-in-out;}/*!sc*/ .cmgpvv:hover::before{opacity:1;}/*!sc*/ .cmgpvv span{z-index:10;}/*!sc*/ .cmgpvv::after{content:'';width:100%;height:100%;display:inline-block;position:absolute;border-radius:6px;padding:1.5px;z-index:999;background:linear-gradient(29.98deg,rgba(255,254,250,0.7) 23.72%,rgba(255,254,250,0) 107.71%);-webkit-mask:linear-gradient(#fff 0 0) content-box,linear-gradient(#fff 0 0);-webkit-mask-composite:xor;-webkit-mask-composite:exclude;mask-composite:exclude;-webkit-transition:all 0.4s ease-in-out;transition:all 0.4s ease-in-out;}/*!sc*/ .cmgpvv:active::after{background:linear-gradient(0deg,rgba(0,0,0,0.2),rgba(0,0,0,0.2)),linear-gradient(29.98deg,rgba(255,254,250,0.7) 23.72%,rgba(255,254,250,0) 107.71%);}/*!sc*/ .cmgpvv:hover::after{background:linear-gradient(29.98deg,rgba(255,254,250,0.8) 23.72%,rgba(255,254,250,0) 107.71%);}/*!sc*/ .cmgpvv:disabled::after{background:linear-gradient(29.98deg,rgba(255,254,250,0.7) 23.72%,rgba(255,254,250,0) 107.71%);}/*!sc*/ .dmEnyJ{margin:0;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;background:radial-gradient(223% 105.53% at 6.05% 199.17%,rgba(255,255,255,0.14) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(31.68% 130.91% at 100% 0%,rgba(255,255,255,0.20) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(43.14% 139.47% at 0% 136.21%,rgba(227,235,255,0.30) 0%,rgba(255,255,255,0.00) 100%),linear-gradient(170deg,#4016A0 7.99%,#3F59E4 93.36%);border-width:0;border-color:radial-gradient(223% 105.53% at 6.05% 199.17%,rgba(255,255,255,0.14) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(31.68% 130.91% at 100% 0%,rgba(255,255,255,0.20) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(43.14% 139.47% at 0% 136.21%,rgba(227,235,255,0.30) 0%,rgba(255,255,255,0.00) 100%),linear-gradient(170deg,#4016A0 7.99%,#3F59E4 93.36%);border-radius:0.6rem;border-style:solid;color:#FFFEFA;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;font-size:1.6rem;line-height:2.4rem;-webkit-box-pack:center;-webkit-justify-content:center;-ms-flex-pack:center;justify-content:center;padding:1.2rem 3.2rem;width:100%;height:-webkit-fit-content;height:-moz-fit-content;height:fit-content;-webkit-text-decoration:none;text-decoration:none;-webkit-transition:all 0.4s ease-in-out;transition:all 0.4s ease-in-out;font-family:Aeonik,sans-serif;font-style:normal;font-weight:500;position:relative;overflow:hidden;}/*!sc*/ @media screen and (min-width:900px){.dmEnyJ{width:-webkit-fit-content;width:-moz-fit-content;width:fit-content;}}/*!sc*/ .dmEnyJ:active{color:rgba(255,254,250,0.8);border-color:radial-gradient(1357.61% 111.93% at 58.53% 60.34%,rgba(255,255,255,0.40) 0%,rgba(180,155,252,0.00) 0.01%,rgba(182,202,255,0.40) 100%),radial-gradient(69% 81.35% at -8.65% 100%,rgba(255,255,255,0.20) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(637.58% 79.63% at 96.25% -14.82%,rgba(255,255,255,0.20) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(1373.34% 61.44% at -8.75% 153.45%,rgba(227,235,255,0.30) 0%,rgba(255,255,255,0.00) 100%),linear-gradient(170deg,#3F59E4 7.99%,#3F59E4 93.36%);background:linear-gradient(0deg,rgba(0,0,0,0.20) 0%,rgba(0,0,0,0.20) 100%),radial-gradient(1357.61% 111.93% at 58.53% 60.34%,rgba(255,255,255,0.40) 0%,rgba(180,155,252,0.00) 0.01%,rgba(182,202,255,0.40) 100%),radial-gradient(69% 81.35% at -8.65% 100%,rgba(255,255,255,0.20) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(637.58% 79.63% at 96.25% -14.82%,rgba(255,255,255,0.20) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(1373.34% 61.44% at -8.75% 153.45%,rgba(227,235,255,0.30) 0%,rgba(255,255,255,0.00) 100%),linear-gradient(170deg,#3F59E4 7.99%,#3F59E4 93.36%);-webkit-backdrop-filter:blur(34px);backdrop-filter:blur(34px);}/*!sc*/ .dmEnyJ:hover{-webkit-transition:all 0.4s ease-in-out;transition:all 0.4s ease-in-out;border-color:radial-gradient(1357.61% 111.93% at 58.53% 60.34%,rgba(255,255,255,0.40) 0%,rgba(180,155,252,0.00) 0.01%,rgba(182,202,255,0.40) 100%),radial-gradient(69% 81.35% at -8.65% 100%,rgba(255,255,255,0.20) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(637.58% 79.63% at 96.25% -14.82%,rgba(255,255,255,0.20) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(1373.34% 61.44% at -8.75% 153.45%,rgba(227,235,255,0.30) 0%,rgba(255,255,255,0.00) 100%),linear-gradient(170deg,#3F59E4 7.99%,#3F59E4 93.36%);color:#FFFEFA;background:radial-gradient(1357.61% 111.93% at 58.53% 60.34%,rgba(255,255,255,0.40) 0%,rgba(180,155,252,0.00) 0.01%,rgba(182,202,255,0.40) 100%),radial-gradient(69% 81.35% at -8.65% 100%,rgba(255,255,255,0.20) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(637.58% 79.63% at 96.25% -14.82%,rgba(255,255,255,0.20) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(1373.34% 61.44% at -8.75% 153.45%,rgba(227,235,255,0.30) 0%,rgba(255,255,255,0.00) 100%),linear-gradient(170deg,#3F59E4 7.99%,#3F59E4 93.36%);cursor:pointer;-webkit-backdrop-filter:blur(34px);backdrop-filter:blur(34px);}/*!sc*/ .dmEnyJ:hover{box-shadow:0px 8px 55px 0px rgba(182,202,255,0.24);}/*!sc*/ .dmEnyJ:active{box-shadow:0px 8px 55px 0px rgba(182,202,255,0.24);}/*!sc*/ .dmEnyJ span{z-index:3;}/*!sc*/ .dmEnyJ:hover{background:radial-gradient(223% 105.53% at 6.05% 199.17%,rgba(255,255,255,0.14) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(31.68% 130.91% at 100% 0%,rgba(255,255,255,0.20) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(43.14% 139.47% at 0% 136.21%,rgba(227,235,255,0.30) 0%,rgba(255,255,255,0.00) 100%),linear-gradient(170deg,#4016A0 7.99%,#3F59E4 93.36%);}/*!sc*/ .dmEnyJ::before{content:'';width:100%;height:100%;display:inline-block;background:radial-gradient(1357.61% 111.93% at 58.53% 60.34%,rgba(255,255,255,0.40) 0%,rgba(180,155,252,0.00) 0.01%,rgba(182,202,255,0.40) 100%),radial-gradient(69% 81.35% at -8.65% 100%,rgba(255,255,255,0.20) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(637.58% 79.63% at 96.25% -14.82%,rgba(255,255,255,0.20) 0%,rgba(255,255,255,0.00) 100%),radial-gradient(1373.34% 61.44% at -8.75% 153.45%,rgba(227,235,255,0.30) 0%,rgba(255,255,255,0.00) 100%),linear-gradient(170deg,#3F59E4 7.99%,#3F59E4 93.36%);opacity:0;position:absolute;-webkit-transition:all 0.4s ease-in-out;transition:all 0.4s ease-in-out;}/*!sc*/ .dmEnyJ:hover::before{opacity:1;}/*!sc*/ data-styled.g55[id="styled__Button-sc-1hwml9q-0"]{content:"etdOck,cmgpvv,dmEnyJ,"}/*!sc*/ .FYDuM.FYDuM.FYDuM{color:#99A7F1;-webkit-text-decoration:underline;text-decoration:underline;}/*!sc*/ .bPWQw.bPWQw.bPWQw{width:100%;}/*!sc*/ .bKQnZO.bKQnZO.bKQnZO{margin-top:1.6rem;width:100%;}/*!sc*/ .iCUAvT.iCUAvT.iCUAvT{color:#ABABAB;font-weight:500;line-height:1.8rem;margin-bottom:2.1rem;}/*!sc*/ .eldvFb.eldvFb.eldvFb{-webkit-text-decoration:none;text-decoration:none;line-height:2.2rem;}/*!sc*/ .bdewcp.bdewcp.bdewcp{color:#8c929c;margin:0;}/*!sc*/ .eTNTBu.eTNTBu.eTNTBu{font-family:Aeonik,sans-serif;color:#FFFFFF;margin:0.4rem 0 0;font-weight:500;font-size:1.6rem;line-height:2rem;}/*!sc*/ .czoLEI.czoLEI.czoLEI{display:block;-webkit-text-decoration:underline;text-decoration:underline;}/*!sc*/ .jrcqSi.jrcqSi.jrcqSi{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-text-decoration:none;text-decoration:none;}/*!sc*/ .kXdnOe.kXdnOe.kXdnOe{font-family:Aeonik,sans-serif;color:#e5e5e5;font-size:1.4rem;-webkit-letter-spacing:0.015rem;-moz-letter-spacing:0.015rem;-ms-letter-spacing:0.015rem;letter-spacing:0.015rem;line-height:2rem;}/*!sc*/ .dKTRwW.dKTRwW.dKTRwW{color:#8c929c;}/*!sc*/ .crZFdA.crZFdA.crZFdA{-webkit-text-decoration:none;text-decoration:none;display:block;}/*!sc*/ .iyreho.iyreho.iyreho{margin-right:1.6rem;-webkit-letter-spacing:0.032rem;-moz-letter-spacing:0.032rem;-ms-letter-spacing:0.032rem;letter-spacing:0.032rem;white-space:nowrap;}/*!sc*/ @media screen and (min-width:1200px){.iyreho.iyreho.iyreho{padding:0.8rem 2.4rem;}}/*!sc*/ .dTOMa-D.dTOMa-D.dTOMa-D{-webkit-letter-spacing:0.032rem;-moz-letter-spacing:0.032rem;-ms-letter-spacing:0.032rem;letter-spacing:0.032rem;white-space:nowrap;}/*!sc*/ @media screen and (min-width:1200px){.dTOMa-D.dTOMa-D.dTOMa-D{padding:0.8rem 2.2rem;}}/*!sc*/ .cvLfHs.cvLfHs.cvLfHs{color:#FFFEFA;}/*!sc*/ .lmzreS.lmzreS.lmzreS{padding:1.6rem;color:#8E8E8E;}/*!sc*/ .hdAWxm.hdAWxm.hdAWxm{padding-bottom:1.6rem;border-bottom:0.1rem solid #2A2A2A;margin-bottom:3.2rem;max-width:131.2rem;}/*!sc*/ .bQXgzY.bQXgzY.bQXgzY{text-transform:capitalize;color:#E991B0;border:1px solid #E991B054;background:rgba(0,0,0,0.33);width:-webkit-fit-content;width:-moz-fit-content;width:fit-content;padding:0.2rem 0.6rem;border-radius:.6rem;white-space:nowrap;}/*!sc*/ @media screen and (min-width:900px){.gbKHFx.gbKHFx.gbKHFx{font-size:1.3rem;}}/*!sc*/ @media screen and (min-width:900px){.gbKHFx.gbKHFx.gbKHFx{-webkit-letter-spacing:0.05rem;-moz-letter-spacing:0.05rem;-ms-letter-spacing:0.05rem;letter-spacing:0.05rem;}}/*!sc*/ @media screen and (min-width:1200px){.glCwmv.glCwmv.glCwmv{font-size:2.8rem;}}/*!sc*/ @media screen and (min-width:1200px){.glCwmv.glCwmv.glCwmv{line-height:3.6rem;}}/*!sc*/ .bBeyP.bBeyP.bBeyP{color:#E5E5E5;font-weight:400;}/*!sc*/ .kDCTrn.kDCTrn.kDCTrn{padding:1.6rem 0;border-bottom:0.1rem solid #555555;display:none;color:#ABABAB;}/*!sc*/ @media screen and (min-width:1200px){.kDCTrn.kDCTrn.kDCTrn{display:block;}}/*!sc*/ @media screen and (min-width:1200px){.cvntAt.cvntAt.cvntAt{font-size:3.2rem;}}/*!sc*/ @media screen and (min-width:1200px){.cvntAt.cvntAt.cvntAt{line-height:4.4rem;}}/*!sc*/ .keBOjr.keBOjr.keBOjr{color:#FFFEFA;opacity:0.5;}/*!sc*/ .gINUVb.gINUVb.gINUVb{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}/*!sc*/ .iJffKk.iJffKk.iJffKk{color:#99A7F1;z-index:1;}/*!sc*/ .bCeHxC.bCeHxC.bCeHxC{-webkit-letter-spacing:-0.032rem;-moz-letter-spacing:-0.032rem;-ms-letter-spacing:-0.032rem;letter-spacing:-0.032rem;margin-bottom:1.2rem;color:#FFFEFA;z-index:1;}/*!sc*/ @media screen and (min-width:900px){.bCeHxC.bCeHxC.bCeHxC{font-size:3.2rem;}}/*!sc*/ @media screen and (min-width:900px){.bCeHxC.bCeHxC.bCeHxC{line-height:4.4rem;}}/*!sc*/ @media screen and (min-width:900px){.bCeHxC.bCeHxC.bCeHxC{max-width:50%;}}/*!sc*/ @media screen and (min-width:1200px){.bCeHxC.bCeHxC.bCeHxC{max-width:none;}}/*!sc*/ .fMkBdy.fMkBdy.fMkBdy{padding:4.8rem 0;background-size:cover;max-width:100%;}/*!sc*/ @media screen and (min-width:900px){.fMkBdy.fMkBdy.fMkBdy{padding:6.4rem 0;}}/*!sc*/ @media screen and (min-width:1200px){.fMkBdy.fMkBdy.fMkBdy{padding:8rem 0 14rem;}}/*!sc*/ .jbTxDN.jbTxDN.jbTxDN{z-index:1;}/*!sc*/ @media screen and (min-width:900px){.jbTxDN.jbTxDN.jbTxDN{grid-column:1 / 13;}}/*!sc*/ @media screen and (min-width:1200px){.jbTxDN.jbTxDN.jbTxDN{grid-column:1 / 7;}}/*!sc*/ .hlbQwp.hlbQwp.hlbQwp{font-weight:500;}/*!sc*/ .dViOmG.dViOmG.dViOmG{display:-webkit-inline-box;display:-webkit-inline-flex;display:-ms-inline-flexbox;display:inline-flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-text-decoration:none;text-decoration:none;}/*!sc*/ .dVQvBz.dVQvBz.dVQvBz{color:#80868F;margin:0;}/*!sc*/ .bqMfzV.bqMfzV.bqMfzV{border-top:0.1rem solid #5a5f66;padding:2.4rem 1.6rem;color:#80868F;margin:0;}/*!sc*/ data-styled.g56[id="utils-sc-11hlfw-0"]{content:"FYDuM,bPWQw,bKQnZO,iCUAvT,eldvFb,bdewcp,eTNTBu,czoLEI,jrcqSi,kXdnOe,dKTRwW,crZFdA,iyreho,dTOMa-D,cvLfHs,lmzreS,lbFYLj,hdAWxm,bQXgzY,gbKHFx,glCwmv,bBeyP,kDCTrn,cvntAt,keBOjr,gINUVb,iJffKk,bCeHxC,fMkBdy,jbTxDN,hlbQwp,dViOmG,dVQvBz,bqMfzV,"}/*!sc*/ .jOKDAt{margin:0 0 1.6rem 0;color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;text-transform:uppercase;padding:0;}/*!sc*/ @media screen and (min-width:900px){.jOKDAt{color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;}}/*!sc*/ @media screen and (min-width:1200px){.jOKDAt{color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;}}/*!sc*/ .calwMa{margin:0;color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;text-transform:uppercase;padding:0;}/*!sc*/ @media screen and (min-width:900px){.calwMa{color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;}}/*!sc*/ @media screen and (min-width:1200px){.calwMa{color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;}}/*!sc*/ .jPTHXi{margin:0.8rem 0 1.6rem;color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;text-transform:uppercase;padding:0;}/*!sc*/ @media screen and (min-width:1200px){.jPTHXi{margin:0;}}/*!sc*/ @media screen and (min-width:900px){.jPTHXi{color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;}}/*!sc*/ @media screen and (min-width:1200px){.jPTHXi{color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;}}/*!sc*/ .gHcESW{margin:0.4rem 0 2rem;color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;text-transform:uppercase;padding:0;}/*!sc*/ @media screen and (min-width:900px){.gHcESW{color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;}}/*!sc*/ @media screen and (min-width:1200px){.gHcESW{color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;}}/*!sc*/ .ccREFo{margin:0 0 2.4rem;color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;text-transform:uppercase;padding:0;}/*!sc*/ @media screen and (min-width:900px){.ccREFo{color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;}}/*!sc*/ @media screen and (min-width:1200px){.ccREFo{color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;}}/*!sc*/ .iELGSp{margin:0.8rem 0;color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;text-transform:uppercase;padding:0;}/*!sc*/ @media screen and (min-width:1200px){.iELGSp{margin:0;}}/*!sc*/ @media screen and (min-width:900px){.iELGSp{color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;}}/*!sc*/ @media screen and (min-width:1200px){.iELGSp{color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;}}/*!sc*/ .bvimfW{margin:0 0 0.8rem;color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;text-transform:uppercase;padding:0;}/*!sc*/ @media screen and (min-width:900px){.bvimfW{color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;}}/*!sc*/ @media screen and (min-width:1200px){.bvimfW{color:#ABABAB;font-family:'Aeonik Mono',monospace;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0.1rem;-moz-letter-spacing:0.1rem;-ms-letter-spacing:0.1rem;letter-spacing:0.1rem;line-height:2rem;}}/*!sc*/ .VzOyt{margin:0 0 1.6rem 0;color:#8B929B;font-family:SpaceGrotesk,monospace;font-style:NORMAL;font-weight:600;font-size:1.2rem;-webkit-letter-spacing:0.12rem;-moz-letter-spacing:0.12rem;-ms-letter-spacing:0.12rem;letter-spacing:0.12rem;line-height:1.8rem;text-transform:uppercase;padding:0;}/*!sc*/ @media screen and (min-width:900px){.VzOyt{color:#8B929B;font-family:SpaceGrotesk,monospace;font-style:NORMAL;font-weight:600;font-size:1.4rem;-webkit-letter-spacing:0.15rem;-moz-letter-spacing:0.15rem;-ms-letter-spacing:0.15rem;letter-spacing:0.15rem;line-height:2rem;}}/*!sc*/ @media screen and (min-width:1200px){.VzOyt{color:#8B929B;font-family:SpaceGrotesk,monospace;font-style:NORMAL;font-weight:600;font-size:1.4rem;-webkit-letter-spacing:0.15rem;-moz-letter-spacing:0.15rem;-ms-letter-spacing:0.15rem;letter-spacing:0.15rem;line-height:2rem;}}/*!sc*/ data-styled.g60[id="styled__Overline-sc-165cfko-0"]{content:"jOKDAt,calwMa,jPTHXi,gHcESW,ccREFo,iELGSp,bvimfW,VzOyt,"}/*!sc*/ .bkTDvW{margin:0 0 1.6rem 0;color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.8rem;-webkit-letter-spacing:0.0125rem;-moz-letter-spacing:0.0125rem;-ms-letter-spacing:0.0125rem;letter-spacing:0.0125rem;line-height:2.5rem;color:#FFFEFA;padding:0;}/*!sc*/ @media screen and (min-width:900px){.bkTDvW{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.8rem;-webkit-letter-spacing:0.0125rem;-moz-letter-spacing:0.0125rem;-ms-letter-spacing:0.0125rem;letter-spacing:0.0125rem;line-height:2.5rem;color:#FFFEFA;}}/*!sc*/ @media screen and (min-width:1200px){.bkTDvW{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.8rem;-webkit-letter-spacing:0.0125rem;-moz-letter-spacing:0.0125rem;-ms-letter-spacing:0.0125rem;letter-spacing:0.0125rem;line-height:2.5rem;color:#FFFEFA;}}/*!sc*/ .fXa-dFL{margin:0 0 1.6rem 0;color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.4rem;-webkit-letter-spacing:0.015rem;-moz-letter-spacing:0.015rem;-ms-letter-spacing:0.015rem;letter-spacing:0.015rem;line-height:2rem;color:#FFFEFA;padding:0;}/*!sc*/ @media screen and (min-width:900px){.fXa-dFL{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.4rem;-webkit-letter-spacing:0.015rem;-moz-letter-spacing:0.015rem;-ms-letter-spacing:0.015rem;letter-spacing:0.015rem;line-height:2rem;color:#FFFEFA;}}/*!sc*/ @media screen and (min-width:1200px){.fXa-dFL{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.4rem;-webkit-letter-spacing:0.015rem;-moz-letter-spacing:0.015rem;-ms-letter-spacing:0.015rem;letter-spacing:0.015rem;line-height:2rem;color:#FFFEFA;}}/*!sc*/ .kVgWkQ{margin:0 .8rem 0 0;color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.6rem;-webkit-letter-spacing:0.0125rem;-moz-letter-spacing:0.0125rem;-ms-letter-spacing:0.0125rem;letter-spacing:0.0125rem;line-height:2.2rem;color:#FFFEFA;padding:0;}/*!sc*/ @media screen and (min-width:900px){.kVgWkQ{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.6rem;-webkit-letter-spacing:0.0125rem;-moz-letter-spacing:0.0125rem;-ms-letter-spacing:0.0125rem;letter-spacing:0.0125rem;line-height:2.2rem;color:#FFFEFA;}}/*!sc*/ @media screen and (min-width:1200px){.kVgWkQ{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.6rem;-webkit-letter-spacing:0.0125rem;-moz-letter-spacing:0.0125rem;-ms-letter-spacing:0.0125rem;letter-spacing:0.0125rem;line-height:2.2rem;color:#FFFEFA;}}/*!sc*/ .gXwSZc{margin:0;color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.6rem;-webkit-letter-spacing:0.0125rem;-moz-letter-spacing:0.0125rem;-ms-letter-spacing:0.0125rem;letter-spacing:0.0125rem;line-height:2.2rem;color:#FFFEFA;padding:0;}/*!sc*/ @media screen and (min-width:900px){.gXwSZc{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.6rem;-webkit-letter-spacing:0.0125rem;-moz-letter-spacing:0.0125rem;-ms-letter-spacing:0.0125rem;letter-spacing:0.0125rem;line-height:2.2rem;color:#FFFEFA;}}/*!sc*/ @media screen and (min-width:1200px){.gXwSZc{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.6rem;-webkit-letter-spacing:0.0125rem;-moz-letter-spacing:0.0125rem;-ms-letter-spacing:0.0125rem;letter-spacing:0.0125rem;line-height:2.2rem;color:#FFFEFA;}}/*!sc*/ .gWBdwk{margin:0;color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.4rem;-webkit-letter-spacing:0.015rem;-moz-letter-spacing:0.015rem;-ms-letter-spacing:0.015rem;letter-spacing:0.015rem;line-height:2rem;color:#FFFEFA;padding:0;}/*!sc*/ @media screen and (min-width:900px){.gWBdwk{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.4rem;-webkit-letter-spacing:0.015rem;-moz-letter-spacing:0.015rem;-ms-letter-spacing:0.015rem;letter-spacing:0.015rem;line-height:2rem;color:#FFFEFA;}}/*!sc*/ @media screen and (min-width:1200px){.gWBdwk{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.4rem;-webkit-letter-spacing:0.015rem;-moz-letter-spacing:0.015rem;-ms-letter-spacing:0.015rem;letter-spacing:0.015rem;line-height:2rem;color:#FFFEFA;}}/*!sc*/ .hZdkzi{margin:0;color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:2rem;-webkit-letter-spacing:0.005rem;-moz-letter-spacing:0.005rem;-ms-letter-spacing:0.005rem;letter-spacing:0.005rem;line-height:2.8rem;color:#FFFEFA;padding:0;}/*!sc*/ @media screen and (min-width:900px){.hZdkzi{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:2.4rem;-webkit-letter-spacing:0;-moz-letter-spacing:0;-ms-letter-spacing:0;letter-spacing:0;line-height:3.2rem;color:#FFFEFA;}}/*!sc*/ @media screen and (min-width:1200px){.hZdkzi{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:2.4rem;-webkit-letter-spacing:0;-moz-letter-spacing:0;-ms-letter-spacing:0;letter-spacing:0;line-height:3.2rem;color:#FFFEFA;}}/*!sc*/ .eoMTCq{margin:0 0 0.8rem;color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:2rem;-webkit-letter-spacing:0.005rem;-moz-letter-spacing:0.005rem;-ms-letter-spacing:0.005rem;letter-spacing:0.005rem;line-height:2.8rem;color:#FFFEFA;padding:0;}/*!sc*/ @media screen and (min-width:900px){.eoMTCq{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:2rem;-webkit-letter-spacing:0.005rem;-moz-letter-spacing:0.005rem;-ms-letter-spacing:0.005rem;letter-spacing:0.005rem;line-height:2.8rem;color:#FFFEFA;}}/*!sc*/ @media screen and (min-width:1200px){.eoMTCq{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:2rem;-webkit-letter-spacing:0.005rem;-moz-letter-spacing:0.005rem;-ms-letter-spacing:0.005rem;letter-spacing:0.005rem;line-height:2.8rem;color:#FFFEFA;}}/*!sc*/ .eYhEQZ{margin:0 0 1.2rem;color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:2rem;-webkit-letter-spacing:0.005rem;-moz-letter-spacing:0.005rem;-ms-letter-spacing:0.005rem;letter-spacing:0.005rem;line-height:2.8rem;color:#FFFEFA;padding:0;}/*!sc*/ @media screen and (min-width:900px){.eYhEQZ{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:2rem;-webkit-letter-spacing:0.005rem;-moz-letter-spacing:0.005rem;-ms-letter-spacing:0.005rem;letter-spacing:0.005rem;line-height:2.8rem;color:#FFFEFA;}}/*!sc*/ @media screen and (min-width:1200px){.eYhEQZ{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:2rem;-webkit-letter-spacing:0.005rem;-moz-letter-spacing:0.005rem;-ms-letter-spacing:0.005rem;letter-spacing:0.005rem;line-height:2.8rem;color:#FFFEFA;}}/*!sc*/ .jXSJzE{margin:0 0 4rem;color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:2rem;-webkit-letter-spacing:0.005rem;-moz-letter-spacing:0.005rem;-ms-letter-spacing:0.005rem;letter-spacing:0.005rem;line-height:2.8rem;color:#FFFEFA;padding:0;}/*!sc*/ @media screen and (min-width:900px){.jXSJzE{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:2.4rem;-webkit-letter-spacing:0;-moz-letter-spacing:0;-ms-letter-spacing:0;letter-spacing:0;line-height:3.2rem;color:#FFFEFA;}}/*!sc*/ @media screen and (min-width:1200px){.jXSJzE{color:#E5E5E5;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:2.4rem;-webkit-letter-spacing:0;-moz-letter-spacing:0;-ms-letter-spacing:0;letter-spacing:0;line-height:3.2rem;color:#FFFEFA;}}/*!sc*/ .hYaXSW{margin:0;color:#41454C;font-family:Inter,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#FFFFFF;padding:0;}/*!sc*/ @media screen and (min-width:900px){.hYaXSW{color:#41454C;font-family:Inter,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#FFFFFF;}}/*!sc*/ @media screen and (min-width:1200px){.hYaXSW{color:#41454C;font-family:Inter,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#FFFFFF;}}/*!sc*/ .kgFLyt{margin:0 0 1.6rem 0;color:#41454C;font-family:Inter,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#FFFFFF;padding:0;}/*!sc*/ @media screen and (min-width:900px){.kgFLyt{color:#41454C;font-family:Inter,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#FFFFFF;}}/*!sc*/ @media screen and (min-width:1200px){.kgFLyt{color:#41454C;font-family:Inter,sans-serif;font-style:NORMAL;font-weight:400;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#FFFFFF;}}/*!sc*/ data-styled.g61[id="styled__Paragraph-sc-165cfko-1"]{content:"bkTDvW,fXa-dFL,kVgWkQ,gXwSZc,gWBdwk,hZdkzi,eoMTCq,eYhEQZ,jXSJzE,hYaXSW,kgFLyt,"}/*!sc*/ .jfpVpU{margin:0 0 1.2rem;color:#FFFEFA;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:2.4rem;-webkit-letter-spacing:0;-moz-letter-spacing:0;-ms-letter-spacing:0;letter-spacing:0;line-height:3.2rem;color:#FFFEFA;padding:0;}/*!sc*/ @media screen and (min-width:900px){.jfpVpU{color:#FFFEFA;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:2.4rem;-webkit-letter-spacing:0;-moz-letter-spacing:0;-ms-letter-spacing:0;letter-spacing:0;line-height:3.2rem;color:#FFFEFA;}}/*!sc*/ @media screen and (min-width:1200px){.jfpVpU{color:#FFFEFA;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:2.8rem;-webkit-letter-spacing:-0.01rem;-moz-letter-spacing:-0.01rem;-ms-letter-spacing:-0.01rem;letter-spacing:-0.01rem;line-height:3.6rem;color:#FFFEFA;}}/*!sc*/ .Mbfvv{color:#FFFEFA;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:3.2rem;-webkit-letter-spacing:-0.01rem;-moz-letter-spacing:-0.01rem;-ms-letter-spacing:-0.01rem;letter-spacing:-0.01rem;line-height:4.4rem;color:#FFFEFA;padding:0;}/*!sc*/ @media screen and (min-width:1200px){.Mbfvv{margin:0 0 4rem;}}/*!sc*/ @media screen and (min-width:900px){.Mbfvv{color:#FFFEFA;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:4rem;-webkit-letter-spacing:-0.02rem;-moz-letter-spacing:-0.02rem;-ms-letter-spacing:-0.02rem;letter-spacing:-0.02rem;line-height:4.8rem;color:#FFFEFA;}}/*!sc*/ @media screen and (min-width:1200px){.Mbfvv{color:#FFFEFA;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:4rem;-webkit-letter-spacing:-0.02rem;-moz-letter-spacing:-0.02rem;-ms-letter-spacing:-0.02rem;letter-spacing:-0.02rem;line-height:4.8rem;color:#FFFEFA;}}/*!sc*/ .FygDm{margin:0 0 1.6rem 0;color:#FFFEFA;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:3.2rem;-webkit-letter-spacing:-0.01rem;-moz-letter-spacing:-0.01rem;-ms-letter-spacing:-0.01rem;letter-spacing:-0.01rem;line-height:4.4rem;color:#FFFEFA;padding:0;}/*!sc*/ @media screen and (min-width:900px){.FygDm{color:#FFFEFA;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:4rem;-webkit-letter-spacing:-0.02rem;-moz-letter-spacing:-0.02rem;-ms-letter-spacing:-0.02rem;letter-spacing:-0.02rem;line-height:4.8rem;color:#FFFEFA;}}/*!sc*/ @media screen and (min-width:1200px){.FygDm{color:#FFFEFA;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:4rem;-webkit-letter-spacing:-0.02rem;-moz-letter-spacing:-0.02rem;-ms-letter-spacing:-0.02rem;letter-spacing:-0.02rem;line-height:4.8rem;color:#FFFEFA;}}/*!sc*/ .OWQrv{margin:0 0 1.6rem 0;color:#FFFEFA;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:3.2rem;-webkit-letter-spacing:-0.01rem;-moz-letter-spacing:-0.01rem;-ms-letter-spacing:-0.01rem;letter-spacing:-0.01rem;line-height:4.4rem;color:#FFFEFA;padding:0;}/*!sc*/ @media screen and (min-width:900px){.OWQrv{color:#FFFEFA;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:4rem;-webkit-letter-spacing:-0.02rem;-moz-letter-spacing:-0.02rem;-ms-letter-spacing:-0.02rem;letter-spacing:-0.02rem;line-height:4.8rem;color:#FFFEFA;}}/*!sc*/ @media screen and (min-width:1200px){.OWQrv{color:#FFFEFA;font-family:Aeonik,sans-serif;font-style:NORMAL;font-weight:400;font-size:4.8rem;-webkit-letter-spacing:-0.02rem;-moz-letter-spacing:-0.02rem;-ms-letter-spacing:-0.02rem;letter-spacing:-0.02rem;line-height:5.6rem;color:#FFFEFA;}}/*!sc*/ data-styled.g62[id="styled__Heading-sc-165cfko-2"]{content:"jfpVpU,Mbfvv,FygDm,OWQrv,"}/*!sc*/ .butiik{margin:0;padding:0;font-family:Aeonik,sans-serif !important;color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.8rem;-webkit-letter-spacing:-0.005rem;-moz-letter-spacing:-0.005rem;-ms-letter-spacing:-0.005rem;letter-spacing:-0.005rem;line-height:2.8rem;color:#99A7F1;-webkit-text-decoration:underline;text-decoration:underline;text-underline-offset:0.3rem;cursor:pointer;width:-webkit-fit-content;width:-moz-fit-content;width:fit-content;}/*!sc*/ @media screen and (min-width:900px){.butiik{color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.8rem;-webkit-letter-spacing:-0.005rem;-moz-letter-spacing:-0.005rem;-ms-letter-spacing:-0.005rem;letter-spacing:-0.005rem;line-height:2.8rem;color:#99A7F1;}}/*!sc*/ @media screen and (min-width:1200px){.butiik{color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.8rem;-webkit-letter-spacing:-0.005rem;-moz-letter-spacing:-0.005rem;-ms-letter-spacing:-0.005rem;letter-spacing:-0.005rem;line-height:2.8rem;color:#99A7F1;}}/*!sc*/ .butiik:hover{color:#B6CAFF;cursor:pointer;-webkit-text-decoration:underline;text-decoration:underline;}/*!sc*/ .butiik:active{color:#3F59E4;}/*!sc*/ .butiik:focus-visible{outline:0.2rem solid #99A7F1;border-radius:0.4rem;color:#99A7F1;}/*!sc*/ .butiik:after{content:'→';padding-left:0.8rem;display:inline-block;}/*!sc*/ .bhxyxO{margin:0;padding:0;font-family:Aeonik,sans-serif !important;color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#99A7F1;-webkit-text-decoration:underline;text-decoration:underline;text-underline-offset:0.3rem;cursor:pointer;width:-webkit-fit-content;width:-moz-fit-content;width:fit-content;}/*!sc*/ @media screen and (min-width:900px){.bhxyxO{color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.6rem;-webkit-letter-spacing:-0.001rem;-moz-letter-spacing:-0.001rem;-ms-letter-spacing:-0.001rem;letter-spacing:-0.001rem;line-height:2.4rem;color:#99A7F1;}}/*!sc*/ @media screen and (min-width:1200px){.bhxyxO{color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.6rem;-webkit-letter-spacing:-0.001rem;-moz-letter-spacing:-0.001rem;-ms-letter-spacing:-0.001rem;letter-spacing:-0.001rem;line-height:2.4rem;color:#99A7F1;}}/*!sc*/ .bhxyxO:hover{color:#B6CAFF;cursor:pointer;-webkit-text-decoration:underline;text-decoration:underline;}/*!sc*/ .bhxyxO:active{color:#3F59E4;}/*!sc*/ .bhxyxO:focus-visible{outline:0.2rem solid #99A7F1;border-radius:0.4rem;color:#99A7F1;}/*!sc*/ .jSunBo{margin:0;padding:0;font-family:Aeonik,sans-serif !important;color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#99A7F1;-webkit-text-decoration:underline;text-decoration:underline;text-underline-offset:0.3rem;cursor:pointer;width:-webkit-fit-content;width:-moz-fit-content;width:fit-content;}/*!sc*/ @media screen and (min-width:900px){.jSunBo{color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#99A7F1;}}/*!sc*/ @media screen and (min-width:1200px){.jSunBo{color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#99A7F1;}}/*!sc*/ .jSunBo:hover{color:#B6CAFF;cursor:pointer;-webkit-text-decoration:underline;text-decoration:underline;}/*!sc*/ .jSunBo:active{color:#3F59E4;}/*!sc*/ .jSunBo:focus-visible{outline:0.2rem solid #99A7F1;border-radius:0.4rem;color:#99A7F1;}/*!sc*/ .jSunBo:after{content:'→';padding-left:0.8rem;display:inline-block;}/*!sc*/ .hfCwZi{margin:0;padding:0;font-family:Aeonik,sans-serif !important;color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.8rem;-webkit-letter-spacing:-0.005rem;-moz-letter-spacing:-0.005rem;-ms-letter-spacing:-0.005rem;letter-spacing:-0.005rem;line-height:2.8rem;color:#99A7F1;-webkit-text-decoration:underline;text-decoration:underline;text-underline-offset:0.3rem;cursor:pointer;width:-webkit-fit-content;width:-moz-fit-content;width:fit-content;}/*!sc*/ @media screen and (min-width:900px){.hfCwZi{color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.8rem;-webkit-letter-spacing:-0.005rem;-moz-letter-spacing:-0.005rem;-ms-letter-spacing:-0.005rem;letter-spacing:-0.005rem;line-height:2.8rem;color:#99A7F1;}}/*!sc*/ @media screen and (min-width:1200px){.hfCwZi{color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.8rem;-webkit-letter-spacing:-0.005rem;-moz-letter-spacing:-0.005rem;-ms-letter-spacing:-0.005rem;letter-spacing:-0.005rem;line-height:2.8rem;color:#99A7F1;}}/*!sc*/ .hfCwZi:hover{color:#B6CAFF;cursor:pointer;-webkit-text-decoration:underline;text-decoration:underline;}/*!sc*/ .hfCwZi:active{color:#3F59E4;}/*!sc*/ .hfCwZi:focus-visible{outline:0.2rem solid #99A7F1;border-radius:0.4rem;color:#99A7F1;}/*!sc*/ .dpsQkm{margin:0;padding:0;font-family:Aeonik,sans-serif !important;color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#99A7F1;-webkit-text-decoration:underline;text-decoration:underline;text-underline-offset:0.3rem;cursor:pointer;width:-webkit-fit-content;width:-moz-fit-content;width:fit-content;}/*!sc*/ @media screen and (min-width:900px){.dpsQkm{color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#99A7F1;}}/*!sc*/ @media screen and (min-width:1200px){.dpsQkm{color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#99A7F1;}}/*!sc*/ .dpsQkm:hover{color:#B6CAFF;cursor:pointer;-webkit-text-decoration:underline;text-decoration:underline;}/*!sc*/ .dpsQkm:active{color:#3F59E4;}/*!sc*/ .dpsQkm:focus-visible{outline:0.2rem solid #99A7F1;border-radius:0.4rem;color:#99A7F1;}/*!sc*/ .hwiOrq{margin:0;padding:0;font-family:Inter,sans-serif !important;color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#BCBAFF;-webkit-text-decoration:none;text-decoration:none;text-underline-offset:0.3rem;cursor:pointer;width:-webkit-fit-content;width:-moz-fit-content;width:fit-content;}/*!sc*/ @media screen and (min-width:900px){.hwiOrq{color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#BCBAFF;}}/*!sc*/ @media screen and (min-width:1200px){.hwiOrq{color:#635DFF;font-family:Inter;font-style:NORMAL;font-weight:500;font-size:1.4rem;-webkit-letter-spacing:0rem;-moz-letter-spacing:0rem;-ms-letter-spacing:0rem;letter-spacing:0rem;line-height:2.2rem;color:#BCBAFF;}}/*!sc*/ .hwiOrq:hover{color:#E9E8FF;cursor:pointer;-webkit-text-decoration:underline;text-decoration:underline;}/*!sc*/ .hwiOrq:active{color:#908BFF;}/*!sc*/ .hwiOrq:focus-visible{outline:0.4rem solid #635DFFCC;border-radius:0.4rem;color:#BCBAFF;}/*!sc*/ data-styled.g64[id="styled__Link-sc-bubr9x-0"]{content:"butiik,bhxyxO,jSunBo,hfCwZi,dpsQkm,hwiOrq,"}/*!sc*/ .bLVyXv{font-family:Aeonik,sans-serif;width:100%;min-width:17.3rem;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;font-size:1.6rem;height:100%;line-height:2.4rem;-webkit-letter-spacing:0.015rem;-moz-letter-spacing:0.015rem;-ms-letter-spacing:0.015rem;letter-spacing:0.015rem;padding:0 0 0 4rem;border-radius:0.6rem;box-sizing:border-box;color:#FFFEFA;background:#111111;outline:none;border:0.1rem solid #555555;}/*!sc*/ .bLVyXv::-webkit-input-placeholder{color:#808080;}/*!sc*/ .bLVyXv::-moz-placeholder{color:#808080;}/*!sc*/ .bLVyXv:-ms-input-placeholder{color:#808080;}/*!sc*/ .bLVyXv::placeholder{color:#808080;}/*!sc*/ .bLVyXv:disabled{background-color:#383838;border:0.1rem solid #555555;color:#555555;}/*!sc*/ .bLVyXv:hover{border:0.1rem solid #808080;}/*!sc*/ data-styled.g66[id="styled__TextInput-sc-zjpc1c-1"]{content:"bLVyXv,"}/*!sc*/ .lrdPx{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;width:100%;min-width:17.3rem;border-radius:0.8rem;padding:0;height:4.8rem;box-sizing:border-box;margin-inline-start:0;margin-inline-end:0;padding-block-start:0;padding-inline-start:0;padding-inline-end:0;padding-block-end:0;border:none;}/*!sc*/ data-styled.g67[id="styled__InputWrapper-sc-zjpc1c-2"]{content:"lrdPx,"}/*!sc*/ .dNHNJo{position:absolute;margin:0 0 0 1.6rem;}/*!sc*/ data-styled.g68[id="styled__SearchIcon-sc-zjpc1c-3"]{content:"dNHNJo,"}/*!sc*/ .gfVdta{background:url(https://cdn.auth0.com/website/components/cta-module/fullwidth/Background.png) right center,no-repeat;color:#fffefa;}/*!sc*/ @media screen and (min-width:1200px){.gfVdta{max-width:153.6rem;margin:0 auto;border-radius:0;}}/*!sc*/ data-styled.g123[id="styled__Grid-sc-vosx1t-0"]{content:"gfVdta,"}/*!sc*/ .cvYPGz{display:grid;grid-template-columns:repeat(6,1fr);-webkit-column-gap:1.6rem;column-gap:1.6rem;margin:0 auto;width:calc(100% - (1.6rem * 2));}/*!sc*/ @media screen and (min-width:900px){.cvYPGz{grid-template-columns:repeat(12,1fr);width:calc(100% - (6.4rem * 2));}}/*!sc*/ @media screen and (min-width:1200px){.cvYPGz{max-width:1312px;-webkit-column-gap:3.2rem;column-gap:3.2rem;}}/*!sc*/ data-styled.g124[id="styled__Content-sc-vosx1t-1"]{content:"cvYPGz,"}/*!sc*/ .hmZChk{grid-column:span 6;}/*!sc*/ @media screen and (min-width:900px){.hmZChk{grid-column:span 7;}}/*!sc*/ data-styled.g125[id="styled__GridItem-sc-vosx1t-2"]{content:"hmZChk,"}/*!sc*/ .iWCUjn{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;gap:1.6rem;width:100%;}/*!sc*/ @media screen and (min-width:900px){.iWCUjn > a{width:100%;}}/*!sc*/ @media screen and (min-width:1200px){.iWCUjn{-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}.iWCUjn > a{width:-webkit-fit-content;width:-moz-fit-content;width:fit-content;}}/*!sc*/ data-styled.g156[id="styled__ButtonWrapper-sc-2ky66j-2"]{content:"iWCUjn,"}/*!sc*/ .hTMLxH{background:#1E1E1E;border-radius:1.2rem;color:white;cursor:pointer;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;min-height:30rem;padding:3.2rem 3.2rem 4.8rem;-webkit-text-decoration:none;text-decoration:none;-webkit-transition:all 0.2s ease-out;transition:all 0.2s ease-out;width:100%;position:relative;overflow:hidden;}/*!sc*/ .hTMLxH:before{content:' ';background:linear-gradient(148.72deg,#11227A -67.64%,#1E1E1E 58.73%);position:absolute;width:100%;height:100%;opacity:0;top:0;left:0;right:0;bottom:0;-webkit-transition:all 0.2s ease-out;transition:all 0.2s ease-out;z-index:0;}/*!sc*/ .hTMLxH > div{background-image:url(https://cdn.auth0.com/website/website/quantum-web/devx/cards/Background.png);}/*!sc*/ .hTMLxH:nth-child(2) > div{background-image:url(https://cdn.auth0.com/website/website/quantum-web/devx/cards/background-2-resting.png);background-position:bottom -2rem right -2rem;}/*!sc*/ .hTMLxH:nth-child(3) > div{background-image:url(https://cdn.auth0.com/website/website/quantum-web/devx/cards/background-3-resting.png);}/*!sc*/ .hTMLxH:hover:before{opacity:1;}/*!sc*/ .hTMLxH:hover > div{background-image:url(https://cdn.auth0.com/website/website/quantum-web/devx/cards/Background-hover-test.png);}/*!sc*/ .hTMLxH:hover svg{-webkit-transition:all 0.2s ease-out;transition:all 0.2s ease-out;opacity:1;-webkit-transform:translateX(0);-ms-transform:translateX(0);transform:translateX(0);}/*!sc*/ .hTMLxH:hover:nth-child(2) > div{background-image:url(https://cdn.auth0.com/website/website/quantum-web/devx/cards/background-2-hover.png);}/*!sc*/ .hTMLxH:hover:nth-child(3) > div{background-image:url(https://cdn.auth0.com/website/website/quantum-web/devx/cards/background-3-hover.png);}/*!sc*/ @media screen and (min-width:900px){.hTMLxH{border-radius:1.6rem;min-height:25.6rem;padding:4rem 4rem 4.8rem;}.hTMLxH:nth-child(2) > div{background-position:bottom right -2rem;}}/*!sc*/ @media screen and (min-width:1200px){.hTMLxH{max-width:41.6rem;height:41.6rem;padding:4rem;}}/*!sc*/ data-styled.g178[id="styled__CardWrapper-sc-1f3qc75-0"]{content:"hTMLxH,"}/*!sc*/ .bnYGHo{position:absolute;top:0;right:0;left:0;bottom:0;background-repeat:no-repeat;background-position:bottom -6rem right;background-size:100%;z-index:0;-webkit-transition:all 0.2s ease-out;transition:all 0.2s ease-out;}/*!sc*/ @media screen and (min-width:900px){.bnYGHo{background-size:50%;background-position:bottom right -2rem;}}/*!sc*/ @media screen and (min-width:1200px){.bnYGHo{background-size:100%;background-position:bottom right;}}/*!sc*/ data-styled.g179[id="styled__CardImage-sc-1f3qc75-1"]{content:"bnYGHo,"}/*!sc*/ .lnIRjC{opacity:0;margin-top:auto;z-index:1;-webkit-transform:translateX(-0.8rem);-ms-transform:translateX(-0.8rem);transform:translateX(-0.8rem);}/*!sc*/ data-styled.g180[id="styled__ArrowSvg-sc-1f3qc75-2"]{content:"lnIRjC,"}/*!sc*/ .kBmzHj{max-width:100%;margin:0 1.2rem;}/*!sc*/ @media screen and (min-width:900px){.kBmzHj{margin:0 6.4rem;}}/*!sc*/ @media screen and (min-width:1200px){.kBmzHj{margin:0 auto;max-width:144rem;padding:0 6.4rem;}}/*!sc*/ data-styled.g181[id="styled__CardContainer-sc-fnzurd-0"]{content:"kBmzHj,"}/*!sc*/ .jgYXEj{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;gap:1.6rem;}/*!sc*/ @media screen and (min-width:900px){.jgYXEj{gap:2.4rem;}}/*!sc*/ @media screen and (min-width:1200px){.jgYXEj{-webkit-flex-direction:row;-ms-flex-direction:row;flex-direction:row;gap:3.2rem;margin:0 auto;}}/*!sc*/ data-styled.g182[id="styled__CardWrapper-sc-fnzurd-1"]{content:"jgYXEj,"}/*!sc*/ .fZVgTb{max-width:144rem;padding:0 1.6rem;margin:0 auto;position:relative;}/*!sc*/ @media screen and (min-width:900px){.fZVgTb{padding:0 6.4rem;}}/*!sc*/ @media screen and (min-width:1600px){.fZVgTb{padding:0 0 0 14.4rem!important;max-width:160rem;}.fZVgTb:after{content:" ";position:absolute;top:0;bottom:0;right:-0.1rem;width:14.4rem;background:linear-gradient(90deg,rgba(17,17,17,0.00) 0%,#111 91.67%);}}/*!sc*/ data-styled.g216[id="styled__Wrapper-sc-1xhxac-0"]{content:"fZVgTb,"}/*!sc*/ .lnnhCi{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-flow:row nowrap;-ms-flex-flow:row nowrap;flex-flow:row nowrap;margin-bottom:1.4rem;-webkit-transition:all 0.5s cubic-bezier(0.23,1,0.32,1);transition:all 0.5s cubic-bezier(0.23,1,0.32,1);-webkit-transform:translateX( calc( -0% - 0 ) );-ms-transform:translateX( calc( -0% - 0 ) );transform:translateX( calc( -0% - 0 ) );}/*!sc*/ @media screen and (min-width:900px){.lnnhCi{margin-bottom:3.2rem;-webkit-transform:translateX( calc( -0% - 0 ) );-ms-transform:translateX( calc( -0% - 0 ) );transform:translateX( calc( -0% - 0 ) );}}/*!sc*/ @media screen and (min-width:1200px){.lnnhCi{-webkit-transform:translateX(calc(-0% - 0));-ms-transform:translateX(calc(-0% - 0));transform:translateX(calc(-0% - 0));}}/*!sc*/ data-styled.g217[id="styled__Container-sc-1xhxac-1"]{content:"lnnhCi,"}/*!sc*/ .cBtybf{overflow-x:hidden;max-width:131.2rem;margin:0 auto;}/*!sc*/ @media screen and (min-width:1600px){.cBtybf{padding-right:14.4rem;max-width:145.6rem;}}/*!sc*/ data-styled.g222[id="styled__SliderWrapper-sc-1xhxac-6"]{content:"cBtybf,"}/*!sc*/ .hhWMTM{width:100%;display:grid;-webkit-box-pack:center;-webkit-justify-content:center;-ms-flex-pack:center;justify-content:center;margin:2.4rem auto;}/*!sc*/ data-styled.g232[id="sc-88q8hx-0"]{content:"hhWMTM,"}/*!sc*/ .guGDRs{position:relative;max-width:17.6rem;border-radius:0.8rem;border:0.1rem solid #555555;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;padding:0;cursor:pointer;}/*!sc*/ data-styled.g233[id="sc-8t61xl-0"]{content:"guGDRs,"}/*!sc*/ .huAclX{width:100%;position:absolute;bottom:0;top:0;cursor:pointer;-webkit-appearance:none;-moz-appearance:none;appearance:none;}/*!sc*/ data-styled.g234[id="sc-8t61xl-1"]{content:"huAclX,"}/*!sc*/ .loMVLS{-webkit-flex:1;-ms-flex:1;flex:1;color:white;text-align:center;border-radius:0.8rem 0 0 0.8rem;background:none;-webkit-appearance:none;-moz-appearance:none;appearance:none;border:0.1rem solid transparent;padding:0.25rem 0;z-index:1;background:#2A2A2A;border-color:#2A2A2A;outline:0.1rem solid #808080;border-radius:0.7rem 0 0 0.7rem;}/*!sc*/ .loMVLS:last-of-type{border-radius:0 0.8rem 0.8rem 0;}/*!sc*/ .loMVLS svg{opacity:0.55;}/*!sc*/ .loMVLS svg{opacity:1;}/*!sc*/ .loMVLS:last-of-type{border-radius:0 0.7rem 0.7rem 0;}/*!sc*/ .loMVLS:hover{background:#2A2A2A;border-color:#2A2A2A;outline:0.1rem solid #555555;}/*!sc*/ .loMVLS:hover svg{opacity:1;}/*!sc*/ .loMVLS:focus{border-color:#555555;outline:0.2rem solid #B6CAFF;}/*!sc*/ .bWbXhw{-webkit-flex:1;-ms-flex:1;flex:1;color:white;text-align:center;border-radius:0.8rem 0 0 0.8rem;background:none;-webkit-appearance:none;-moz-appearance:none;appearance:none;border:0.1rem solid transparent;padding:0.25rem 0;z-index:1;}/*!sc*/ .bWbXhw:last-of-type{border-radius:0 0.8rem 0.8rem 0;border-left-color:#555555;}/*!sc*/ .bWbXhw svg{opacity:0.55;}/*!sc*/ .bWbXhw:hover{background:#2A2A2A;border-color:#2A2A2A;outline:0.1rem solid #555555;}/*!sc*/ .bWbXhw:hover svg{opacity:1;}/*!sc*/ .bWbXhw:focus{border-color:#555555;outline:0.2rem solid #B6CAFF;}/*!sc*/ data-styled.g235[id="sc-8t61xl-2"]{content:"loMVLS,bWbXhw,"}/*!sc*/ .dDTyLk{-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;background:none;border:none;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;gap:0.4rem;-webkit-transition:all 0.2s ease-in-out;transition:all 0.2s ease-in-out;}/*!sc*/ .dDTyLk p{-webkit-transition:all 0.2s ease-in-out;transition:all 0.2s ease-in-out;}/*!sc*/ .dDTyLk:hover p{-webkit-text-decoration:underline;text-decoration:underline;text-underline-position:from-font;}/*!sc*/ .fVlGm{-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;background:none;border:none;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;gap:0.4rem;-webkit-transition:all 0.2s ease-in-out;transition:all 0.2s ease-in-out;}/*!sc*/ .fVlGm p{-webkit-transition:all 0.2s ease-in-out;transition:all 0.2s ease-in-out;}/*!sc*/ data-styled.g236[id="sc-1xszjru-0"]{content:"dDTyLk,fVlGm,"}/*!sc*/ .gFmoyl{display:block;background:#E8DCC7;min-height:14rem;height:14rem;-webkit-transition:all 0.2s ease;transition:all 0.2s ease;width:100%;z-index:1;}/*!sc*/ @media screen and (min-width:1200px){.gFmoyl{display:block;min-height:19.2rem;height:19.2rem;}}/*!sc*/ .fQEmrF{display:block;background:#E8DCC7;min-height:14rem;height:14.6rem;-webkit-transition:all 0.2s ease;transition:all 0.2s ease;width:100%;z-index:1;}/*!sc*/ @media screen and (min-width:1200px){.fQEmrF{display:block;min-height:24.8rem;height:24.8rem;}}/*!sc*/ data-styled.g252[id="sc-1akycv5-0"]{content:"gFmoyl,fQEmrF,"}/*!sc*/ .kPXeZb{background-image:url(https://images.ctfassets.net/23aumh6u8s0i/5o60LaB7RltcyovB7KeYEz/b25c100c9d5d40e8c2341ec7abcc4d28/Auth_for_GenAI_hero.jpg);background-size:cover;background-position:center;height:100%;}/*!sc*/ .kICDyS{background-image:url(https://images.ctfassets.net/23aumh6u8s0i/1mUMR0A8KINhJK2yxzPTMI/efff7a59b80db46882bc1d9649bc7851/Co-Branded_Template_-_Image___Gradient_melon_-_600x456.png);background-size:cover;background-position:center;height:100%;}/*!sc*/ .lcDbSj{background-image:url(https://images.ctfassets.net/23aumh6u8s0i/6fjXeiKm0cnBhKSstu382A/6e93da722d4f0bca241ff54b6f3f93bb/auth0-hero-announcement.jpg);background-size:cover;background-position:center;height:100%;}/*!sc*/ data-styled.g253[id="sc-1akycv5-1"]{content:"kPXeZb,kICDyS,lcDbSj,"}/*!sc*/ .blREA-d{background:#1E1E1E;border-radius:1.6rem;cursor:pointer;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-transition:all 0.2s ease-in;transition:all 0.2s ease-in;overflow:hidden;position:relative;border-bottom:0.1rem solid #2A2A2A;}/*!sc*/ .blREA-d:before{position:absolute;content:'';inset:0;background:radial-gradient(70.73% 156.97% at 50% -67.43%,#4352A4 0%,#1E1E1E 100%);z-index:1;opacity:0;-webkit-transition:opacity 0.25s ease-in-out;transition:opacity 0.25s ease-in-out;}/*!sc*/ .blREA-d:hover:before{opacity:1;}/*!sc*/ .blREA-d:hover .sc-1akycv5-0{background:#3F59E4;opacity:1;}/*!sc*/ data-styled.g254[id="sc-1akycv5-2"]{content:"blREA-d,"}/*!sc*/ @media screen and (min-width:1200px){.kKvwZS{-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-box-pack:start;-webkit-justify-content:flex-start;-ms-flex-pack:start;justify-content:flex-start;margin-bottom:0.8rem;gap:1.6rem;}}/*!sc*/ data-styled.g255[id="sc-1akycv5-3"]{content:"kKvwZS,"}/*!sc*/ .faaFJY{padding:2.4rem;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:start;-webkit-justify-content:flex-start;-ms-flex-pack:start;justify-content:flex-start;z-index:1;}/*!sc*/ @media screen and (min-width:1200px){.faaFJY{min-height:29.6rem;}}/*!sc*/ .eNGAfo{padding:2.4rem;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:start;-webkit-justify-content:flex-start;-ms-flex-pack:start;justify-content:flex-start;z-index:1;}/*!sc*/ @media screen and (min-width:1200px){.eNGAfo{min-height:20rem;height:100%;}.eNGAfo .sc-1akycv5-3{margin-bottom:1.2rem;}}/*!sc*/ data-styled.g256[id="sc-1akycv5-4"]{content:"faaFJY,eNGAfo,"}/*!sc*/ .fRqgPG{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;margin:auto 0 0;-webkit-flex-wrap:wrap;-ms-flex-wrap:wrap;flex-wrap:wrap;gap:0 1.2rem;}/*!sc*/ .fRqgPG button{padding:0;}/*!sc*/ .fRqgPG button p:hover{-webkit-text-decoration:none;text-decoration:none;}/*!sc*/ data-styled.g257[id="sc-1akycv5-5"]{content:"fRqgPG,"}/*!sc*/ .ePAqkg{border-bottom:0.1rem solid #555555;width:100%;}/*!sc*/ .ePAqkg span{display:block;}/*!sc*/ @media screen and (min-width:1200px){.ePAqkg span{display:inline;}.ePAqkg span:first-child{margin-right:0.8rem;}}/*!sc*/ data-styled.g259[id="dh4ait-0"]{content:"ePAqkg,"}/*!sc*/ .kfYqEB{max-width:100%;}/*!sc*/ data-styled.g260[id="sc-1rc3wko-0"]{content:"kfYqEB,"}/*!sc*/ .fYNeXn{-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;gap:1.6rem;margin-bottom:1.6rem;border-bottom:0.1rem solid #555555;}/*!sc*/ .fYNeXn > div:first-child{border:none;}/*!sc*/ .fYNeXn label{min-width:17.6rem;display:none;}/*!sc*/ @media screen and (min-width:1200px){.fYNeXn{margin-bottom:2.4rem;border-bottom:none;}.fYNeXn > div:first-child{border-bottom:0.1rem solid #555555;}.fYNeXn label{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;}}/*!sc*/ data-styled.g261[id="sc-1rc3wko-1"]{content:"fYNeXn,"}/*!sc*/ .jsCONy{display:grid;gap:0.8rem;}/*!sc*/ @media screen and (min-width:900px){.jsCONy{gap:1.6rem;}}/*!sc*/ @media screen and (min-width:1200px){.jsCONy{margin-bottom:2.4rem;grid-template-columns:1fr 1fr;}}/*!sc*/ data-styled.g262[id="sc-1rc3wko-2"]{content:"jsCONy,"}/*!sc*/ .enauqK{margin-bottom:0.8rem;}/*!sc*/ @media screen and (min-width:1200px){.enauqK{display:none;}}/*!sc*/ data-styled.g263[id="sc-1rc3wko-3"]{content:"enauqK,"}/*!sc*/ .hibgHG{-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;background-color:transparent;border:0.1rem solid #FFFEFA;border-radius:0.8rem;color:#E5E5E5;font-family:Aeonik,sans-serif;font-size:1.4rem;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-letter-spacing:0.021rem;-moz-letter-spacing:0.021rem;-ms-letter-spacing:0.021rem;letter-spacing:0.021rem;line-height:2rem;outline:none;padding:0.8rem 1.6rem;-webkit-transition:all 0.2s ease;transition:all 0.2s ease;}/*!sc*/ .hibgHG > span{margin-left:0.4rem;}/*!sc*/ data-styled.g264[id="sc-1rc3wko-4"]{content:"hibgHG,"}/*!sc*/ .egvjS{margin-bottom:5.6rem;}/*!sc*/ data-styled.g279[id="wiotl7-0"]{content:"egvjS,"}/*!sc*/ .keAMQj{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-wrap:wrap;-ms-flex-wrap:wrap;flex-wrap:wrap;gap:1.2rem;padding:1.6rem 0;-webkit-transition:all 0.2s ease;transition:all 0.2s ease;}/*!sc*/ .keAMQj > button{padding:0;}/*!sc*/ data-styled.g280[id="wiotl7-1"]{content:"keAMQj,"}/*!sc*/ .jbIORl{-webkit-transition:all 0.2s ease;transition:all 0.2s ease;}/*!sc*/ .jbIORl path{fill:#99A7F1;}/*!sc*/ .jbIORl:hover path{fill:#B6CAFF;}/*!sc*/ data-styled.g281[id="wiotl7-2"]{content:"jbIORl,"}/*!sc*/ .gpkRVN{-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;background:none;border:none;color:#99A7F1;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;font-size:1.4rem;font-weight:500;gap:0.4rem;line-height:2rem;-webkit-letter-spacing:0.021rem;-moz-letter-spacing:0.021rem;-ms-letter-spacing:0.021rem;letter-spacing:0.021rem;outline:none;padding:0;-webkit-transition:all 0.2s ease;transition:all 0.2s ease;}/*!sc*/ .gpkRVN:hover{color:#B6CAFF;}/*!sc*/ .gpkRVN:active{color:#3F59E4;}/*!sc*/ .gpkRVN:focus{border-radius:0.8rem;border:0.2rem solid #B6CAFF;}/*!sc*/ .gpkRVN >:first-child{-webkit-text-decoration:underline;text-decoration:underline;text-underline-offset:0.3rem;}/*!sc*/ data-styled.g282[id="wiotl7-3"]{content:"gpkRVN,"}/*!sc*/ .hdiybx{background:#111;display:none;position:fixed;z-index:100;top:10.4rem;bottom:0;left:0;right:0;width:100%;overflow:auto;}/*!sc*/ data-styled.g335[id="styled__Wrapper-sc-85iotp-0"]{content:"hdiybx,"}/*!sc*/ .iZzMFn{margin-bottom:15rem;padding-left:0;}/*!sc*/ data-styled.g336[id="styled__ContentWrapper-sc-85iotp-1"]{content:"iZzMFn,"}/*!sc*/ .fbKXcX{list-style:none;width:100%;border-bottom:0.1rem solid #2A2A2A;}/*!sc*/ .fbKXcX:first-of-type{border-top:0.1rem solid #2A2A2A;}/*!sc*/ data-styled.g337[id="styled__NavItemContainer-sc-85iotp-2"]{content:"fbKXcX,"}/*!sc*/ .bUCOoz{padding:2.4rem 2rem 2.4rem 1.6rem;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-box-pack:justify;-webkit-justify-content:space-between;-ms-flex-pack:justify;justify-content:space-between;}/*!sc*/ @media screen and (min-width:900px){.bUCOoz{padding-left:6.4rem;padding-right:6.4rem;}}/*!sc*/ data-styled.g338[id="styled__NavLinkContainer-sc-85iotp-3"]{content:"bUCOoz,"}/*!sc*/ .dETrsJ{font-family:Aeonik,sans-serif;font-weight:500;font-size:2rem;line-height:2.8rem;-webkit-letter-spacing:-0.01rem;-moz-letter-spacing:-0.01rem;-ms-letter-spacing:-0.01rem;letter-spacing:-0.01rem;color:#FFFEFA;display:inline-block;width:100%;}/*!sc*/ .dETrsJ:hover{color:#BCBAFF;}/*!sc*/ data-styled.g339[id="styled__NavLink-sc-85iotp-4"]{content:"dETrsJ,"}/*!sc*/ .jJmhNW{font-family:Aeonik,sans-serif;font-weight:500;font-size:2rem;line-height:2.8rem;-webkit-letter-spacing:0.01rem;-moz-letter-spacing:0.01rem;-ms-letter-spacing:0.01rem;letter-spacing:0.01rem;color:#FFFEFA;margin:0;padding:2.4rem 0 2.4rem 1.6rem;position:relative;-webkit-transition:color 0.2s;transition:color 0.2s;}/*!sc*/ .jJmhNW::before{border-style:solid;border-width:0.1em 0.1em 0 0;content:'';display:inline-block;height:1.4rem;right:3rem;top:calc(50% - 0.83rem);position:absolute;vertical-align:top;width:1.4rem;-webkit-transform:rotate(135deg);-ms-transform:rotate(135deg);transform:rotate(135deg);-webkit-transition:-webkit-transform 0.4s ease;-webkit-transition:transform 0.4s ease;transition:transform 0.4s ease;}/*!sc*/ @media screen and (min-width:900px){.jJmhNW{padding-left:6.4rem;}.jJmhNW:before{right:7rem;}}/*!sc*/ data-styled.g340[id="styled__NavItemTitle-sc-85iotp-5"]{content:"jJmhNW,"}/*!sc*/ .dAmhCz{overflow:hidden;height:auto;-webkit-transition:max-height 0.3s ease-out;transition:max-height 0.3s ease-out;padding-left:1.6rem;background:#191919;height:0;max-height:0;}/*!sc*/ @media screen and (min-width:900px){.dAmhCz{padding-left:6.4rem;}}/*!sc*/ data-styled.g341[id="styled__NavItem-sc-85iotp-6"]{content:"dAmhCz,"}/*!sc*/ .QEhDV:not(:last-of-type){margin-bottom:3.2rem;}/*!sc*/ .QEhDV:last-of-type{padding-bottom:1.6rem;}/*!sc*/ data-styled.g342[id="styled__ColumnContainer-sc-85iotp-7"]{content:"QEhDV,"}/*!sc*/ .dhdvtD{font-family:Aeonik Mono,monospace;font-size:1.4rem;line-height:2rem;font-weight:500;-webkit-letter-spacing:0.14rem;-moz-letter-spacing:0.14rem;-ms-letter-spacing:0.14rem;letter-spacing:0.14rem;text-transform:uppercase;color:#8c929c;margin:0 0 2rem;padding-top:3.2rem;}/*!sc*/ data-styled.g343[id="styled__ColumnItemTitle-sc-85iotp-8"]{content:"dhdvtD,"}/*!sc*/ .lbxxTt{list-style:none;padding:0;margin:0;}/*!sc*/ data-styled.g345[id="styled__ColumnList-sc-85iotp-10"]{content:"lbxxTt,"}/*!sc*/ .ihpWnt{font-family:Aeonik,sans-serif;font-size:2rem;line-height:2.8rem;-webkit-letter-spacing:0.01rem;-moz-letter-spacing:0.01rem;-ms-letter-spacing:0.01rem;letter-spacing:0.01rem;margin-bottom:2rem;}/*!sc*/ .ihpWnt a{color:#FFFEFA;display:inline-block;width:100%;}/*!sc*/ .ihpWnt a:hover{color:#BCBAFF;}/*!sc*/ data-styled.g346[id="styled__ColumnListItem-sc-85iotp-11"]{content:"ihpWnt,"}/*!sc*/ .hiEELR{-webkit-box-pack:center;-webkit-justify-content:center;-ms-flex-pack:center;justify-content:center;width:100%;padding:1.6rem;margin:0 auto;border-top:0.1rem solid #2A2A2A;position:fixed;bottom:0;left:0;right:0;text-align:center;background:#111;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;}/*!sc*/ @media screen and (min-width:900px){.hiEELR{padding:3.2rem 6.4rem;}}/*!sc*/ data-styled.g350[id="styled__ButtonContainer-sc-85iotp-15"]{content:"hiEELR,"}/*!sc*/ .epRiIO{width:100%;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;gap:1.6rem;}/*!sc*/ data-styled.g353[id="styled__SecondaryButtonContainer-sc-85iotp-18"]{content:"epRiIO,"}/*!sc*/ .kXBJzn{background:#242424;color:#FFFFFF;width:100%;margin:auto;font-size:1.4rem;line-height:2rem;text-align:left;font-family:Aeonik,sans-serif;border-bottom:0.1rem solid #41454C;border-bottom:0.2rem solid;border-image-slice:1;border-image-source:linear-gradient( 135deg,#4cb7a3 0%,#3f59e4 50%,#4016a0 100% );}/*!sc*/ @media screen and (min-width:900px){.kXBJzn{text-align:left;}}/*!sc*/ data-styled.g355[id="styled__Wrapper-q607n8-0"]{content:"kXBJzn,"}/*!sc*/ .bTcOHV{width:100%;max-width:144rem;min-height:4rem;margin:auto;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;padding:1rem 1.6rem;}/*!sc*/ @media screen and (min-width:900px){.bTcOHV{padding:1rem 6.4rem;}}/*!sc*/ @media screen and (min-width:1200px){.bTcOHV{padding:0 6.4rem;}}/*!sc*/ data-styled.g356[id="styled__Container-q607n8-1"]{content:"bTcOHV,"}/*!sc*/ .iXBkOf{-webkit-flex:1;-ms-flex:1;flex:1;padding:0;cursor:pointer;}/*!sc*/ @media screen and (min-width:900px){.iXBkOf{padding:0;}}/*!sc*/ @media screen and (min-width:1200px){.iXBkOf{padding:0.9rem 0;margin-right:2.4rem;}}/*!sc*/ .iXBkOf:hover .styled__CTA-q607n8-4{color:#B6CAFF;}/*!sc*/ data-styled.g360[id="styled__Message-q607n8-5"]{content:"iXBkOf,"}/*!sc*/ .gncCYg{display:none;}/*!sc*/ @media screen and (min-width:1200px){.gncCYg{display:-webkit-inline-box;display:-webkit-inline-flex;display:-ms-inline-flexbox;display:inline-flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}}/*!sc*/ data-styled.g361[id="styled__Buttons-q607n8-6"]{content:"gncCYg,"}/*!sc*/ .gGyWpQ{color:#FFFFFF;cursor:pointer;font-weight:500;display:-webkit-inline-box;display:-webkit-inline-flex;display:-ms-inline-flexbox;display:inline-flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}/*!sc*/ .gGyWpQ:focus{outline:none;}/*!sc*/ .gGyWpQ:hover,.gGyWpQ:focus{color:#B6CAFF;}/*!sc*/ data-styled.g362[id="styled__Login-q607n8-7"]{content:"gGyWpQ,"}/*!sc*/ .dHTtIj{height:10.4rem;width:100%;margin:0 auto;}/*!sc*/ @media screen and (min-width:1200px){.dHTtIj{display:none;}}/*!sc*/ data-styled.g370[id="styled__HeaderBackMobile-sc-1755fzv-1"]{content:"dHTtIj,"}/*!sc*/ .TGnyL{height:0.1rem;position:absolute;visibility:hidden;top:0;}/*!sc*/ data-styled.g371[id="styled__ObservedPixel-sc-1755fzv-2"]{content:"TGnyL,"}/*!sc*/ .kwaEt{position:fixed;top:0;left:0;width:100%;z-index:1000;color:#FFFEFA;}/*!sc*/ data-styled.g372[id="styled__Header-sc-1755fzv-3"]{content:"kwaEt,"}/*!sc*/ .hfWran{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}/*!sc*/ data-styled.g373[id="styled__LogoWrapper-sc-1755fzv-4"]{content:"hfWran,"}/*!sc*/ .cUYhhG{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-flex:1;-ms-flex:1;flex:1;}/*!sc*/ data-styled.g374[id="styled__LogoWrapperMobile-sc-1755fzv-5"]{content:"cUYhhG,"}/*!sc*/ .fblBoo{-webkit-transition:background-color 0.2s ease,border-radius 0.2s ease;transition:background-color 0.2s ease,border-radius 0.2s ease;position:relative;display:none;width:100%;max-width:100%;margin:auto;padding:0 6.4rem;background-color:#111;}/*!sc*/ @media screen and (min-width:1200px){.fblBoo{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-box-pack:justify;-webkit-justify-content:space-between;-ms-flex-pack:justify;justify-content:space-between;}}/*!sc*/ .fblBoo:hover{background-color:#111;border-radius:0 0 1.6rem 1.6rem;}/*!sc*/ data-styled.g375[id="styled__NavDesktop-sc-1755fzv-6"]{content:"fblBoo,"}/*!sc*/ .bCnrpr{max-width:131.2rem;width:100%;margin:auto;-webkit-transition:background-color 0.2s ease,border-radius 0.2s ease;transition:background-color 0.2s ease,border-radius 0.2s ease;position:relative;padding:0 6.4rem;background-color:#111;}/*!sc*/ @media screen and (min-width:1200px){.bCnrpr{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-box-pack:justify;-webkit-justify-content:space-between;-ms-flex-pack:justify;justify-content:space-between;padding:0;}}/*!sc*/ .bCnrpr:hover{background-color:#111;border-radius:0 0 1.6rem 1.6rem;}/*!sc*/ data-styled.g376[id="styled__NavDesktopContainer-sc-1755fzv-7"]{content:"bCnrpr,"}/*!sc*/ .hLHYiD{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}/*!sc*/ data-styled.g377[id="styled__ButtonList-sc-1755fzv-8"]{content:"hLHYiD,"}/*!sc*/ .gZnwIf{max-width:144rem;width:100%;margin:auto;padding:1.2rem 1.6rem;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;background-color:#111;height:6.4rem;box-shadow:inset 0 -0.1rem 0 #2A2A2A;position:relative;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}/*!sc*/ @media screen and (min-width:900px){.gZnwIf{padding:1.6rem 6.4rem;}}/*!sc*/ @media screen and (min-width:1200px){.gZnwIf{display:none;}}/*!sc*/ data-styled.g378[id="styled__NavMobile-sc-1755fzv-9"]{content:"gZnwIf,"}/*!sc*/ .UKpEE{justify-self:flex-end;padding:2rem 0;}/*!sc*/ data-styled.g379[id="styled__RightColumnMobile-sc-1755fzv-10"]{content:"UKpEE,"}/*!sc*/ .iHuLVG{-webkit-appearance:none;-moz-appearance:none;appearance:none;border:0;background:transparent;height:2.4rem;margin:0;padding:0;position:relative;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-box-pack:center;-webkit-justify-content:center;-ms-flex-pack:center;justify-content:center;cursor:pointer;-webkit-transition:all 0.5s ease-in-out;transition:all 0.5s ease-in-out;}/*!sc*/ data-styled.g380[id="styled__BurgerIconWrapper-sc-1755fzv-11"]{content:"iHuLVG,"}/*!sc*/ .dGpEKR{width:2.2rem;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;height:0.25rem;background:#FFFFFF;-webkit-transition:all 0.2s ease-in-out;transition:all 0.2s ease-in-out;margin-top:1.2rem;}/*!sc*/ .dGpEKR::before,.dGpEKR::after{content:'';position:absolute;width:2.2rem;height:0.25rem;background:#FFFFFF;-webkit-transition:all 0.2s ease-in-out;transition:all 0.2s ease-in-out;}/*!sc*/ .dGpEKR::before{-webkit-transform:translateY(-0.7rem);-ms-transform:translateY(-0.7rem);transform:translateY(-0.7rem);}/*!sc*/ .dGpEKR::after{-webkit-transform:translateY(0.7rem);-ms-transform:translateY(0.7rem);transform:translateY(0.7rem);}/*!sc*/ data-styled.g381[id="styled__BurgerIcon-sc-1755fzv-12"]{content:"dGpEKR,"}/*!sc*/ .gJozFS{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;padding:0;list-style:none;margin:0;line-height:2.4rem;}/*!sc*/ data-styled.g382[id="styled__NavList-sc-1755fzv-13"]{content:"gJozFS,"}/*!sc*/ .iyaTlV{color:#FFFEFA;cursor:initial;padding-top:0.9rem;width:104.4rem;position:absolute;left:0;right:0;margin:-0.1rem auto 0;top:6.4rem;display:inline-block;visibility:hidden;opacity:0;-webkit-transform:translateX(-1.6rem);-ms-transform:translateX(-1.6rem);transform:translateX(-1.6rem);-webkit-transition:visibility 0s,opacity 0.2s linear,-webkit-transform 0.2s linear;-webkit-transition:visibility 0s,opacity 0.2s linear,transform 0.2s linear;transition:visibility 0s,opacity 0.2s linear,transform 0.2s linear;}/*!sc*/ data-styled.g383[id="styled__NavElementContentWrapper-sc-1755fzv-14"]{content:"iyaTlV,"}/*!sc*/ .goPIno{position:relative;-webkit-transition:color 0.2s ease;transition:color 0.2s ease;color:#FFFEFA;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:center;-webkit-justify-content:center;-ms-flex-pack:center;justify-content:center;}/*!sc*/ .goPIno::after{content:'';-webkit-transition:border-color 0.2s ease,-webkit-transform 0.2s ease;-webkit-transition:border-color 0.2s ease,transform 0.2s ease;transition:border-color 0.2s ease,transform 0.2s ease;width:100%;height:0.2rem;border-bottom:0.2rem solid transparent;display:block;bottom:-1.6rem;position:absolute;left:0;-webkit-transform:scale(0,1);-ms-transform:scale(0,1);transform:scale(0,1);}/*!sc*/ data-styled.g384[id="styled__NavElementButton-sc-1755fzv-15"]{content:"goPIno,"}/*!sc*/ .dnWatv{font-family:Aeonik,sans-serif;padding:1.6rem 1.8rem;cursor:pointer;font-size:1.6rem;font-weight:500;line-height:3.2rem;-webkit-letter-spacing:0.02rem;-moz-letter-spacing:0.02rem;-ms-letter-spacing:0.02rem;letter-spacing:0.02rem;}/*!sc*/ .dnWatv .styled__NavElementButton-sc-1755fzv-15 > svg{stroke:#FFFEFA;-webkit-transition:stroke 0.2s ease;transition:stroke 0.2s ease;padding-left:0.4rem;}/*!sc*/ .dnWatv:hover{color:#BCBAFF;}/*!sc*/ .dnWatv:hover .styled__NavElementContentWrapper-sc-1755fzv-14{visibility:visible;opacity:1;-webkit-transform:translateX(0);-ms-transform:translateX(0);transform:translateX(0);}/*!sc*/ .dnWatv:hover .styled__NavElementButton-sc-1755fzv-15{color:#BCBAFF;}/*!sc*/ .dnWatv:hover .styled__NavElementButton-sc-1755fzv-15::after{border-bottom-color:#BCBAFF;-webkit-transform:scale(1,1);-ms-transform:scale(1,1);transform:scale(1,1);}/*!sc*/ .dnWatv:hover .styled__NavElementButton-sc-1755fzv-15 > svg{stroke:#BCBAFF;}/*!sc*/ .dnWatv:focus-visible{color:#BCBAFF;}/*!sc*/ .dnWatv:focus-visible .styled__NavElementContentWrapper-sc-1755fzv-14{visibility:visible;opacity:1;-webkit-transform:translateX(0);-ms-transform:translateX(0);transform:translateX(0);}/*!sc*/ .dnWatv:focus-visible .styled__NavElementButton-sc-1755fzv-15{color:#BCBAFF;}/*!sc*/ .dnWatv:focus-visible .styled__NavElementButton-sc-1755fzv-15::after{border-bottom-color:#BCBAFF;-webkit-transform:scale(1,1);-ms-transform:scale(1,1);transform:scale(1,1);}/*!sc*/ .dnWatv:focus-visible .styled__NavElementButton-sc-1755fzv-15 > svg{stroke:#BCBAFF;}/*!sc*/ .dnWatv:focus-within{color:#BCBAFF;}/*!sc*/ .dnWatv:focus-within .styled__NavElementContentWrapper-sc-1755fzv-14{visibility:visible;opacity:1;-webkit-transform:translateX(0);-ms-transform:translateX(0);transform:translateX(0);}/*!sc*/ .dnWatv:focus-within .styled__NavElementButton-sc-1755fzv-15{color:#BCBAFF;}/*!sc*/ .dnWatv:focus-within .styled__NavElementButton-sc-1755fzv-15::after{border-bottom-color:#BCBAFF;-webkit-transform:scale(1,1);-ms-transform:scale(1,1);transform:scale(1,1);}/*!sc*/ .dnWatv:focus-within .styled__NavElementButton-sc-1755fzv-15 > svg{stroke:#BCBAFF;}/*!sc*/ data-styled.g385[id="styled__NavListEl-sc-1755fzv-16"]{content:"dnWatv,"}/*!sc*/ .jtpgRu{background:rgba(23,23,23,0.96);-webkit-backdrop-filter:blur(14px);backdrop-filter:blur(14px);border:0.1rem solid #2A2A2A;border-radius:1rem;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;}/*!sc*/ data-styled.g386[id="styled__NavElementContent-sc-1755fzv-17"]{content:"jtpgRu,"}/*!sc*/ .xvieK{min-width:31.1rem;width:31.1rem;padding:3.2rem;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;}/*!sc*/ data-styled.g391[id="styled__Column-sc-1ff7bch-0"]{content:"xvieK,"}/*!sc*/ .ksvdhq{border-right:0.1rem solid #2A2A2A;-webkit-flex:1;-ms-flex:1;flex:1;width:100%;min-width:33%;}/*!sc*/ .kIFVcf{border-right:0.1rem solid #2A2A2A;}/*!sc*/ data-styled.g392[id="styled__FirstColumn-sc-1ff7bch-1"]{content:"ksvdhq,kIFVcf,"}/*!sc*/ .bpIsaL{border-right:0.1rem solid #2A2A2A;-webkit-flex:1;-ms-flex:1;flex:1;width:100%;min-width:33%;}/*!sc*/ .fbRjZO{border-right:0.1rem solid #2A2A2A;}/*!sc*/ data-styled.g393[id="styled__SecondColumn-sc-1ff7bch-2"]{content:"bpIsaL,fbRjZO,"}/*!sc*/ .cUYhhd{width:auto;-webkit-flex:1;-ms-flex:1;flex:1;padding:3.2rem;width:100%;min-width:33%;}/*!sc*/ .dDttGJ{width:auto;-webkit-flex:1;-ms-flex:1;flex:1;padding:3.2rem 0;}/*!sc*/ .gMGasY{width:auto;-webkit-flex:1;-ms-flex:1;flex:1;padding:0;width:100%;min-width:33%;}/*!sc*/ data-styled.g394[id="styled__ThirdColumn-sc-1ff7bch-3"]{content:"cUYhhd,dDttGJ,gMGasY,"}/*!sc*/ .guYaGV{list-style:none;padding:0;height:100%;}/*!sc*/ data-styled.g396[id="styled__List-sc-1p6pq9n-1"]{content:"guYaGV,"}/*!sc*/ .jSbSuj{margin:0;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;font-family:Aeonik,sans-serif;font-weight:500;font-size:1.4rem;line-height:2.4rem;color:#FFFFFF;}/*!sc*/ .jSbSuj + li{margin-top:1.6rem;}/*!sc*/ .jSbSuj svg{margin-right:1.4rem;min-width:2.4rem;}/*!sc*/ .jSbSuj a{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;color:#FFFFFF;-webkit-transition:color 0.2s ease;transition:color 0.2s ease;width:100%;}/*!sc*/ .jSbSuj a:hover{color:#BCBAFF;}/*!sc*/ .jSbSuj:last-of-type{margin-bottom:3.2rem;}/*!sc*/ data-styled.g397[id="styled__Element-sc-1p6pq9n-2"]{content:"jSbSuj,"}/*!sc*/ .eDzJqf{border-top:0.1rem solid #2A2A2A;padding-top:2.4rem;}/*!sc*/ data-styled.g399[id="styled__BottomLinkWrapper-sc-1p6pq9n-4"]{content:"eDzJqf,"}/*!sc*/ .dURBhZ{list-style:none;padding:0;display:grid;grid-template-columns:1fr;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;height:100%;}/*!sc*/ data-styled.g400[id="styled__List-sc-12vkkep-0"]{content:"dURBhZ,"}/*!sc*/ .cetBpD{margin:0;padding:3.2rem;height:14.47rem;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}/*!sc*/ .cetBpD + li{border-top:0.1rem solid #2A2A2A;}/*!sc*/ .cetBpD div{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:center;-webkit-justify-content:center;-ms-flex-pack:center;justify-content:center;}/*!sc*/ .cetBpD a{color:#BDC4CF;width:100%;}/*!sc*/ .cetBpD a svg{margin-right:1.4rem;}/*!sc*/ .cetBpD a p{margin:0;}/*!sc*/ .cetBpD a p:first-child{font-weight:500;color:#FFFFFF;-webkit-transition:color 0.2s ease;transition:color 0.2s ease;}/*!sc*/ .cetBpD a:hover p{color:#BDC4CF;}/*!sc*/ .cetBpD a:hover p:first-child{color:#BCBAFF;}/*!sc*/ data-styled.g401[id="styled__Element-sc-12vkkep-1"]{content:"cetBpD,"}/*!sc*/ .gXQAAw a{display:block;color:#FFFFFF;}/*!sc*/ .gXQAAw a:hover{color:#BCBAFF;}/*!sc*/ .gXQAAw a span{font-weight:500;}/*!sc*/ .gXQAAw a + a{margin-top:2.4rem;}/*!sc*/ .gXQAAw a + p{margin-top:3.6rem;}/*!sc*/ data-styled.g402[id="styled__Wrapper-mvo3b8-0"]{content:"gXQAAw,"}/*!sc*/ .dNLwir{padding:0 3.2rem;display:block;}/*!sc*/ .dNLwir:hover p:last-of-type{color:#BCBAFF;}/*!sc*/ .dNLwir:first-child{margin-bottom:2.4rem;}/*!sc*/ data-styled.g406[id="styled__Link-k7d9qa-0"]{content:"dNLwir,"}/*!sc*/ .dXPgwV{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}/*!sc*/ data-styled.g407[id="styled__Container-k7d9qa-1"]{content:"dXPgwV,"}/*!sc*/ .iACfSx{border-radius:0.8rem;width:100%;max-width:13rem;height:9rem;margin-right:1.9rem;object-fit:cover;}/*!sc*/ data-styled.g409[id="styled__Image-k7d9qa-3"]{content:"iACfSx,"}/*!sc*/ .iJOdtI{border-top:0.1rem solid #2A2A2A;}/*!sc*/ data-styled.g410[id="styled__Divider-sc-25clja-0"]{content:"iJOdtI,"}/*!sc*/ .gYCAsK{padding:3.2rem 3.2rem 0 3.2rem;}/*!sc*/ data-styled.g411[id="styled__ItemsListContainer-sc-25clja-1"]{content:"gYCAsK,"}/*!sc*/ .gCBQiB{position:relative;padding-left:0.8rem;z-index:100;}/*!sc*/ .gCBQiB:after{content:'';position:absolute;left:0;top:50%;-webkit-transform:translateY(-50%);-ms-transform:translateY(-50%);transform:translateY(-50%);display:inline-block;width:0.1rem;background:#242424;height:2.6rem;}/*!sc*/ data-styled.g412[id="sc-8aqj4j-0"]{content:"gCBQiB,"}/*!sc*/ .fjEeoE{padding:0.6rem 0.55rem;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:center;-webkit-justify-content:center;-ms-flex-pack:center;justify-content:center;background:#1E1E1E;-webkit-appearance:none;-moz-appearance:none;appearance:none;border-radius:0.4rem;-webkit-transition:all 0.2s ease-in-out;transition:all 0.2s ease-in-out;outline:0.4rem solid transparent;border:0.2rem solid #1E1E1E;outline-offset:0;}/*!sc*/ .fjEeoE:hover{background:#2A2A2A;}/*!sc*/ .fjEeoE:focus{outline-color:#6B665FCC;border-color:#B6CAFF;}/*!sc*/ data-styled.g413[id="sc-8aqj4j-1"]{content:"fjEeoE,"}/*!sc*/ .gdIxpa{display:none;-webkit-transition:all 0.2s ease-in-out;transition:all 0.2s ease-in-out;}/*!sc*/ data-styled.g414[id="sc-8aqj4j-2"]{content:"gdIxpa,"}/*!sc*/ .iaowVa{list-style:none;}/*!sc*/ data-styled.g415[id="sc-8aqj4j-3"]{content:"iaowVa,"}/*!sc*/ .kTELOh{background:none;width:100%;text-align:left;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;gap:0.8rem;padding:0.6rem 1.4rem;-webkit-transition:all 0.2s ease-in-out;transition:all 0.2s ease-in-out;border-radius:0.6rem;outline:0.4rem solid transparent;border:0.2rem solid transparent;}/*!sc*/ .kTELOh:hover{background:#2A2A2A;}/*!sc*/ .kTELOh:disabled:hover{background:none;}/*!sc*/ .kTELOh:disabled span{color:#383838;}/*!sc*/ .kTELOh:disabled svg path{stroke:#383838;}/*!sc*/ .kTELOh span{color:#B6CAFF;}/*!sc*/ .kTELOh svg path{stroke:#B6CAFF;}/*!sc*/ .kTELOh:focus{outline-color:#6B665FCC;border-color:#B6CAFF;}/*!sc*/ .jmjPHc{background:none;width:100%;text-align:left;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;gap:0.8rem;padding:0.6rem 1.4rem;-webkit-transition:all 0.2s ease-in-out;transition:all 0.2s ease-in-out;border-radius:0.6rem;outline:0.4rem solid transparent;border:0.2rem solid transparent;}/*!sc*/ .jmjPHc:hover{background:#2A2A2A;}/*!sc*/ .jmjPHc:disabled:hover{background:none;}/*!sc*/ .jmjPHc:disabled span{color:#383838;}/*!sc*/ .jmjPHc:disabled svg path{fill:#383838;}/*!sc*/ .jmjPHc:focus{outline-color:#6B665FCC;border-color:#B6CAFF;}/*!sc*/ data-styled.g416[id="sc-8aqj4j-4"]{content:"kTELOh,jmjPHc,"}/*!sc*/ .iyxCTh{position:fixed;z-index:999;display:none;}/*!sc*/ @media screen and (min-width:1200px){.iyxCTh{display:block;background:#171717;border-top:0.1rem solid #555555;width:100%;margin-top:10.6rem;top:0;}}/*!sc*/ data-styled.g417[id="sc-19z8ym3-0"]{content:"iyxCTh,"}/*!sc*/ @media screen and (min-width:1200px){.fAWgzp{height:6.4rem;width:100%;background:#111;position:absolute;top:-6.4rem;}}/*!sc*/ data-styled.g418[id="sc-19z8ym3-1"]{content:"fAWgzp,"}/*!sc*/ .ePjeMY{max-width:144rem;padding:0 6.4rem;margin:0 auto;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;gap:5.2rem;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:justify;-webkit-justify-content:space-between;-ms-flex-pack:justify;justify-content:space-between;}/*!sc*/ .ePjeMY a:hover,.ePjeMY a:focus{color:#FFFEFA;}/*!sc*/ .ePjeMY a{outline:0.4rem solid transparent;border:0.2rem solid transparent;}/*!sc*/ @media screen and (min-width:1200px) and (max-width:1300px){.ePjeMY{gap:3.2rem;}}/*!sc*/ data-styled.g419[id="sc-19z8ym3-2"]{content:"ePjeMY,"}/*!sc*/ .jdjutH{margin:0;padding:0;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;gap:2.8rem;}/*!sc*/ @media screen and (min-width:1200px) and (max-width:1300px){.jdjutH{gap:2rem;}.jdjutH a{font-size:1.4rem;line-height:1.8rem;}}/*!sc*/ data-styled.g420[id="sc-19z8ym3-3"]{content:"jdjutH,"}/*!sc*/ .kKvPZn{list-style:none;}/*!sc*/ .kKvPZn a{display:block;padding:2rem 0 1.8rem;}/*!sc*/ .kKvPZn:after{display:block;content:'';border-bottom:0.2rem solid #4CB7A3;-webkit-transform:scaleX(0);-ms-transform:scaleX(0);transform:scaleX(0);-webkit-transition:-webkit-transform 0.4s ease-in-out;-webkit-transition:transform 0.4s ease-in-out;transition:transform 0.4s ease-in-out;}/*!sc*/ .kKvPZn:hover{color:inherit;}/*!sc*/ .kKvPZn:hover:after{-webkit-transform:scaleX(1);-ms-transform:scaleX(1);transform:scaleX(1);}/*!sc*/ .kKvPZn:hover a{color:#FFFEFA;}/*!sc*/ .iVeAMP{list-style:none;}/*!sc*/ .iVeAMP a{display:block;padding:2rem 0 1.8rem;}/*!sc*/ .iVeAMP:after{display:block;content:'';border-bottom:0.2rem solid #B49BFC;-webkit-transform:scaleX(0);-ms-transform:scaleX(0);transform:scaleX(0);-webkit-transition:-webkit-transform 0.4s ease-in-out;-webkit-transition:transform 0.4s ease-in-out;transition:transform 0.4s ease-in-out;}/*!sc*/ .iVeAMP:hover{color:inherit;}/*!sc*/ .iVeAMP:hover:after{-webkit-transform:scaleX(1);-ms-transform:scaleX(1);transform:scaleX(1);}/*!sc*/ .iVeAMP:hover a{color:#FFFEFA;}/*!sc*/ .fJixJm{list-style:none;}/*!sc*/ .fJixJm a{display:block;padding:2rem 0 1.8rem;}/*!sc*/ .fJixJm:after{display:block;content:'';border-bottom:0.2rem solid #E27133;-webkit-transform:scaleX(0);-ms-transform:scaleX(0);transform:scaleX(0);-webkit-transition:-webkit-transform 0.4s ease-in-out;-webkit-transition:transform 0.4s ease-in-out;transition:transform 0.4s ease-in-out;}/*!sc*/ .fJixJm:hover{color:inherit;}/*!sc*/ .fJixJm:hover:after{-webkit-transform:scaleX(1);-ms-transform:scaleX(1);transform:scaleX(1);}/*!sc*/ .fJixJm:hover a{color:#FFFEFA;}/*!sc*/ .gbVuTJ{list-style:none;}/*!sc*/ .gbVuTJ a{display:block;padding:2rem 0 1.8rem;}/*!sc*/ .gbVuTJ:after{display:block;content:'';border-bottom:0.2rem solid #F4D594;-webkit-transform:scaleX(0);-ms-transform:scaleX(0);transform:scaleX(0);-webkit-transition:-webkit-transform 0.4s ease-in-out;-webkit-transition:transform 0.4s ease-in-out;transition:transform 0.4s ease-in-out;}/*!sc*/ .gbVuTJ:hover{color:inherit;}/*!sc*/ .gbVuTJ:hover:after{-webkit-transform:scaleX(1);-ms-transform:scaleX(1);transform:scaleX(1);}/*!sc*/ .gbVuTJ:hover a{color:#FFFEFA;}/*!sc*/ .cIIkJD{list-style:none;}/*!sc*/ .cIIkJD a{display:block;padding:2rem 0 1.8rem;}/*!sc*/ .cIIkJD:after{display:block;content:'';border-bottom:0.2rem solid #62C0EB;-webkit-transform:scaleX(0);-ms-transform:scaleX(0);transform:scaleX(0);-webkit-transition:-webkit-transform 0.4s ease-in-out;-webkit-transition:transform 0.4s ease-in-out;transition:transform 0.4s ease-in-out;}/*!sc*/ .cIIkJD:hover{color:inherit;}/*!sc*/ .cIIkJD:hover:after{-webkit-transform:scaleX(1);-ms-transform:scaleX(1);transform:scaleX(1);}/*!sc*/ .cIIkJD:hover a{color:#FFFEFA;}/*!sc*/ .hFAXQk{list-style:none;}/*!sc*/ .hFAXQk a{display:block;padding:2rem 0 1.8rem;}/*!sc*/ .hFAXQk:after{display:block;content:'';border-bottom:0.2rem solid #7192EC;-webkit-transform:scaleX(0);-ms-transform:scaleX(0);transform:scaleX(0);-webkit-transition:-webkit-transform 0.4s ease-in-out;-webkit-transition:transform 0.4s ease-in-out;transition:transform 0.4s ease-in-out;}/*!sc*/ .hFAXQk:hover{color:inherit;}/*!sc*/ .hFAXQk:hover:after{-webkit-transform:scaleX(1);-ms-transform:scaleX(1);transform:scaleX(1);}/*!sc*/ .hFAXQk:hover a{color:#FFFEFA;}/*!sc*/ .fInsdZ{list-style:none;}/*!sc*/ .fInsdZ a{display:block;padding:2rem 0 1.8rem;}/*!sc*/ .fInsdZ:after{display:block;content:'';border-bottom:0.2rem solid #E991B0;-webkit-transform:scaleX(0);-ms-transform:scaleX(0);transform:scaleX(0);-webkit-transition:-webkit-transform 0.4s ease-in-out;-webkit-transition:transform 0.4s ease-in-out;transition:transform 0.4s ease-in-out;}/*!sc*/ .fInsdZ:hover{color:inherit;}/*!sc*/ .fInsdZ:hover:after{-webkit-transform:scaleX(1);-ms-transform:scaleX(1);transform:scaleX(1);}/*!sc*/ .fInsdZ:hover a{color:#FFFEFA;}/*!sc*/ data-styled.g421[id="sc-19z8ym3-4"]{content:"kKvPZn,iVeAMP,fJixJm,gbVuTJ,cIIkJD,hFAXQk,fInsdZ,"}/*!sc*/ .hkZJsJ{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;width:100%;-webkit-flex:1;-ms-flex:1;flex:1;-webkit-box-pack:end;-webkit-justify-content:flex-end;-ms-flex-pack:end;justify-content:flex-end;}/*!sc*/ data-styled.g422[id="sc-19z8ym3-5"]{content:"hkZJsJ,"}/*!sc*/ .bHAfBe{width:100vw;display:none;position:fixed;left:0;top:16rem;}/*!sc*/ .bHAfBe br{display:none;}/*!sc*/ .bHAfBe fieldset,.bHAfBe input{min-width:12.5rem;}/*!sc*/ .bHAfBe input{width:100%;}/*!sc*/ .bHAfBe input:focus{border-width:0.1rem;}/*!sc*/ @media screen and (min-width:900px){.bHAfBe{padding:0 6.4rem;}}/*!sc*/ @media screen and (max-width:1200px){.bHAfBe input{border-radius:0;border-width:0.1rem 0;}.bHAfBe input:hover{border-width:0.1rem 0;}}/*!sc*/ @media screen and (min-width:1200px) and (max-width:1300px){.bHAfBe{padding:0;padding-right:0.8rem;}}/*!sc*/ @media screen and (min-width:1200px){.bHAfBe{display:block;max-width:29rem;width:100%;position:relative;top:0;padding-right:1.6rem;}.bHAfBe input{max-height:4rem;max-width:29rem;width:100%;}.bHAfBe input:focus{border-width:0.1rem;}}/*!sc*/ data-styled.g425[id="sc-8jxe5n-1"]{content:"bHAfBe,"}/*!sc*/ .exdfoO{-webkit-appearance:none;-moz-appearance:none;appearance:none;background:none;border:0;margin:0;padding:0;}/*!sc*/ @media screen and (min-width:1200px){.exdfoO{display:none;}}/*!sc*/ data-styled.g427[id="sc-8jxe5n-3"]{content:"exdfoO,"}/*!sc*/ .iPbnr{position:relative;}/*!sc*/ data-styled.g429[id="sc-1q6s0ef-0"]{content:"iPbnr,"}/*!sc*/ .cmMjKH{display:block;background:#171717;border-top:0.1rem solid #555555;width:100%;z-index:200;position:fixed;}/*!sc*/ @media screen and (min-width:1200px){.cmMjKH{display:none;}}/*!sc*/ data-styled.g456[id="sc-1gkkh2j-0"]{content:"cmMjKH,"}/*!sc*/ .hfnTjw{max-width:144rem;padding:1.2rem 1.6rem;margin:0 auto;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:justify;-webkit-justify-content:space-between;-ms-flex-pack:justify;justify-content:space-between;}/*!sc*/ @media screen and (min-width:900px){.hfnTjw{padding:1.2rem 6.4rem;}}/*!sc*/ data-styled.g457[id="sc-1gkkh2j-1"]{content:"hfnTjw,"}/*!sc*/ .djkNR{visibility:hidden;z-index:8;position:absolute;background:#171717;width:100%;height:100vh;-webkit-transform:translateY(-1rem);-ms-transform:translateY(-1rem);transform:translateY(-1rem);-webkit-transition:-webkit-transform 0.5s ease,visibility 0.4s ease;-webkit-transition:transform 0.5s ease,visibility 0.4s ease;transition:transform 0.5s ease,visibility 0.4s ease;display:block;overflow-y:scroll;overflow-x:hidden;top:5.6rem;left:0;right:0;}/*!sc*/ data-styled.g458[id="sc-1gkkh2j-2"]{content:"djkNR,"}/*!sc*/ .jqUhwM{padding:0;margin:0;border:none;background:none;height:2.4rem;width:2.4rem;-webkit-transition:-webkit-transform 0.5s ease-in-out;-webkit-transition:transform 0.5s ease-in-out;transition:transform 0.5s ease-in-out;-webkit-transform:rotate(0deg);-ms-transform:rotate(0deg);transform:rotate(0deg);}/*!sc*/ data-styled.g460[id="sc-1gkkh2j-4"]{content:"jqUhwM,"}/*!sc*/ .ktqmki{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}/*!sc*/ data-styled.g461[id="sc-1gkkh2j-5"]{content:"ktqmki,"}/*!sc*/ .drcxHp{margin:0;padding:0;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;list-style:none;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;-webkit-align-items:flex-start;-webkit-box-align:flex-start;-ms-flex-align:flex-start;align-items:flex-start;}/*!sc*/ data-styled.g462[id="sc-1gkkh2j-6"]{content:"drcxHp,"}/*!sc*/ .eAKUYk{width:100%;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-box-pack:justify;-webkit-justify-content:space-between;-ms-flex-pack:justify;justify-content:space-between;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;padding:2.4rem 1.6rem;}/*!sc*/ data-styled.g463[id="sc-1gkkh2j-7"]{content:"eAKUYk,"}/*!sc*/ .jZeTEE{list-style:none;border-bottom:0.1rem solid rgba(128,128,128,0.6);width:100%;background:linear-gradient(90deg,rgba(17,17,17,0.00) 0%,rgba(9,98,86,0.12) 100%);}/*!sc*/ .eMQqDZ{list-style:none;border-bottom:0.1rem solid rgba(128,128,128,0.6);width:100%;background:linear-gradient(90deg,rgba(17,17,17,0.00) 0%,rgba(117,73,242,0.12) 100%);}/*!sc*/ .fiENtL{list-style:none;border-bottom:0.1rem solid rgba(128,128,128,0.6);width:100%;background:linear-gradient(90deg,rgba(17,17,17,0.00) 0%,rgba(226,113,51,0.12) 100%);}/*!sc*/ .dPGYxJ{list-style:none;border-bottom:0.1rem solid rgba(128,128,128,0.6);width:100%;background:linear-gradient(90deg,rgba(17,17,17,0.00) 0%,rgba(244,213,148,0.12) 100%);}/*!sc*/ .bUbYVZ{list-style:none;border-bottom:0.1rem solid rgba(128,128,128,0.6);width:100%;background:linear-gradient(90deg,rgba(17,17,17,0.00) 0%,rgba(98,192,235,0.12) 100%);}/*!sc*/ .jtthK{list-style:none;border-bottom:0.1rem solid rgba(128,128,128,0.6);width:100%;background:linear-gradient(90deg,rgba(17,17,17,0.00) 0%,rgba(153,167,241,0.12) 100%);}/*!sc*/ .kvjbE{list-style:none;border-bottom:0.1rem solid rgba(128,128,128,0.6);width:100%;background:linear-gradient(90deg,rgba(17,17,17,0.00) 0%,rgba(233,145,176,0.12) 100%);}/*!sc*/ data-styled.g464[id="sc-1gkkh2j-8"]{content:"jZeTEE,eMQqDZ,fiENtL,dPGYxJ,bUbYVZ,jtthK,kvjbE,"}/*!sc*/ .hAGWZa{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;}/*!sc*/ data-styled.g465[id="sc-1gkkh2j-9"]{content:"hAGWZa,"}/*!sc*/ .kpLfjt{border-bottom:0.1rem solid #808080;}/*!sc*/ data-styled.g467[id="sc-1gkkh2j-11"]{content:"kpLfjt,"}/*!sc*/ .dOVPCc{margin-right:1.6rem;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;}/*!sc*/ data-styled.g472[id="sc-1gkkh2j-16"]{content:"dOVPCc,"}/*!sc*/ .fKMCDe{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;padding-bottom:2.4rem;border-bottom:0.1rem solid #2A2A2A;-webkit-box-pack:justify;-webkit-justify-content:space-between;-ms-flex-pack:justify;justify-content:space-between;gap:2.4rem;}/*!sc*/ .fKMCDe h2{-webkit-text-decoration:underline;text-decoration:underline;-webkit-text-decoration-thickness:0.1rem;text-decoration-thickness:0.1rem;-webkit-text-decoration-color:transparent;text-decoration-color:transparent;-webkit-transition:all 0.2s ease-in-out;transition:all 0.2s ease-in-out;text-underline-offset:0.6rem;}/*!sc*/ .fKMCDe:hover h2{-webkit-text-decoration-color:#FFFEFA;text-decoration-color:#FFFEFA;}/*!sc*/ data-styled.g474[id="sc-3ihoar-0"]{content:"fKMCDe,"}/*!sc*/ .iKpHSC{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;gap:1.2rem;margin-bottom:1.2rem;}/*!sc*/ data-styled.g475[id="sc-3ihoar-1"]{content:"iKpHSC,"}/*!sc*/ .eqIdOp{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;margin-top:auto;padding-top:1.6rem;}/*!sc*/ .eqIdOp >:first-child{padding-left:0;}/*!sc*/ data-styled.g476[id="sc-3ihoar-2"]{content:"eqIdOp,"}/*!sc*/ .ereVRY{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;height:100%;}/*!sc*/ data-styled.g477[id="sc-3ihoar-3"]{content:"ereVRY,"}/*!sc*/ .bGboTj{display:none;}/*!sc*/ .bGboTj img{width:22.4rem;height:22.4rem;object-fit:cover;}/*!sc*/ @media screen and (min-width:1200px){.bGboTj{display:block;min-width:22.4rem;max-height:22.4rem;aspect-ratio:1 /1;border-radius:1.6rem;overflow:hidden;}}/*!sc*/ data-styled.g478[id="sc-3ihoar-4"]{content:"bGboTj,"}/*!sc*/ .fdjAfx{max-width:144rem;padding:5.6rem 1.6rem 0;margin:0 auto 4rem;}/*!sc*/ @media screen and (min-width:900px){.fdjAfx{padding:0 6.4rem;}}/*!sc*/ @media screen and (min-width:1200px){.fdjAfx{padding:20.5rem 6.4rem 0;margin-bottom:8rem;}}/*!sc*/ data-styled.g531[id="sc-1mzlt0h-0"]{content:"fdjAfx,"}/*!sc*/ .cFXDBO{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;row-gap:2.8rem;-webkit-box-pack:space-around;-webkit-justify-content:space-around;-ms-flex-pack:space-around;justify-content:space-around;width:100%;}/*!sc*/ data-styled.g532[id="sc-1mzlt0h-1"]{content:"cFXDBO,"}/*!sc*/ .UWhwk{display:block;padding:4rem 0rem;}/*!sc*/ .UWhwk > div{padding:0;}/*!sc*/ @media screen and (min-width:900px){.UWhwk{padding:8rem 0 4rem;}}/*!sc*/ @media screen and (min-width:1200px){.UWhwk{display:none;}}/*!sc*/ data-styled.g533[id="sc-1mzlt0h-2"]{content:"UWhwk,"}/*!sc*/ .eAVDDk{display:none;}/*!sc*/ @media screen and (min-width:1200px){.eAVDDk{display:grid;grid-template-columns:1fr 1fr;gap:3.2rem;}}/*!sc*/ data-styled.g534[id="sc-1mzlt0h-3"]{content:"eAVDDk,"}/*!sc*/ .bQsbkQ{width:100%;min-width:100%;min-height:100%;}/*!sc*/ .bQsbkQ:not(:last-of-type){margin-right:3.2rem;}/*!sc*/ .bQsbkQ > a{height:100%;}/*!sc*/ @media screen and (min-width:900px){.bQsbkQ{min-width:calc(50% - 1.6rem);}}/*!sc*/ @media screen and (min-width:1200px){.bQsbkQ{min-width:calc(33% - 1.8rem);}}/*!sc*/ data-styled.g535[id="sc-1mzlt0h-4"]{content:"bQsbkQ,"}/*!sc*/ .joqbUW{background:#111111;padding-top:1.2rem;}/*!sc*/ data-styled.g585[id="styled__Wrapper-sc-1gk46x3-0"]{content:"joqbUW,"}/*!sc*/ .gDWHCk{width:100%;max-width:144rem;margin:auto;font-family:Inter,sans-serif;padding:0 1.6rem;}/*!sc*/ @media screen and (min-width:900px){.gDWHCk{padding:0 6.4rem;}}/*!sc*/ data-styled.g586[id="styled__Content-sc-1gk46x3-1"]{content:"gDWHCk,"}/*!sc*/ .fvSMPF{display:grid;grid-template-columns:1fr 1fr;grid-row-gap:4.8rem;margin:4.8rem auto auto;}/*!sc*/ @media screen and (min-width:900px){.fvSMPF{margin:6.4rem auto auto;}}/*!sc*/ @media screen and (min-width:1200px){.fvSMPF{grid-template-columns:1fr 1fr 1fr 1fr;grid-template-rows:1fr 1fr;margin:8rem auto auto;max-width:131.2rem;}}/*!sc*/ data-styled.g587[id="styled__Nav-sc-1gk46x3-2"]{content:"fvSMPF,"}/*!sc*/ .fLDEkJ{list-style:none;margin-bottom:0;padding-left:0;}/*!sc*/ data-styled.g588[id="styled__LinksList-sc-1gk46x3-3"]{content:"fLDEkJ,"}/*!sc*/ .mYoth{font-weight:500;font-size:1.4rem;line-height:3.2rem;-webkit-letter-spacing:-0.001rem;-moz-letter-spacing:-0.001rem;-ms-letter-spacing:-0.001rem;letter-spacing:-0.001rem;padding-right:3.2rem;}/*!sc*/ .mYoth a{color:#fff;}/*!sc*/ .mYoth a span{background:linear-gradient( 59deg,#4016a0 -18.49%,#3f59e4 38.74%,#4cb7a3 106.36% );padding:0.1rem 0.6rem;border-radius:0.4rem;margin-left:0.8rem;color:#fff;font-weight:600;}/*!sc*/ .mYoth a:hover{color:#bcbaff;}/*!sc*/ @media screen and (min-width:900px){.mYoth p::before{content:'';margin-right:0.8rem;border-left:0.1rem solid #8c929c;height:1.2rem;display:inline-block;}}/*!sc*/ data-styled.g590[id="styled__LinksListItem-sc-1gk46x3-5"]{content:"mYoth,"}/*!sc*/ .bIoZHy{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;}/*!sc*/ .bIoZHy > ul{-webkit-flex:1;-ms-flex:1;flex:1;}/*!sc*/ data-styled.g591[id="styled__LastSection-sc-1gk46x3-6"]{content:"bIoZHy,"}/*!sc*/ .ePaSVl{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;grid-gap:1.6rem;margin-left:1.6rem;display:none;}/*!sc*/ @media screen and (min-width:900px){.ePaSVl{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;margin-left:0;}}/*!sc*/ .bqmjrK{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;grid-gap:1.6rem;margin-left:1.6rem;}/*!sc*/ @media screen and (min-width:900px){.bqmjrK{display:none;}}/*!sc*/ data-styled.g592[id="styled__Icons-sc-1gk46x3-7"]{content:"ePaSVl,bqmjrK,"}/*!sc*/ .bqgUVT{height:2.4rem;}/*!sc*/ .bqgUVT:hover{cursor:pointer;}/*!sc*/ .bqgUVT:hover path{fill:#bcbaff;}/*!sc*/ data-styled.g593[id="styled__IconsLink-sc-1gk46x3-8"]{content:"bqgUVT,"}/*!sc*/ .gobPqK{padding:2.4rem 0 0;position:relative;margin-top:4.8rem;}/*!sc*/ @media screen and (min-width:900px){.gobPqK{display:none;}}/*!sc*/ data-styled.g594[id="styled__FooterBottomMobile-sc-1gk46x3-9"]{content:"gobPqK,"}/*!sc*/ .iyAPaK{display:none;}/*!sc*/ @media screen and (min-width:900px){.iyAPaK{display:block;border-top:0.1rem solid #5a5f66;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;padding:2.4rem 0;position:relative;margin-top:4.8rem;}}/*!sc*/ @media screen and (min-width:1200px){.iyAPaK{margin-top:10rem;}}/*!sc*/ data-styled.g595[id="styled__FooterBottom-sc-1gk46x3-10"]{content:"iyAPaK,"}/*!sc*/ .hyLWBj{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;margin:2.4rem 1.6rem;}/*!sc*/ data-styled.g596[id="styled__LegalAndLangMobile-sc-1gk46x3-11"]{content:"hyLWBj,"}/*!sc*/ .blPSfp{display:-webkit-inline-box;display:-webkit-inline-flex;display:-ms-inline-flexbox;display:inline-flex;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;font-weight:500;color:#8c929c;grid-gap:0.6rem;font-size:1.2rem;line-height:1.8rem;-webkit-flex:1;-ms-flex:1;flex:1;-webkit-flex-flow:wrap;-ms-flex-flow:wrap;flex-flow:wrap;}/*!sc*/ .blPSfp img{max-width:4rem;}/*!sc*/ .blPSfp a{color:#8c929c;}/*!sc*/ .blPSfp a:hover{color:#bcbaff;}/*!sc*/ @media screen and (min-width:900px){.blPSfp{-webkit-box-pack:end;-webkit-justify-content:flex-end;-ms-flex-pack:end;justify-content:flex-end;}}/*!sc*/ @media screen and (min-width:1200px){.blPSfp{font-size:1.4rem;line-height:2.2rem;}}/*!sc*/ data-styled.g597[id="styled__Legal-sc-1gk46x3-12"]{content:"blPSfp,"}/*!sc*/ body{background:#111;}/*!sc*/ data-styled.g632[id="sc-global-kwhGru1"]{content:"sc-global-kwhGru1,"}/*!sc*/ .kjBEnM{margin:4rem 0.4rem;}/*!sc*/ @media screen and (min-width:1200px){.kjBEnM{margin:8rem 0 6.4rem;}}/*!sc*/ data-styled.g862[id="fj6wb5-0"]{content:"kjBEnM,"}/*!sc*/ .dVXDVJ{display:none;}/*!sc*/ @media screen and (min-width:1200px){.dVXDVJ{display:block;grid-column:1 / 4;}}/*!sc*/ data-styled.g863[id="sc-1xe0dlm-0"]{content:"dVXDVJ,"}/*!sc*/ .biHUoU{max-width:144rem;margin:0 auto;padding:0 1.6rem;}/*!sc*/ @media screen and (min-width:900px){.biHUoU{padding:0 6.4rem;}}/*!sc*/ @media screen and (min-width:1200px){.biHUoU{display:grid;grid-template-columns:repeat(12,1fr);gap:3.2rem;}}/*!sc*/ data-styled.g864[id="sc-17bje54-0"]{content:"biHUoU,"}/*!sc*/ .bVbzdS{grid-column:5 / 13;}/*!sc*/ data-styled.g865[id="sc-17bje54-1"]{content:"bVbzdS,"}/*!sc*/ .figwfx{display:block;}/*!sc*/ data-styled.g866[id="sc-17bje54-2"]{content:"figwfx,"}/*!sc*/ .jLSKET{margin:4rem auto 0;max-width:144rem;padding:0 1.6rem;}/*!sc*/ @media screen and (min-width:900px){.jLSKET{padding:0 6.4rem;}}/*!sc*/ @media screen and (min-width:1200px){.jLSKET{display:none;}}/*!sc*/ data-styled.g867[id="sc-17bje54-3"]{content:"jLSKET,"}/*!sc*/ </style></head><body itemscope="" itemType="http://schema.org/WebPage"><div id="__next"><script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js" type="text/javascript" charSet="UTF-8" data-domain-script="96e22fd8-d619-4cdd-a3c6-d51529d21faf" id="consent-script"></script><script> function OptanonWrapper() { const status = document.getElementById("onetrust-accept-btn-handler") ? 'waitingForConsent' : 'expressedConsent'; window.top.postMessage(status, '*'); } </script><div class="styled__ObservedPixel-sc-1755fzv-2 TGnyL"></div><div class="styled__HeaderBackMobile-sc-1755fzv-1 dHTtIj"></div><header class="styled__Header-sc-1755fzv-3 kwaEt"><div class="styled__Wrapper-q607n8-0 kXBJzn"><div class="styled__Container-q607n8-1 bTcOHV"><a class="styled__Message-q607n8-5 iXBkOf"></a><div class="styled__Buttons-q607n8-6 gncCYg"><a href="/api/auth/login?redirectTo=dashboard" rel="external" class="styled__Login-q607n8-7 gGyWpQ">Login</a></div></div></div><nav aria-label="Mobile nav" class="styled__NavMobile-sc-1755fzv-9 gZnwIf"><a rel="external" href="/" aria-label="Auth0 logo" class="styled__LogoWrapperMobile-sc-1755fzv-5 cUYhhG"><svg xmlns="http://www.w3.org/2000/svg" width="106" height="40" viewBox="0 0 106 40" fill="none"><path d="M1.69096 17.4795C6.93608 16.6184 11.0487 12.5058 11.9098 7.26068L12.3326 4.70858C12.4108 4.21277 12.009 3.77959 11.5079 3.81612C7.51539 4.12404 3.75249 5.44967 1.67009 6.30037C0.662823 6.71268 0 7.69386 0 8.78985V16.8532C0 17.3282 0.422753 17.6883 0.892465 17.61L1.69096 17.4795Z" fill="#FFFEFA"></path><path d="M14.4356 7.26056C15.2968 12.5057 19.4094 16.6183 24.6545 17.4794L25.453 17.6099C25.9227 17.6882 26.3454 17.3281 26.3454 16.8531V8.78973C26.3454 7.69895 25.6826 6.71777 24.6753 6.30025C22.5982 5.44433 18.83 4.12392 14.8375 3.816C14.3365 3.77947 13.9294 4.21265 14.0129 4.70846L14.4356 7.26056Z" fill="#FFFEFA"></path><path d="M24.6589 20.0112C19.4138 20.8723 15.3012 24.9849 14.44 30.23L13.9181 35.209C13.8712 35.6578 14.367 35.9762 14.7428 35.7257C14.7428 35.7257 14.748 35.7257 14.7532 35.7205C18.0412 33.5024 25.5461 27.6936 26.2872 20.4392C26.3238 20.0843 26.0054 19.792 25.6557 19.8494L24.6641 20.0112H24.6589Z" fill="#FFFEFA"></path><path d="M11.9075 30.2277C11.0464 24.9826 6.9338 20.87 1.68868 20.0088L0.618783 19.8314C0.305641 19.7792 0.0238052 20.0401 0.0551193 20.3585C0.759688 27.6547 8.36904 33.5 11.6831 35.7181C12.0276 35.9477 12.4816 35.6711 12.4399 35.2588L11.9128 30.2225L11.9075 30.2277Z" fill="#FFFEFA"></path><path d="M62.7942 13.954H60.297C60.1456 13.954 60.0267 14.073 60.0267 14.2243V21.4295C60.0267 22.3105 59.8807 23.0835 59.5889 23.7483C59.297 24.4132 58.8862 24.9213 58.3511 25.2672C57.8159 25.6132 57.1835 25.7861 56.4538 25.7861C55.4052 25.7861 54.616 25.4402 54.0917 24.7483C53.5674 24.0564 53.3026 23.0619 53.3026 21.77V14.2243C53.3026 14.073 53.1837 13.954 53.0323 13.954H50.5081C50.3567 13.954 50.2378 14.073 50.2378 14.2243V22.0781C50.2378 23.2943 50.3891 24.3105 50.6864 25.1267C50.9837 25.9429 51.3945 26.6023 51.908 27.1104C52.4215 27.6185 53.0107 27.9752 53.6809 28.1915C54.3458 28.4077 55.0431 28.5158 55.7728 28.5158C56.8214 28.5158 57.6916 28.3158 58.3889 27.9104C58.9024 27.6131 59.3348 27.2834 59.697 26.9158C59.8483 26.7591 60.1078 26.8455 60.151 27.0564L60.3456 28.1212C60.3672 28.2509 60.4807 28.3428 60.6105 28.3428H62.7834C62.9347 28.3428 63.0536 28.2239 63.0536 28.0725V14.2243C63.0536 14.073 62.9347 13.954 62.7834 13.954H62.7942Z" fill="#FFFEFA"></path><path d="M73.644 25.6751H70.3846C69.8062 25.6751 69.3954 25.5562 69.163 25.3237C68.9306 25.0913 68.8117 24.6913 68.8117 24.1292V16.897C68.8117 16.7456 68.9306 16.6267 69.0819 16.6267H73.5034C73.6548 16.6267 73.7737 16.5078 73.7737 16.3564V14.2268C73.7737 14.0754 73.6548 13.9565 73.5034 13.9565H69.3522C69.0549 13.9565 68.8117 13.7133 68.8117 13.416V9.85394C68.8117 9.70259 68.6928 9.58368 68.5414 9.58368H66.0442C65.8928 9.58368 65.7739 9.70259 65.7739 9.85394V24.4427C65.7739 25.7562 66.082 26.7345 66.7036 27.3777C67.3198 28.0264 68.3144 28.3453 69.6819 28.3453H73.644C73.7953 28.3453 73.9142 28.2264 73.9142 28.075V25.9453C73.9142 25.794 73.7953 25.6751 73.644 25.6751Z" fill="#FFFEFA"></path><path d="M86.3392 14.5169C85.4852 14.0304 84.4907 13.7872 83.3447 13.7872C82.4475 13.7872 81.6205 13.9655 80.8691 14.3223C80.3286 14.5817 79.8475 14.9006 79.4367 15.2844C79.2638 15.4466 78.9881 15.3223 78.9881 15.0898V8.93866C78.9881 8.78731 78.8692 8.6684 78.7178 8.6684H76.1936C76.0423 8.6684 75.9233 8.78731 75.9233 8.93866V28.0732C75.9233 28.2246 76.0423 28.3435 76.1936 28.3435H78.7178C78.8692 28.3435 78.9881 28.2246 78.9881 28.0732V21.0626C78.9881 20.1275 79.1395 19.3167 79.4367 18.6303C79.734 17.9492 80.1611 17.4195 80.7178 17.0411C81.2691 16.6682 81.9232 16.479 82.6691 16.479C83.415 16.479 84.0096 16.6465 84.4961 16.9871C84.9825 17.3222 85.3501 17.7979 85.5933 18.4086C85.8366 19.0194 85.9609 19.7437 85.9609 20.587V28.0732C85.9609 28.2246 86.0798 28.3435 86.2311 28.3435H88.7284C88.8797 28.3435 88.9986 28.2246 88.9986 28.0732V20.3329C88.9986 18.8735 88.7716 17.6573 88.3122 16.6952C87.8527 15.7276 87.1987 15.0033 86.3446 14.5169H86.3392Z" fill="#FFFEFA"></path><path d="M104.469 12.9455C103.891 11.5239 103.064 10.4267 101.994 9.65913C100.923 8.89158 99.6423 8.50781 98.1451 8.50781C96.6478 8.50781 95.3884 8.89158 94.3073 9.65913C93.2317 10.4267 92.3993 11.5239 91.8209 12.9455C91.2426 14.3725 90.9507 16.0752 90.9507 18.0589V18.9561C90.9507 20.9615 91.2426 22.6804 91.8209 24.1128C92.3993 25.5451 93.2317 26.637 94.3073 27.3883C95.383 28.1397 96.664 28.5126 98.1451 28.5126C99.6261 28.5126 100.929 28.1397 101.994 27.3883C103.058 26.637 103.885 25.5451 104.469 24.1128C105.048 22.6804 105.339 20.9615 105.339 18.9561V18.0589C105.339 16.0752 105.048 14.3671 104.469 12.9455ZM94.0155 19.3021C94.0155 19.1507 94.0155 18.9994 94.0155 18.848V18.1724C94.0155 15.886 94.3722 14.1347 95.0857 12.9185C95.7992 11.7023 96.8208 11.0915 98.1505 11.0915C99.3883 11.0915 100.356 11.6158 101.058 12.6699C101.329 13.0482 101.096 13.5293 100.983 13.659L95.4424 19.8372C94.9506 20.3885 94.0425 20.048 94.0263 19.3129L94.0155 19.3021ZM102.275 18.848C102.275 21.1182 101.918 22.8587 101.204 24.0749C100.491 25.2911 99.4693 25.9019 98.1397 25.9019C96.9181 25.9019 95.9559 25.3884 95.2587 24.3614C94.9884 23.9884 95.2208 23.5128 95.3343 23.3776L100.853 17.1886C101.345 16.6373 102.253 16.9724 102.269 17.7129C102.269 17.8643 102.269 18.021 102.269 18.1778V18.8534L102.275 18.848Z" fill="#FFFEFA"></path><path d="M48.5034 25.7039H48.4277C48.125 25.7039 47.9142 25.6391 47.7791 25.5093C47.6493 25.3796 47.5845 25.1364 47.5845 24.7796V19.0176C47.5845 17.315 47.0602 16.0177 46.0115 15.1259C44.9629 14.234 43.4927 13.7908 41.6009 13.7908C40.4009 13.7908 39.3469 13.98 38.4388 14.3529C37.5307 14.7259 36.8064 15.2556 36.2605 15.9421C35.7794 16.5474 35.4767 17.2447 35.347 18.0339C35.32 18.196 35.4551 18.3474 35.6173 18.3474H38.0712C38.1956 18.3474 38.2983 18.2609 38.3307 18.1366C38.4766 17.5961 38.7955 17.1528 39.2982 16.8123C39.8604 16.4285 40.5793 16.2339 41.4603 16.2339C42.4333 16.2339 43.1954 16.461 43.7359 16.9204C44.2765 17.3799 44.5521 18.0123 44.5521 18.8176V19.4176C44.5521 19.569 44.4332 19.6879 44.2819 19.6879H41.0117C39.028 19.6879 37.5145 20.0879 36.4713 20.8825C35.4335 21.677 34.9092 22.8175 34.9092 24.2986C34.9092 25.1796 35.1362 25.9364 35.5848 26.5742C36.0335 27.212 36.6551 27.6931 37.455 28.0228C38.2496 28.3525 39.1631 28.5147 40.1955 28.5147C41.5468 28.5147 42.6441 28.2012 43.4981 27.5741C43.8711 27.2985 44.2062 26.985 44.4981 26.6444C44.6386 26.4769 44.9143 26.5363 44.9629 26.7471C45.0386 27.1039 45.1845 27.4174 45.3954 27.6714C45.7683 28.1201 46.4656 28.3471 47.4764 28.3471H48.779C48.9304 28.3471 49.0493 28.2282 49.0493 28.0768V26.1526C49.0493 25.785 48.9304 25.7039 48.5088 25.7039H48.5034ZM44.5467 22.5311C44.5467 23.2229 44.39 23.8499 44.0711 24.4013C43.7522 24.9526 43.3035 25.385 42.7198 25.6931C42.1414 26.0012 41.4333 26.158 40.6117 26.158C39.7901 26.158 39.1631 25.9634 38.6874 25.5796C38.2118 25.1958 37.9685 24.704 37.9685 24.104C37.9685 23.3743 38.2172 22.8283 38.7145 22.4716C39.2118 22.1148 39.9252 21.9365 40.8658 21.9365H44.5467V22.5256V22.5311Z" fill="#FFFEFA"></path></svg></a><div class="styled__RightColumnMobile-sc-1755fzv-10 UKpEE"><button aria-label="Menu" aria-expanded="false" class="styled__BurgerIconWrapper-sc-1755fzv-11 iHuLVG"><span class="styled__BurgerIcon-sc-1755fzv-12 dGpEKR"></span></button></div><section class="styled__Wrapper-sc-85iotp-0 hdiybx"><ul class="styled__ContentWrapper-sc-85iotp-1 iZzMFn"><li class="styled__NavItemContainer-sc-85iotp-2 fbKXcX"><p class="styled__NavItemTitle-sc-85iotp-5 jJmhNW">Developers</p><div class="styled__NavItem-sc-85iotp-6 dAmhCz"><div class="styled__ColumnContainer-sc-85iotp-7 QEhDV"><p class="styled__ColumnItemTitle-sc-85iotp-8 dhdvtD">Developers</p><ul class="styled__ColumnList-sc-85iotp-10 lbxxTt"><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="https://developer.auth0.com/" rel="external">Developer Center</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="https://developer.auth0.com/resources/code-samples" rel="external">Code Samples</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="https://developer.auth0.com/resources/guides" rel="external">Guides</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="https://identityunlocked.auth0.com/public/49/Identity,-Unlocked.--bed7fada" rel="external">Identity Unlocked - Podcasts</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="https://developer.auth0.com/newsletter" rel="external">Zero Index Newsletter</a></li></ul></div><div class="styled__ColumnContainer-sc-85iotp-7 QEhDV"><p class="styled__ColumnItemTitle-sc-85iotp-8 dhdvtD">Developer Tools</p><ul class="styled__ColumnList-sc-85iotp-10 lbxxTt"><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="https://openidconnect.net/" rel="external">OIDC Connect Playground</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="https://samltool.io/" rel="external">SAML Tool</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="http://jwt.io/" rel="external">JWT.io</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="http://webauthn.me/" rel="external">Webauthn.me</a></li></ul></div><div class="styled__ColumnContainer-sc-85iotp-7 QEhDV"><p class="styled__ColumnItemTitle-sc-85iotp-8 dhdvtD">Get Involved</p><ul class="styled__ColumnList-sc-85iotp-10 lbxxTt"><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="https://developer.auth0.com/events" rel="external">Events</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/research-program" rel="external">Auth0 Research Program</a></li></ul></div></div></li><li class="styled__NavItemContainer-sc-85iotp-2 fbKXcX"><p class="styled__NavItemTitle-sc-85iotp-5 jJmhNW">Documentation</p><div class="styled__NavItem-sc-85iotp-6 dAmhCz"><div class="styled__ColumnContainer-sc-85iotp-7 QEhDV"><p class="styled__ColumnItemTitle-sc-85iotp-8 dhdvtD">Documentation</p><ul class="styled__ColumnList-sc-85iotp-10 lbxxTt"><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/docs" rel="external">Auth0 Docs</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/docs/articles" rel="external">Articles</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/docs/quickstarts" rel="external">Quickstarts</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/docs/api" rel="external">APIs</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/docs/libraries" rel="external">SDK Libraries</a></li></ul></div><div class="styled__ColumnContainer-sc-85iotp-7 QEhDV"><p class="styled__ColumnItemTitle-sc-85iotp-8 dhdvtD">Support Center</p><ul class="styled__ColumnList-sc-85iotp-10 lbxxTt"><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="https://community.auth0.com/" rel="external">Community</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="https://support.auth0.com/" rel="external">Support</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="https://community.auth0.com/c/help/6" rel="external">Help</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="https://community.auth0.com/c/faq/42" rel="external">FAQs</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="https://marketplace.auth0.com" rel="external">Explore Auth0 Marketplace</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/resources" rel="external">Resources</a></li></ul></div><div class="styled__ColumnContainer-sc-85iotp-7 QEhDV"><ul class="styled__ColumnList-sc-85iotp-10 lbxxTt"><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/blog/" rel="external">Blog</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/learn" rel="external">Learn</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/intro-to-iam" rel="external">Intro to IAM (CIAM)</a></li></ul></div></div></li><li class="styled__NavItemContainer-sc-85iotp-2 fbKXcX"><p class="styled__NavItemTitle-sc-85iotp-5 jJmhNW">Product</p><div class="styled__NavItem-sc-85iotp-6 dAmhCz"><div class="styled__ColumnContainer-sc-85iotp-7 QEhDV"><p class="styled__ColumnItemTitle-sc-85iotp-8 dhdvtD">Platform</p><ul class="styled__ColumnList-sc-85iotp-10 lbxxTt"><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/platform/access-management" rel="external">Access Management</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/platform/extensibility" rel="external">Extensibility</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/platform/login-security" rel="external">Security</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/platform/user-management" rel="external">User Management</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/platform/authentication" rel="external">Authentication</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/fine-grained-authorization" rel="external">Fine Grained Authorization</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="https://auth0.com/platform" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 butiik FYDuM">View platform</a></li></ul></div><div class="styled__ColumnContainer-sc-85iotp-7 QEhDV"><p class="styled__ColumnItemTitle-sc-85iotp-8 dhdvtD">Features</p><ul class="styled__ColumnList-sc-85iotp-10 lbxxTt"><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/features/universal-login" rel="external">Universal Login</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/features/single-sign-on" rel="external">Single Sign On</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/features/multifactor-authentication" rel="external">Multifactor Authentication</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/features/actions" rel="external">Actions</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/features/machine-to-machine" rel="external">Machine to Machine</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/features/passwordless" rel="external">Passwordless</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/features/breached-passwords" rel="external">Breached Passwords</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="https://auth0.com/features" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 butiik FYDuM">View features</a></li></ul></div></div></li><li class="styled__NavItemContainer-sc-85iotp-2 fbKXcX"><p class="styled__NavItemTitle-sc-85iotp-5 jJmhNW">Solutions</p><div class="styled__NavItem-sc-85iotp-6 dAmhCz"><div class="styled__ColumnContainer-sc-85iotp-7 QEhDV"><p class="styled__ColumnItemTitle-sc-85iotp-8 dhdvtD">Industries</p><ul class="styled__ColumnList-sc-85iotp-10 lbxxTt"><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/nonprofits" rel="external">Nonprofits &amp; Charities</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/startups" rel="external">Startups</a></li></ul></div><div class="styled__ColumnContainer-sc-85iotp-7 QEhDV"><p class="styled__ColumnItemTitle-sc-85iotp-8 dhdvtD">Use Cases</p><ul class="styled__ColumnList-sc-85iotp-10 lbxxTt"><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/b2c-customer-identity-management" rel="external">Consumer Applications</a></li><li class="styled__ColumnListItem-sc-85iotp-11 ihpWnt"><a href="/b2b-saas" rel="external">B2B SaaS Applications</a></li></ul></div></div></li><li class="styled__NavItemContainer-sc-85iotp-2 styled__NavLinkContainer-sc-85iotp-3 fbKXcX bUCOoz"><a href="/blog/" rel="external" class="styled__NavLink-sc-85iotp-4 dETrsJ">Blog</a></li><li class="styled__NavItemContainer-sc-85iotp-2 styled__NavLinkContainer-sc-85iotp-3 fbKXcX bUCOoz"><a href="/pricing/" rel="external" class="styled__NavLink-sc-85iotp-4 dETrsJ">Pricing</a></li></ul><div class="styled__ButtonContainer-sc-85iotp-15 hiEELR"><div class="styled__SecondaryButtonContainer-sc-85iotp-18 epRiIO"><a rel="external" href="/signup?place=header&amp;type=button&amp;text=sign%20up" role="button" tabindex="0" class="styled__Button-sc-1hwml9q-0 utils-sc-11hlfw-0 etdOck bPWQw"><span>Sign up</span></a><a href="/api/auth/login?redirectTo=dashboard" rel="external" role="button" tabindex="0" class="styled__Button-sc-1hwml9q-0 utils-sc-11hlfw-0 cmgpvv bPWQw"><span>Login</span></a></div><a href="/contact-us?place=header&amp;type=button&amp;text=contact%20sales" role="button" tabindex="0" class="styled__Button-sc-1hwml9q-0 utils-sc-11hlfw-0 dmEnyJ bKQnZO"><span>Contact sales</span></a></div></section></nav><nav aria-label="Desktop nav" class="styled__NavDesktop-sc-1755fzv-6 fblBoo"><div class="styled__NavDesktopContainer-sc-1755fzv-7 bCnrpr"><a rel="external" href="/" aria-label="Auth0 logo" class="styled__LogoWrapper-sc-1755fzv-4 hfWran"><svg xmlns="http://www.w3.org/2000/svg" width="106" height="40" viewBox="0 0 106 40" fill="none"><path d="M1.69096 17.4795C6.93608 16.6184 11.0487 12.5058 11.9098 7.26068L12.3326 4.70858C12.4108 4.21277 12.009 3.77959 11.5079 3.81612C7.51539 4.12404 3.75249 5.44967 1.67009 6.30037C0.662823 6.71268 0 7.69386 0 8.78985V16.8532C0 17.3282 0.422753 17.6883 0.892465 17.61L1.69096 17.4795Z" fill="#FFFEFA"></path><path d="M14.4356 7.26056C15.2968 12.5057 19.4094 16.6183 24.6545 17.4794L25.453 17.6099C25.9227 17.6882 26.3454 17.3281 26.3454 16.8531V8.78973C26.3454 7.69895 25.6826 6.71777 24.6753 6.30025C22.5982 5.44433 18.83 4.12392 14.8375 3.816C14.3365 3.77947 13.9294 4.21265 14.0129 4.70846L14.4356 7.26056Z" fill="#FFFEFA"></path><path d="M24.6589 20.0112C19.4138 20.8723 15.3012 24.9849 14.44 30.23L13.9181 35.209C13.8712 35.6578 14.367 35.9762 14.7428 35.7257C14.7428 35.7257 14.748 35.7257 14.7532 35.7205C18.0412 33.5024 25.5461 27.6936 26.2872 20.4392C26.3238 20.0843 26.0054 19.792 25.6557 19.8494L24.6641 20.0112H24.6589Z" fill="#FFFEFA"></path><path d="M11.9075 30.2277C11.0464 24.9826 6.9338 20.87 1.68868 20.0088L0.618783 19.8314C0.305641 19.7792 0.0238052 20.0401 0.0551193 20.3585C0.759688 27.6547 8.36904 33.5 11.6831 35.7181C12.0276 35.9477 12.4816 35.6711 12.4399 35.2588L11.9128 30.2225L11.9075 30.2277Z" fill="#FFFEFA"></path><path d="M62.7942 13.954H60.297C60.1456 13.954 60.0267 14.073 60.0267 14.2243V21.4295C60.0267 22.3105 59.8807 23.0835 59.5889 23.7483C59.297 24.4132 58.8862 24.9213 58.3511 25.2672C57.8159 25.6132 57.1835 25.7861 56.4538 25.7861C55.4052 25.7861 54.616 25.4402 54.0917 24.7483C53.5674 24.0564 53.3026 23.0619 53.3026 21.77V14.2243C53.3026 14.073 53.1837 13.954 53.0323 13.954H50.5081C50.3567 13.954 50.2378 14.073 50.2378 14.2243V22.0781C50.2378 23.2943 50.3891 24.3105 50.6864 25.1267C50.9837 25.9429 51.3945 26.6023 51.908 27.1104C52.4215 27.6185 53.0107 27.9752 53.6809 28.1915C54.3458 28.4077 55.0431 28.5158 55.7728 28.5158C56.8214 28.5158 57.6916 28.3158 58.3889 27.9104C58.9024 27.6131 59.3348 27.2834 59.697 26.9158C59.8483 26.7591 60.1078 26.8455 60.151 27.0564L60.3456 28.1212C60.3672 28.2509 60.4807 28.3428 60.6105 28.3428H62.7834C62.9347 28.3428 63.0536 28.2239 63.0536 28.0725V14.2243C63.0536 14.073 62.9347 13.954 62.7834 13.954H62.7942Z" fill="#FFFEFA"></path><path d="M73.644 25.6751H70.3846C69.8062 25.6751 69.3954 25.5562 69.163 25.3237C68.9306 25.0913 68.8117 24.6913 68.8117 24.1292V16.897C68.8117 16.7456 68.9306 16.6267 69.0819 16.6267H73.5034C73.6548 16.6267 73.7737 16.5078 73.7737 16.3564V14.2268C73.7737 14.0754 73.6548 13.9565 73.5034 13.9565H69.3522C69.0549 13.9565 68.8117 13.7133 68.8117 13.416V9.85394C68.8117 9.70259 68.6928 9.58368 68.5414 9.58368H66.0442C65.8928 9.58368 65.7739 9.70259 65.7739 9.85394V24.4427C65.7739 25.7562 66.082 26.7345 66.7036 27.3777C67.3198 28.0264 68.3144 28.3453 69.6819 28.3453H73.644C73.7953 28.3453 73.9142 28.2264 73.9142 28.075V25.9453C73.9142 25.794 73.7953 25.6751 73.644 25.6751Z" fill="#FFFEFA"></path><path d="M86.3392 14.5169C85.4852 14.0304 84.4907 13.7872 83.3447 13.7872C82.4475 13.7872 81.6205 13.9655 80.8691 14.3223C80.3286 14.5817 79.8475 14.9006 79.4367 15.2844C79.2638 15.4466 78.9881 15.3223 78.9881 15.0898V8.93866C78.9881 8.78731 78.8692 8.6684 78.7178 8.6684H76.1936C76.0423 8.6684 75.9233 8.78731 75.9233 8.93866V28.0732C75.9233 28.2246 76.0423 28.3435 76.1936 28.3435H78.7178C78.8692 28.3435 78.9881 28.2246 78.9881 28.0732V21.0626C78.9881 20.1275 79.1395 19.3167 79.4367 18.6303C79.734 17.9492 80.1611 17.4195 80.7178 17.0411C81.2691 16.6682 81.9232 16.479 82.6691 16.479C83.415 16.479 84.0096 16.6465 84.4961 16.9871C84.9825 17.3222 85.3501 17.7979 85.5933 18.4086C85.8366 19.0194 85.9609 19.7437 85.9609 20.587V28.0732C85.9609 28.2246 86.0798 28.3435 86.2311 28.3435H88.7284C88.8797 28.3435 88.9986 28.2246 88.9986 28.0732V20.3329C88.9986 18.8735 88.7716 17.6573 88.3122 16.6952C87.8527 15.7276 87.1987 15.0033 86.3446 14.5169H86.3392Z" fill="#FFFEFA"></path><path d="M104.469 12.9455C103.891 11.5239 103.064 10.4267 101.994 9.65913C100.923 8.89158 99.6423 8.50781 98.1451 8.50781C96.6478 8.50781 95.3884 8.89158 94.3073 9.65913C93.2317 10.4267 92.3993 11.5239 91.8209 12.9455C91.2426 14.3725 90.9507 16.0752 90.9507 18.0589V18.9561C90.9507 20.9615 91.2426 22.6804 91.8209 24.1128C92.3993 25.5451 93.2317 26.637 94.3073 27.3883C95.383 28.1397 96.664 28.5126 98.1451 28.5126C99.6261 28.5126 100.929 28.1397 101.994 27.3883C103.058 26.637 103.885 25.5451 104.469 24.1128C105.048 22.6804 105.339 20.9615 105.339 18.9561V18.0589C105.339 16.0752 105.048 14.3671 104.469 12.9455ZM94.0155 19.3021C94.0155 19.1507 94.0155 18.9994 94.0155 18.848V18.1724C94.0155 15.886 94.3722 14.1347 95.0857 12.9185C95.7992 11.7023 96.8208 11.0915 98.1505 11.0915C99.3883 11.0915 100.356 11.6158 101.058 12.6699C101.329 13.0482 101.096 13.5293 100.983 13.659L95.4424 19.8372C94.9506 20.3885 94.0425 20.048 94.0263 19.3129L94.0155 19.3021ZM102.275 18.848C102.275 21.1182 101.918 22.8587 101.204 24.0749C100.491 25.2911 99.4693 25.9019 98.1397 25.9019C96.9181 25.9019 95.9559 25.3884 95.2587 24.3614C94.9884 23.9884 95.2208 23.5128 95.3343 23.3776L100.853 17.1886C101.345 16.6373 102.253 16.9724 102.269 17.7129C102.269 17.8643 102.269 18.021 102.269 18.1778V18.8534L102.275 18.848Z" fill="#FFFEFA"></path><path d="M48.5034 25.7039H48.4277C48.125 25.7039 47.9142 25.6391 47.7791 25.5093C47.6493 25.3796 47.5845 25.1364 47.5845 24.7796V19.0176C47.5845 17.315 47.0602 16.0177 46.0115 15.1259C44.9629 14.234 43.4927 13.7908 41.6009 13.7908C40.4009 13.7908 39.3469 13.98 38.4388 14.3529C37.5307 14.7259 36.8064 15.2556 36.2605 15.9421C35.7794 16.5474 35.4767 17.2447 35.347 18.0339C35.32 18.196 35.4551 18.3474 35.6173 18.3474H38.0712C38.1956 18.3474 38.2983 18.2609 38.3307 18.1366C38.4766 17.5961 38.7955 17.1528 39.2982 16.8123C39.8604 16.4285 40.5793 16.2339 41.4603 16.2339C42.4333 16.2339 43.1954 16.461 43.7359 16.9204C44.2765 17.3799 44.5521 18.0123 44.5521 18.8176V19.4176C44.5521 19.569 44.4332 19.6879 44.2819 19.6879H41.0117C39.028 19.6879 37.5145 20.0879 36.4713 20.8825C35.4335 21.677 34.9092 22.8175 34.9092 24.2986C34.9092 25.1796 35.1362 25.9364 35.5848 26.5742C36.0335 27.212 36.6551 27.6931 37.455 28.0228C38.2496 28.3525 39.1631 28.5147 40.1955 28.5147C41.5468 28.5147 42.6441 28.2012 43.4981 27.5741C43.8711 27.2985 44.2062 26.985 44.4981 26.6444C44.6386 26.4769 44.9143 26.5363 44.9629 26.7471C45.0386 27.1039 45.1845 27.4174 45.3954 27.6714C45.7683 28.1201 46.4656 28.3471 47.4764 28.3471H48.779C48.9304 28.3471 49.0493 28.2282 49.0493 28.0768V26.1526C49.0493 25.785 48.9304 25.7039 48.5088 25.7039H48.5034ZM44.5467 22.5311C44.5467 23.2229 44.39 23.8499 44.0711 24.4013C43.7522 24.9526 43.3035 25.385 42.7198 25.6931C42.1414 26.0012 41.4333 26.158 40.6117 26.158C39.7901 26.158 39.1631 25.9634 38.6874 25.5796C38.2118 25.1958 37.9685 24.704 37.9685 24.104C37.9685 23.3743 38.2172 22.8283 38.7145 22.4716C39.2118 22.1148 39.9252 21.9365 40.8658 21.9365H44.5467V22.5256V22.5311Z" fill="#FFFEFA"></path></svg></a><ul role="menubar" class="styled__NavList-sc-1755fzv-13 gJozFS"><li role="menuitem" aria-haspopup="true" tabindex="0" class="styled__NavListEl-sc-1755fzv-16 dnWatv"><div class="styled__NavElementButton-sc-1755fzv-15 goPIno"><span>Developers</span><svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"><g id="chevron-down"><path id="icon" fill-rule="evenodd" clip-rule="evenodd" d="M7.99994 9.93934L12.4696 5.46967L13.5303 6.53033L8.53027 11.5303C8.23738 11.8232 7.76251 11.8232 7.46961 11.5303L2.46961 6.53033L3.53027 5.46967L7.99994 9.93934Z" fill="#FFFEFA"></path></g></svg></div><div class="styled__NavElementContentWrapper-sc-1755fzv-14 iyaTlV"><section class="styled__NavElementContent-sc-1755fzv-17 jtpgRu"><section class="styled__Column-sc-1ff7bch-0 styled__FirstColumn-sc-1ff7bch-1 xvieK ksvdhq"><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt iCUAvT">Developers</p><ul role="menubar" class="styled__List-sc-1p6pq9n-1 guYaGV"><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="https://developer.auth0.com/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Developer Center</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="https://developer.auth0.com/resources/code-samples" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Code Samples</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="https://developer.auth0.com/resources/guides" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Guides</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="https://identityunlocked.auth0.com/public/49/Identity,-Unlocked.--bed7fada" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Identity Unlocked - Podcasts</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="https://developer.auth0.com/newsletter" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Zero Index Newsletter</a></li></ul></section><section class="styled__Column-sc-1ff7bch-0 styled__SecondColumn-sc-1ff7bch-2 xvieK bpIsaL"><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt iCUAvT">Developer Tools</p><ul role="menubar" class="styled__List-sc-1p6pq9n-1 guYaGV"><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="https://openidconnect.net/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">OIDC Connect Playground</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="https://samltool.io/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">SAML Tool</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="http://jwt.io/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">JWT.io</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="http://webauthn.me/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Webauthn.me</a></li></ul></section><section class="styled__Column-sc-1ff7bch-0 styled__ThirdColumn-sc-1ff7bch-3 xvieK cUYhhd"><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt iCUAvT">Get Involved</p><ul role="menubar" class="styled__List-sc-1p6pq9n-1 guYaGV"><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="https://developer.auth0.com/events" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Events</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/research-program" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Auth0 Research Program</a></li></ul></section></section></div></li><li role="menuitem" aria-haspopup="true" tabindex="0" class="styled__NavListEl-sc-1755fzv-16 dnWatv"><div class="styled__NavElementButton-sc-1755fzv-15 goPIno"><span>Documentation</span><svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"><g id="chevron-down"><path id="icon" fill-rule="evenodd" clip-rule="evenodd" d="M7.99994 9.93934L12.4696 5.46967L13.5303 6.53033L8.53027 11.5303C8.23738 11.8232 7.76251 11.8232 7.46961 11.5303L2.46961 6.53033L3.53027 5.46967L7.99994 9.93934Z" fill="#FFFEFA"></path></g></svg></div><div class="styled__NavElementContentWrapper-sc-1755fzv-14 iyaTlV"><section class="styled__NavElementContent-sc-1755fzv-17 jtpgRu"><section class="styled__Column-sc-1ff7bch-0 styled__FirstColumn-sc-1ff7bch-1 xvieK kIFVcf"><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt iCUAvT">Documentation</p><ul role="menubar" class="styled__List-sc-1p6pq9n-1 guYaGV"><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/docs" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Auth0 Docs</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/docs/articles" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Articles</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/docs/quickstarts" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Quickstarts</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/docs/api" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">APIs</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/docs/libraries" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">SDK Libraries</a></li></ul></section><section class="styled__Column-sc-1ff7bch-0 styled__SecondColumn-sc-1ff7bch-2 xvieK fbRjZO"><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt iCUAvT">Support Center</p><ul role="menubar" class="styled__List-sc-1p6pq9n-1 guYaGV"><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="https://community.auth0.com/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Community</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="https://support.auth0.com/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Support</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="https://community.auth0.com/c/help/6" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Help</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="https://community.auth0.com/c/faq/42" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">FAQs</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="https://marketplace.auth0.com" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Explore Auth0 Marketplace</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/resources" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Resources</a></li></ul></section><section class="styled__Column-sc-1ff7bch-0 styled__ThirdColumn-sc-1ff7bch-3 xvieK dDttGJ"><a href="/blog/getting-unlimited-scalability-with-okta-fine-grained-authorization/" rel="external" class="styled__Link-k7d9qa-0 dNLwir"><div class="styled__Container-k7d9qa-1 dXPgwV"><img loading="lazy" src="https://cdn.auth0.com/website/website/cic-header/hero/blog-thumbnail.png" alt="" class="styled__Image-k7d9qa-3 iACfSx"/><div><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt bdewcp">BLOG</p><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 bkTDvW eTNTBu">Getting Unlimited Scalability with Okta Fine Grained Authorization</p></div></div></a><div class="styled__Divider-sc-25clja-0 iJOdtI"></div><div class="styled__ItemsListContainer-sc-25clja-1 gYCAsK"><ul role="menubar" class="styled__List-sc-1p6pq9n-1 guYaGV"><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/blog/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Blog</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/learn" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Learn</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/intro-to-iam" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Intro to IAM (CIAM)</a></li></ul></div></section></section></div></li><li role="menuitem" aria-haspopup="true" tabindex="0" class="styled__NavListEl-sc-1755fzv-16 dnWatv"><div class="styled__NavElementButton-sc-1755fzv-15 goPIno"><span>Product</span><svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"><g id="chevron-down"><path id="icon" fill-rule="evenodd" clip-rule="evenodd" d="M7.99994 9.93934L12.4696 5.46967L13.5303 6.53033L8.53027 11.5303C8.23738 11.8232 7.76251 11.8232 7.46961 11.5303L2.46961 6.53033L3.53027 5.46967L7.99994 9.93934Z" fill="#FFFEFA"></path></g></svg></div><div class="styled__NavElementContentWrapper-sc-1755fzv-14 iyaTlV"><section class="styled__NavElementContent-sc-1755fzv-17 jtpgRu"><section class="styled__Column-sc-1ff7bch-0 styled__FirstColumn-sc-1ff7bch-1 xvieK ksvdhq"><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt iCUAvT">Platform</p><ul role="menubar" class="styled__List-sc-1p6pq9n-1 guYaGV"><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/platform/access-management" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Access Management</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/platform/extensibility" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Extensibility</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/platform/login-security" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Security</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/platform/user-management" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">User Management</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/platform/authentication" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Authentication</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/fine-grained-authorization" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Fine Grained Authorization</a></li></ul><div class="styled__BottomLinkWrapper-sc-1p6pq9n-4 eDzJqf"><a href="https://auth0.com/platform" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 jSunBo czoLEI">View platform</a></div></section><section class="styled__Column-sc-1ff7bch-0 styled__SecondColumn-sc-1ff7bch-2 xvieK bpIsaL"><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt iCUAvT">Features</p><ul role="menubar" class="styled__List-sc-1p6pq9n-1 guYaGV"><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/features/universal-login" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Universal Login</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/features/single-sign-on" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Single Sign On</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/features/multifactor-authentication" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Multifactor Authentication</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/features/actions" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Actions</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/features/machine-to-machine" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Machine to Machine</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/features/passwordless" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Passwordless</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/features/breached-passwords" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Breached Passwords</a></li></ul><div class="styled__BottomLinkWrapper-sc-1p6pq9n-4 eDzJqf"><a href="https://auth0.com/features" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 jSunBo czoLEI">View features</a></div></section><section class="styled__Column-sc-1ff7bch-0 styled__ThirdColumn-sc-1ff7bch-3 xvieK gMGasY"><ul class="styled__List-sc-12vkkep-0 dURBhZ"><li class="styled__Element-sc-12vkkep-1 cetBpD"><a rel="external" href="/resources/videos/platform-introduction-video-2020" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hfCwZi jrcqSi"><div><p>Technology Overview</p><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 fXa-dFL kXdnOe">Watch a walkthrough of the Auth0 Platform</p></div></a></li><li class="styled__Element-sc-12vkkep-1 cetBpD"><a rel="external" href="/platform/cloud-deployment" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hfCwZi jrcqSi"><div><p>Cloud Deployments</p><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 fXa-dFL kXdnOe">Deploy to the cloud, your way</p></div></a></li><li class="styled__Element-sc-12vkkep-1 cetBpD"><a rel="external" href="/marketplace" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hfCwZi jrcqSi"><div><p>Auth0 Marketplace</p><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 fXa-dFL kXdnOe">Discover the integrations you need to solve identity</p></div></a></li></ul></section></section></div></li><li role="menuitem" aria-haspopup="true" tabindex="0" class="styled__NavListEl-sc-1755fzv-16 dnWatv"><div class="styled__NavElementButton-sc-1755fzv-15 goPIno"><span>Solutions</span><svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"><g id="chevron-down"><path id="icon" fill-rule="evenodd" clip-rule="evenodd" d="M7.99994 9.93934L12.4696 5.46967L13.5303 6.53033L8.53027 11.5303C8.23738 11.8232 7.76251 11.8232 7.46961 11.5303L2.46961 6.53033L3.53027 5.46967L7.99994 9.93934Z" fill="#FFFEFA"></path></g></svg></div><div class="styled__NavElementContentWrapper-sc-1755fzv-14 iyaTlV"><section class="styled__NavElementContent-sc-1755fzv-17 jtpgRu"><section class="styled__Column-sc-1ff7bch-0 styled__FirstColumn-sc-1ff7bch-1 xvieK kIFVcf"><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt iCUAvT">Industries</p><ul role="menubar" class="styled__List-sc-1p6pq9n-1 guYaGV"><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/nonprofits" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Nonprofits &amp; Charities</a></li><li role="menuitem" class="styled__Element-sc-1p6pq9n-2 jSbSuj"><a rel="external" href="/startups" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO eldvFb">Startups</a></li></ul></section><section class="styled__Column-sc-1ff7bch-0 styled__SecondColumn-sc-1ff7bch-2 xvieK fbRjZO"><div class="styled__Wrapper-mvo3b8-0 gXQAAw"><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt dKTRwW">Use Cases</p><a rel="external" href="/b2c-customer-identity-management" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO crZFdA"><span>Consumer Applications</span></a><a rel="external" href="/b2b-saas" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO crZFdA"><span>B2B SaaS Applications</span></a><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt dKTRwW">Case Studies</p><a rel="external" href="/customers/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 bhxyxO crZFdA"><span>Read our customers stories</span></a></div></section><section class="styled__Column-sc-1ff7bch-0 styled__ThirdColumn-sc-1ff7bch-3 xvieK dDttGJ"><a href="https://okta.valuestoryapp.com/okta/?utm_Origin=Auth0" rel="external" class="styled__Link-k7d9qa-0 dNLwir"><div class="styled__Container-k7d9qa-1 dXPgwV"><img loading="lazy" src="https://cdn.auth0.com/website/header/ROI_thumb_2x.png" alt="" class="styled__Image-k7d9qa-3 iACfSx"/><div><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt bdewcp">CIAM ROI Calculator</p><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 bkTDvW eTNTBu">Estimate the revenue impact to your customer-facing business</p></div></div></a></section></section></div></li><li role="menuitem" aria-haspopup="false" tabindex="0" class="styled__NavListEl-sc-1755fzv-16 dnWatv"><a href="/blog/" rel="external" class="styled__NavElementButton-sc-1755fzv-15 goPIno"><span>Blog</span></a></li><li role="menuitem" aria-haspopup="false" class="styled__NavListEl-sc-1755fzv-16 dnWatv"><a href="/pricing/" rel="external" class="styled__NavElementButton-sc-1755fzv-15 goPIno"><span>Pricing</span></a></li></ul><div class="styled__ButtonList-sc-1755fzv-8 hLHYiD"><a role="button" rel="external" href="/signup?place=header&amp;type=button&amp;text=sign%20up" tabindex="0" class="styled__Button-sc-1hwml9q-0 utils-sc-11hlfw-0 etdOck iyreho"><span>Sign up</span></a><a role="button" rel="external" href="/contact-us?place=header&amp;type=button&amp;text=contact%20sales" tabindex="0" class="styled__Button-sc-1hwml9q-0 utils-sc-11hlfw-0 cmgpvv dTOMa-D"><span>Contact sales</span></a></div></div></nav></header><nav id="blog-header" class="sc-1gkkh2j-0 cmMjKH"><div class="sc-1gkkh2j-1 hfnTjw"><div class="sc-1gkkh2j-5 ktqmki"><a href="/blog" class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 kVgWkQ cvLfHs">Blog</a><button aria-label="chevron icon, open menu" class="sc-1gkkh2j-4 jqUhwM"><svg width="25" height="24" viewBox="0 0 25 24" fill="none" xmlns="http://www.w3.org/2000/svg"><g id="icon-chevron-down"><path id="Vector" d="M13.6314 15.7829L19.7072 9.70712L18.293 8.29291L12.5001 14.0858L6.70718 8.29291L5.29297 9.70712L11.3687 15.7829C11.9935 16.4077 13.0066 16.4077 13.6314 15.7829Z" fill="#FFFEFA"></path></g></svg></button></div><div class="sc-1gkkh2j-2 djkNR"><div class="sc-1gkkh2j-11 kpLfjt"><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 calwMa lmzreS">Explore Topics</p></div><ul class="sc-1gkkh2j-6 drcxHp"><li class="sc-1gkkh2j-8 jZeTEE"><a href="/blog/developers" class="sc-1gkkh2j-7 eAKUYk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gXwSZc lbFYLj">Developers</p><svg width="25" height="24" viewBox="0 0 25 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M16.9572 12.7071L10.4572 19.2071L9.04297 17.7928L14.8359 12L9.04297 6.20706L10.4572 4.79285L16.9572 11.2928C17.1447 11.4804 17.2501 11.7347 17.2501 12C17.2501 12.2652 17.1447 12.5195 16.9572 12.7071Z" fill="#FFFEFA"></path></svg></a></li><li class="sc-1gkkh2j-8 eMQqDZ"><a href="/blog/identity-and-security" class="sc-1gkkh2j-7 eAKUYk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gXwSZc lbFYLj">Identity &amp; Security</p><svg width="25" height="24" viewBox="0 0 25 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M16.9572 12.7071L10.4572 19.2071L9.04297 17.7928L14.8359 12L9.04297 6.20706L10.4572 4.79285L16.9572 11.2928C17.1447 11.4804 17.2501 11.7347 17.2501 12C17.2501 12.2652 17.1447 12.5195 16.9572 12.7071Z" fill="#FFFEFA"></path></svg></a></li><li class="sc-1gkkh2j-8 fiENtL"><a href="/blog/business" class="sc-1gkkh2j-7 eAKUYk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gXwSZc lbFYLj">Business</p><svg width="25" height="24" viewBox="0 0 25 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M16.9572 12.7071L10.4572 19.2071L9.04297 17.7928L14.8359 12L9.04297 6.20706L10.4572 4.79285L16.9572 11.2928C17.1447 11.4804 17.2501 11.7347 17.2501 12C17.2501 12.2652 17.1447 12.5195 16.9572 12.7071Z" fill="#FFFEFA"></path></svg></a></li><li class="sc-1gkkh2j-8 dPGYxJ"><a href="/blog/leadership" class="sc-1gkkh2j-7 eAKUYk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gXwSZc lbFYLj">Leadership</p><svg width="25" height="24" viewBox="0 0 25 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M16.9572 12.7071L10.4572 19.2071L9.04297 17.7928L14.8359 12L9.04297 6.20706L10.4572 4.79285L16.9572 11.2928C17.1447 11.4804 17.2501 11.7347 17.2501 12C17.2501 12.2652 17.1447 12.5195 16.9572 12.7071Z" fill="#FFFEFA"></path></svg></a></li><li class="sc-1gkkh2j-8 bUbYVZ"><a href="/blog/culture" class="sc-1gkkh2j-7 eAKUYk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gXwSZc lbFYLj">Culture</p><svg width="25" height="24" viewBox="0 0 25 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M16.9572 12.7071L10.4572 19.2071L9.04297 17.7928L14.8359 12L9.04297 6.20706L10.4572 4.79285L16.9572 11.2928C17.1447 11.4804 17.2501 11.7347 17.2501 12C17.2501 12.2652 17.1447 12.5195 16.9572 12.7071Z" fill="#FFFEFA"></path></svg></a></li><li class="sc-1gkkh2j-8 jtthK"><a href="/blog/engineering" class="sc-1gkkh2j-7 eAKUYk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gXwSZc lbFYLj">Engineering</p><svg width="25" height="24" viewBox="0 0 25 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M16.9572 12.7071L10.4572 19.2071L9.04297 17.7928L14.8359 12L9.04297 6.20706L10.4572 4.79285L16.9572 11.2928C17.1447 11.4804 17.2501 11.7347 17.2501 12C17.2501 12.2652 17.1447 12.5195 16.9572 12.7071Z" fill="#FFFEFA"></path></svg></a></li><li class="sc-1gkkh2j-8 kvjbE"><a href="/blog/announcements" class="sc-1gkkh2j-7 eAKUYk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gXwSZc lbFYLj">Announcements</p><svg width="25" height="24" viewBox="0 0 25 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M16.9572 12.7071L10.4572 19.2071L9.04297 17.7928L14.8359 12L9.04297 6.20706L10.4572 4.79285L16.9572 11.2928C17.1447 11.4804 17.2501 11.7347 17.2501 12C17.2501 12.2652 17.1447 12.5195 16.9572 12.7071Z" fill="#FFFEFA"></path></svg></a></li></ul></div><div class="sc-1gkkh2j-9 hAGWZa"><div class="sc-1gkkh2j-16 dOVPCc"><div class="sc-1q6s0ef-0 iPbnr"><div class="sc-8jxe5n-0 gRIKWN"><button aria-label="Open search bar" id="open-search-mobile" class="sc-8jxe5n-3 exdfoO"><svg width="17" height="16" viewBox="0 0 17 16" fill="#FFFEFA" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M7.16634 1.33331C4.22082 1.33331 1.83301 3.72113 1.83301 6.66665C1.83301 9.61217 4.22082 12 7.16634 12C8.38796 12 9.51365 11.5893 10.4129 10.8984L14.0283 14.5138L14.9711 13.571L11.361 9.96087C12.0742 9.05392 12.4997 7.90997 12.4997 6.66665C12.4997 3.72113 10.1119 1.33331 7.16634 1.33331ZM3.16634 6.66665C3.16634 4.45751 4.9572 2.66665 7.16634 2.66665C9.37548 2.66665 11.1663 4.45751 11.1663 6.66665C11.1663 8.87579 9.37548 10.6666 7.16634 10.6666C4.9572 10.6666 3.16634 8.87579 3.16634 6.66665Z" fill="#FFFEFA"></path></svg></button><form action="/blog/search" method="get" class="sc-8jxe5n-1 bHAfBe"><div class="sc-8jxe5n-4 fcGWOt"><fieldset id="react-aria7486911275-735" class="styled__InputWrapper-sc-zjpc1c-2 lrdPx"><svg class="styled__SearchIcon-sc-zjpc1c-3 dNHNJo" width="16" height="16" fill="none" xmlns="http://www.w3.org/2000/svg"><path clip-rule="evenodd" d="M7 12A5 5 0 1 0 7 2a5 5 0 0 0 0 10Z" stroke="#8C929C" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round"></path><path d="m14 14-3.467-3.467" stroke="#8C929C" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round"></path></svg><input type="text" placeholder="Search..." aria-label="search" value="" autoComplete="off" name="query" id="react-aria7486911275-731" aria-describedby="react-aria7486911275-733 react-aria7486911275-734" class="styled__TextInput-sc-zjpc1c-1 bLVyXv"/></fieldset></div><input type="hidden" name="page" value="1"/></form></div></div></div><div class="sc-8aqj4j-0 gCBQiB"><button id="theme__selector" aria-label="Open theme selector" class="sc-8aqj4j-1 fjEeoE"><svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M13.3335 2H2.66683C1.93045 2 1.3335 2.59695 1.3335 3.33333V10C1.3335 10.7364 1.93045 11.3333 2.66683 11.3333H13.3335C14.0699 11.3333 14.6668 10.7364 14.6668 10V3.33333C14.6668 2.59695 14.0699 2 13.3335 2Z" stroke="#FFFEFA" stroke-width="1.33333" stroke-linecap="round" stroke-linejoin="round"></path><path d="M5.3335 14H10.6668" stroke="#FFFEFA" stroke-width="1.33333" stroke-linecap="square" stroke-linejoin="round"></path><path d="M8 11.3335V14.0002" stroke="#FFFEFA" stroke-width="1.33333" stroke-linecap="round" stroke-linejoin="round"></path></svg></button><ul class="sc-8aqj4j-2 gdIxpa"><li class="sc-8aqj4j-3 iaowVa"><button id="theme__system" selected="" class="sc-8aqj4j-4 kTELOh"><svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M13.3335 2H2.66683C1.93045 2 1.3335 2.59695 1.3335 3.33333V10C1.3335 10.7364 1.93045 11.3333 2.66683 11.3333H13.3335C14.0699 11.3333 14.6668 10.7364 14.6668 10V3.33333C14.6668 2.59695 14.0699 2 13.3335 2Z" stroke="#FFFEFA" stroke-width="1.33333" stroke-linecap="round" stroke-linejoin="round"></path><path d="M5.3335 14H10.6668" stroke="#FFFEFA" stroke-width="1.33333" stroke-linecap="square" stroke-linejoin="round"></path><path d="M8 11.3335V14.0002" stroke="#FFFEFA" stroke-width="1.33333" stroke-linecap="round" stroke-linejoin="round"></path></svg> <span class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk lbFYLj">System</span></button></li><li class="sc-8aqj4j-3 iaowVa"><button id="theme__dark" class="sc-8aqj4j-4 jmjPHc"><svg width="17" height="16" viewBox="0 0 17 16" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M8.55426 1.6727C8.68328 1.90162 8.66579 2.18497 8.50959 2.39629C7.33265 3.98854 7.49774 6.20226 8.89782 7.60234C10.2979 9.00243 12.5116 9.16751 14.1039 7.99057C14.3152 7.83438 14.5985 7.81688 14.8275 7.9459C15.0564 8.07491 15.1882 8.32637 15.164 8.58803C14.8398 12.096 11.8421 14.7463 8.32086 14.6381C4.79957 14.5299 1.97028 11.7006 1.86208 8.1793C1.75389 4.65801 4.40413 1.66036 7.91213 1.33618C8.17379 1.312 8.42525 1.44377 8.55426 1.6727ZM6.71057 2.95845C4.58978 3.72467 3.12249 5.78538 3.19479 8.13835C3.28135 10.9554 5.54477 13.2188 8.36181 13.3054C10.7148 13.3777 12.7755 11.9104 13.5417 9.78959C11.6386 10.4786 9.44928 10.0394 7.95501 8.54515C6.46075 7.05089 6.02154 4.86154 6.71057 2.95845Z" fill="#FFFEFA"></path></svg> <span class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk lbFYLj">Dark mode</span></button></li><li class="sc-8aqj4j-3 iaowVa"><button id="theme__light" class="sc-8aqj4j-4 jmjPHc"><svg width="17" height="16" viewBox="0 0 17 16" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M7.83317 2.66667V0.666672H9.1665V2.66667H7.83317Z" fill="#FFFEFA"></path><path d="M4.36175 4.80474L2.84175 3.28474L3.78456 2.34193L5.30455 3.86193L4.36175 4.80474Z" fill="#FFFEFA"></path><path d="M14.1579 3.28474L12.6379 4.80474L11.6951 3.86194L13.2151 2.34194L14.1579 3.28474Z" fill="#FFFEFA"></path><path fill-rule="evenodd" clip-rule="evenodd" d="M4.49984 8C4.49984 5.79087 6.2907 4 8.49984 4C10.709 4 12.4998 5.79087 12.4998 8C12.4998 10.2091 10.709 12 8.49984 12C6.2907 12 4.49984 10.2091 4.49984 8ZM8.49984 5.33334C7.02708 5.33334 5.83317 6.52725 5.83317 8C5.83317 9.47276 7.02708 10.6667 8.49984 10.6667C9.9726 10.6667 11.1665 9.47276 11.1665 8C11.1665 6.52725 9.9726 5.33334 8.49984 5.33334Z" fill="#FFFEFA"></path><path d="M3.1665 8.66667H1.1665V7.33334H3.1665V8.66667Z" fill="#FFFEFA"></path><path d="M15.8332 8.66667H13.8332V7.33334H15.8332V8.66667Z" fill="#FFFEFA"></path><path d="M5.30455 12.1381L3.78456 13.6581L2.84175 12.7153L4.36175 11.1953L5.30455 12.1381Z" fill="#FFFEFA"></path><path d="M13.2151 13.6581L11.6951 12.1381L12.6379 11.1953L14.1579 12.7153L13.2151 13.6581Z" fill="#FFFEFA"></path><path d="M7.83317 15.3333V13.3333H9.1665V15.3333H7.83317Z" fill="#FFFEFA"></path></svg> <span class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk lbFYLj">Light mode</span></button></li></ul></div></div></div></nav><nav class="sc-19z8ym3-0 iyxCTh"><div class="sc-19z8ym3-1 fAWgzp"></div><div class="sc-19z8ym3-2 ePjeMY"><a href="/blog" class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 hZdkzi lbFYLj">Blog</a><ul class="sc-19z8ym3-3 jdjutH"><li class="sc-19z8ym3-4 kKvPZn"><a href="/blog/developers" class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gXwSZc lbFYLj">Developers</a></li><li class="sc-19z8ym3-4 iVeAMP"><a href="/blog/identity-and-security" class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gXwSZc lbFYLj">Identity &amp; Security</a></li><li class="sc-19z8ym3-4 fJixJm"><a href="/blog/business" class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gXwSZc lbFYLj">Business</a></li><li class="sc-19z8ym3-4 gbVuTJ"><a href="/blog/leadership" class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gXwSZc lbFYLj">Leadership</a></li><li class="sc-19z8ym3-4 cIIkJD"><a href="/blog/culture" class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gXwSZc lbFYLj">Culture</a></li><li class="sc-19z8ym3-4 hFAXQk"><a href="/blog/engineering" class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gXwSZc lbFYLj">Engineering</a></li><li class="sc-19z8ym3-4 fInsdZ"><a href="/blog/announcements" class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gXwSZc lbFYLj">Announcements</a></li></ul><div class="sc-19z8ym3-5 hkZJsJ"><div class="sc-1q6s0ef-0 iPbnr"><div class="sc-8jxe5n-0 gRIKWN"><button aria-label="Open search bar" id="open-search-mobile" class="sc-8jxe5n-3 exdfoO"><svg width="17" height="16" viewBox="0 0 17 16" fill="#FFFEFA" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M7.16634 1.33331C4.22082 1.33331 1.83301 3.72113 1.83301 6.66665C1.83301 9.61217 4.22082 12 7.16634 12C8.38796 12 9.51365 11.5893 10.4129 10.8984L14.0283 14.5138L14.9711 13.571L11.361 9.96087C12.0742 9.05392 12.4997 7.90997 12.4997 6.66665C12.4997 3.72113 10.1119 1.33331 7.16634 1.33331ZM3.16634 6.66665C3.16634 4.45751 4.9572 2.66665 7.16634 2.66665C9.37548 2.66665 11.1663 4.45751 11.1663 6.66665C11.1663 8.87579 9.37548 10.6666 7.16634 10.6666C4.9572 10.6666 3.16634 8.87579 3.16634 6.66665Z" fill="#FFFEFA"></path></svg></button><form action="/blog/search" method="get" class="sc-8jxe5n-1 bHAfBe"><div class="sc-8jxe5n-4 fcGWOt"><fieldset id="react-aria7486911275-740" class="styled__InputWrapper-sc-zjpc1c-2 lrdPx"><svg class="styled__SearchIcon-sc-zjpc1c-3 dNHNJo" width="16" height="16" fill="none" xmlns="http://www.w3.org/2000/svg"><path clip-rule="evenodd" d="M7 12A5 5 0 1 0 7 2a5 5 0 0 0 0 10Z" stroke="#8C929C" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round"></path><path d="m14 14-3.467-3.467" stroke="#8C929C" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round"></path></svg><input type="text" placeholder="Search..." aria-label="search" value="" autoComplete="off" name="query" id="react-aria7486911275-736" aria-describedby="react-aria7486911275-738 react-aria7486911275-739" class="styled__TextInput-sc-zjpc1c-1 bLVyXv"/></fieldset></div><input type="hidden" name="page" value="1"/></form></div></div><div class="sc-8aqj4j-0 gCBQiB"><button id="theme__selector" aria-label="Open theme selector" class="sc-8aqj4j-1 fjEeoE"><svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M13.3335 2H2.66683C1.93045 2 1.3335 2.59695 1.3335 3.33333V10C1.3335 10.7364 1.93045 11.3333 2.66683 11.3333H13.3335C14.0699 11.3333 14.6668 10.7364 14.6668 10V3.33333C14.6668 2.59695 14.0699 2 13.3335 2Z" stroke="#FFFEFA" stroke-width="1.33333" stroke-linecap="round" stroke-linejoin="round"></path><path d="M5.3335 14H10.6668" stroke="#FFFEFA" stroke-width="1.33333" stroke-linecap="square" stroke-linejoin="round"></path><path d="M8 11.3335V14.0002" stroke="#FFFEFA" stroke-width="1.33333" stroke-linecap="round" stroke-linejoin="round"></path></svg></button><ul class="sc-8aqj4j-2 gdIxpa"><li class="sc-8aqj4j-3 iaowVa"><button id="theme__system" selected="" class="sc-8aqj4j-4 kTELOh"><svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M13.3335 2H2.66683C1.93045 2 1.3335 2.59695 1.3335 3.33333V10C1.3335 10.7364 1.93045 11.3333 2.66683 11.3333H13.3335C14.0699 11.3333 14.6668 10.7364 14.6668 10V3.33333C14.6668 2.59695 14.0699 2 13.3335 2Z" stroke="#FFFEFA" stroke-width="1.33333" stroke-linecap="round" stroke-linejoin="round"></path><path d="M5.3335 14H10.6668" stroke="#FFFEFA" stroke-width="1.33333" stroke-linecap="square" stroke-linejoin="round"></path><path d="M8 11.3335V14.0002" stroke="#FFFEFA" stroke-width="1.33333" stroke-linecap="round" stroke-linejoin="round"></path></svg> <span class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk lbFYLj">System</span></button></li><li class="sc-8aqj4j-3 iaowVa"><button id="theme__dark" class="sc-8aqj4j-4 jmjPHc"><svg width="17" height="16" viewBox="0 0 17 16" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M8.55426 1.6727C8.68328 1.90162 8.66579 2.18497 8.50959 2.39629C7.33265 3.98854 7.49774 6.20226 8.89782 7.60234C10.2979 9.00243 12.5116 9.16751 14.1039 7.99057C14.3152 7.83438 14.5985 7.81688 14.8275 7.9459C15.0564 8.07491 15.1882 8.32637 15.164 8.58803C14.8398 12.096 11.8421 14.7463 8.32086 14.6381C4.79957 14.5299 1.97028 11.7006 1.86208 8.1793C1.75389 4.65801 4.40413 1.66036 7.91213 1.33618C8.17379 1.312 8.42525 1.44377 8.55426 1.6727ZM6.71057 2.95845C4.58978 3.72467 3.12249 5.78538 3.19479 8.13835C3.28135 10.9554 5.54477 13.2188 8.36181 13.3054C10.7148 13.3777 12.7755 11.9104 13.5417 9.78959C11.6386 10.4786 9.44928 10.0394 7.95501 8.54515C6.46075 7.05089 6.02154 4.86154 6.71057 2.95845Z" fill="#FFFEFA"></path></svg> <span class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk lbFYLj">Dark mode</span></button></li><li class="sc-8aqj4j-3 iaowVa"><button id="theme__light" class="sc-8aqj4j-4 jmjPHc"><svg width="17" height="16" viewBox="0 0 17 16" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M7.83317 2.66667V0.666672H9.1665V2.66667H7.83317Z" fill="#FFFEFA"></path><path d="M4.36175 4.80474L2.84175 3.28474L3.78456 2.34193L5.30455 3.86193L4.36175 4.80474Z" fill="#FFFEFA"></path><path d="M14.1579 3.28474L12.6379 4.80474L11.6951 3.86194L13.2151 2.34194L14.1579 3.28474Z" fill="#FFFEFA"></path><path fill-rule="evenodd" clip-rule="evenodd" d="M4.49984 8C4.49984 5.79087 6.2907 4 8.49984 4C10.709 4 12.4998 5.79087 12.4998 8C12.4998 10.2091 10.709 12 8.49984 12C6.2907 12 4.49984 10.2091 4.49984 8ZM8.49984 5.33334C7.02708 5.33334 5.83317 6.52725 5.83317 8C5.83317 9.47276 7.02708 10.6667 8.49984 10.6667C9.9726 10.6667 11.1665 9.47276 11.1665 8C11.1665 6.52725 9.9726 5.33334 8.49984 5.33334Z" fill="#FFFEFA"></path><path d="M3.1665 8.66667H1.1665V7.33334H3.1665V8.66667Z" fill="#FFFEFA"></path><path d="M15.8332 8.66667H13.8332V7.33334H15.8332V8.66667Z" fill="#FFFEFA"></path><path d="M5.30455 12.1381L3.78456 13.6581L2.84175 12.7153L4.36175 11.1953L5.30455 12.1381Z" fill="#FFFEFA"></path><path d="M13.2151 13.6581L11.6951 12.1381L12.6379 11.1953L14.1579 12.7153L13.2151 13.6581Z" fill="#FFFEFA"></path><path d="M7.83317 15.3333V13.3333H9.1665V15.3333H7.83317Z" fill="#FFFEFA"></path></svg> <span class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk lbFYLj">Light mode</span></button></li></ul></div></div></div></nav><div><section class="sc-1mzlt0h-0 fdjAfx"><div class="sc-1mzlt0h-2 UWhwk"><div class="styled__Wrapper-sc-1xhxac-0 fZVgTb"><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt hdAWxm">Featured Posts</p><div class="styled__SliderWrapper-sc-1xhxac-6 cBtybf"><div class="styled__Container-sc-1xhxac-1 lnnhCi"><div class="sc-1mzlt0h-4 bQsbkQ"><a href="/blog/auth-for-genai/" class="sc-1akycv5-2 blREA-d"><div class="sc-1akycv5-0 gFmoyl"><figure class="sc-1akycv5-1 kPXeZb"></figure></div><div class="sc-1akycv5-4 faaFJY"><div class="sc-1akycv5-3 kKvwZS"><span class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bQXgzY">announcements</span><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jPTHXi gbKHFx">Jan 08, 2025 • 4 min read</p></div><h3 class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 eoMTCq glCwmv">Auth0 Announces Auth for GenAI</h3><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 gHcESW lbFYLj">Shiven Ramji</p><div class="sc-1akycv5-5 fRqgPG"><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#auth</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#genai</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#ai</p></button></div></div></a></div><div class="sc-1mzlt0h-4 bQsbkQ"><a href="/blog/new-auth0-extension-for-netlify-available-now/" class="sc-1akycv5-2 blREA-d"><div class="sc-1akycv5-0 gFmoyl"><figure class="sc-1akycv5-1 kICDyS"></figure></div><div class="sc-1akycv5-4 faaFJY"><div class="sc-1akycv5-3 kKvwZS"><span class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bQXgzY">announcements</span><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jPTHXi gbKHFx">Mar 11, 2025 • 2 min read</p></div><h3 class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 eoMTCq glCwmv">New Auth0 Extension for Netlify: Available Now</h3><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 gHcESW lbFYLj">Calah Vargas</p><div class="sc-1akycv5-5 fRqgPG"><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#netlify</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#auth0</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#iam</p></button></div></div></a></div><div class="sc-1mzlt0h-4 bQsbkQ"><a href="/blog/auth0-plans-got-an-upgrade/" class="sc-1akycv5-2 blREA-d"><div class="sc-1akycv5-0 gFmoyl"><figure class="sc-1akycv5-1 lcDbSj"></figure></div><div class="sc-1akycv5-4 faaFJY"><div class="sc-1akycv5-3 kKvwZS"><span class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bQXgzY">announcements</span><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jPTHXi gbKHFx">Sep 24, 2024 • 5 min read</p></div><h3 class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 eoMTCq glCwmv">Level Up: Auth0 Plans Just Got an Upgrade</h3><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 gHcESW lbFYLj">Shiven Ramji</p><div class="sc-1akycv5-5 fRqgPG"><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#auth0</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#plans</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#free</p></button></div></div></a></div></div></div></div></div><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 ccREFo kDCTrn">Featured Posts</p><div class="sc-1mzlt0h-3 eAVDDk"><a href="/blog/auth-for-genai/" class="sc-1akycv5-2 blREA-d"><div class="sc-1akycv5-0 fQEmrF"><figure class="sc-1akycv5-1 kPXeZb"></figure></div><div class="sc-1akycv5-4 eNGAfo"><div class="sc-1akycv5-3 kKvwZS"><span class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bQXgzY">announcements</span><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 iELGSp gbKHFx">Jan 08, 2025 • 4 min read</p></div><h3 class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 eYhEQZ cvntAt">Auth0 Announces Auth for GenAI</h3><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 gHcESW lbFYLj">Shiven Ramji</p><div class="sc-1akycv5-5 fRqgPG"><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#auth</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#genai</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#ai</p></button></div></div></a><div class="sc-1mzlt0h-1 cFXDBO"><a href="new-auth0-extension-for-netlify-available-now" class="sc-3ihoar-0 fKMCDe"><div class="sc-3ihoar-3 ereVRY"><div class="sc-3ihoar-1 iKpHSC"><span class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bQXgzY">announcements</span><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 calwMa gbKHFx">Mar 11, 2025 • 2 min read</p></div><h2 class="styled__Heading-sc-165cfko-2 utils-sc-11hlfw-0 jfpVpU lbFYLj">New Auth0 Extension for Netlify: Available Now</h2><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 calwMa lbFYLj">Calah Vargas</p><div class="sc-3ihoar-2 eqIdOp"><button class="sc-1xszjru-0 fVlGm"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#netlify</p></button><button class="sc-1xszjru-0 fVlGm"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#auth0</p></button><button class="sc-1xszjru-0 fVlGm"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#iam</p></button></div></div><div class="sc-3ihoar-4 bGboTj"><img src="https://images.ctfassets.net/23aumh6u8s0i/1mUMR0A8KINhJK2yxzPTMI/efff7a59b80db46882bc1d9649bc7851/Co-Branded_Template_-_Image___Gradient_melon_-_600x456.png" alt=""/></div></a><a href="auth0-plans-got-an-upgrade" class="sc-3ihoar-0 fKMCDe"><div class="sc-3ihoar-3 ereVRY"><div class="sc-3ihoar-1 iKpHSC"><span class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bQXgzY">announcements</span><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 calwMa gbKHFx">Sep 24, 2024 • 5 min read</p></div><h2 class="styled__Heading-sc-165cfko-2 utils-sc-11hlfw-0 jfpVpU lbFYLj">Level Up: Auth0 Plans Just Got an Upgrade</h2><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 calwMa lbFYLj">Shiven Ramji</p><div class="sc-3ihoar-2 eqIdOp"><button class="sc-1xszjru-0 fVlGm"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#auth0</p></button><button class="sc-1xszjru-0 fVlGm"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#plans</p></button><button class="sc-1xszjru-0 fVlGm"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#free</p></button><button class="sc-1xszjru-0 fVlGm"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#enterprise</p></button></div></div><div class="sc-3ihoar-4 bGboTj"><img src="https://images.ctfassets.net/23aumh6u8s0i/6fjXeiKm0cnBhKSstu382A/6e93da722d4f0bca241ff54b6f3f93bb/auth0-hero-announcement.jpg" alt=""/></div></a></div></div></section><div class="sc-17bje54-0 biHUoU"><aside class="sc-1xe0dlm-0 dVXDVJ"><div class="wiotl7-0 egvjS"><div class="dh4ait-0 ePAqkg"><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 bvimfW keBOjr">Tags</p></div><div class="wiotl7-1 keAMQj"><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#auth0</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#dashboard</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#docs</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#japan</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#organization</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#openfga</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#fga</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#ai</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#security</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#product</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#netlify</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#iam</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#rag</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#langchain</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#langgraph</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#user-experience</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#authorization</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#ciba</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#agent</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#identity</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#aaa</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#authentication</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#okta</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#learning</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#developer experience</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#idaas</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#aws</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#api</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#agents</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#organizations</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#dotnet</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#blazor</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#b2b</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#saas</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#auth0-organizations</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#multitenancy</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#tool-calling</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#token-exchange</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#ai-agents</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#ciam</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#innovation</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#Identity</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#solutions</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#hri</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#llamaindex</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#logout</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#ruby</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#rails</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#decoupled-authentication</p></button><button class="sc-1xszjru-0 dDTyLk"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 gWBdwk bBeyP">#rebac</p></button></div><button class="wiotl7-3 gpkRVN"><span>View more</span> <span>(<!-- -->1257<!-- -->)</span><svg width="17" height="17" viewBox="0 0 17 17" fill="none" xmlns="http://www.w3.org/2000/svg" class="wiotl7-2 jbIORl"><g id="icon"><path id="icon_2" d="M8.25005 9.87099L4.38812 6.00906L3.44531 6.95187L7.77865 11.2852C7.90367 11.4102 8.07324 11.4805 8.25005 11.4805C8.42686 11.4805 8.59643 11.4102 8.72145 11.2852L13.0548 6.95187L12.112 6.00906L8.25005 9.87099Z" fill="#99A7F1"></path></g></svg></button></div></aside><div class="sc-17bje54-1 bVbzdS"><section class="sc-1rc3wko-0 kfYqEB"><div class="sc-1rc3wko-1 fYNeXn"><div class="dh4ait-0 ePAqkg"><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 bvimfW keBOjr">Latest posts (<!-- -->10<!-- --> of <!-- -->1803<!-- --> results)</p></div><div class="sc-1rc3wko-3 enauqK"><button id="filter__tags" class="sc-1rc3wko-4 hibgHG"><svg xmlns="http://www.w3.org/2000/svg" width="16" height="17" viewBox="0 0 16 17" fill="none"><path d="M0.66626 3.25423H15.3329V1.9209H0.66626V3.25423Z" fill="#E5E5E5"></path><path d="M2.66626 7.25423H13.3329V5.9209H2.66626V7.25423Z" fill="#E5E5E5"></path><path d="M11.3329 11.2542H4.66626V9.9209H11.3329V11.2542Z" fill="#E5E5E5"></path><path d="M6.66626 15.2542H9.33293V13.9209H6.66626V15.2542Z" fill="#E5E5E5"></path></svg><span>Filter</span></button></div><label class="sc-8t61xl-0 guGDRs"><input type="checkbox" aria-hidden="true" class="sc-8t61xl-1 huAclX"/><button id="grid__view" selected="" class="sc-8t61xl-2 loMVLS"><svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M4.66667 3.33333C4.66667 4.06971 4.06971 4.66667 3.33333 4.66667C2.59695 4.66667 2 4.06971 2 3.33333C2 2.59695 2.59695 2 3.33333 2C4.06971 2 4.66667 2.59695 4.66667 3.33333Z" fill="#FFFEFA"></path><path d="M4.66667 8C4.66667 8.73638 4.06971 9.33333 3.33333 9.33333C2.59695 9.33333 2 8.73638 2 8C2 7.26362 2.59695 6.66667 3.33333 6.66667C4.06971 6.66667 4.66667 7.26362 4.66667 8Z" fill="#FFFEFA"></path><path d="M3.33333 14C4.06971 14 4.66667 13.403 4.66667 12.6667C4.66667 11.9303 4.06971 11.3333 3.33333 11.3333C2.59695 11.3333 2 11.9303 2 12.6667C2 13.403 2.59695 14 3.33333 14Z" fill="#FFFEFA"></path><path d="M9.33333 3.33333C9.33333 4.06971 8.73638 4.66667 8 4.66667C7.26362 4.66667 6.66667 4.06971 6.66667 3.33333C6.66667 2.59695 7.26362 2 8 2C8.73638 2 9.33333 2.59695 9.33333 3.33333Z" fill="#FFFEFA"></path><path d="M8 9.33333C8.73638 9.33333 9.33333 8.73638 9.33333 8C9.33333 7.26362 8.73638 6.66667 8 6.66667C7.26362 6.66667 6.66667 7.26362 6.66667 8C6.66667 8.73638 7.26362 9.33333 8 9.33333Z" fill="#FFFEFA"></path><path d="M9.33333 12.6667C9.33333 13.403 8.73638 14 8 14C7.26362 14 6.66667 13.403 6.66667 12.6667C6.66667 11.9303 7.26362 11.3333 8 11.3333C8.73638 11.3333 9.33333 11.9303 9.33333 12.6667Z" fill="#FFFEFA"></path><path d="M12.6667 4.66667C13.403 4.66667 14 4.06971 14 3.33333C14 2.59695 13.403 2 12.6667 2C11.9303 2 11.3333 2.59695 11.3333 3.33333C11.3333 4.06971 11.9303 4.66667 12.6667 4.66667Z" fill="#FFFEFA"></path><path d="M14 8C14 8.73638 13.403 9.33333 12.6667 9.33333C11.9303 9.33333 11.3333 8.73638 11.3333 8C11.3333 7.26362 11.9303 6.66667 12.6667 6.66667C13.403 6.66667 14 7.26362 14 8Z" fill="#FFFEFA"></path><path d="M12.6667 14C13.403 14 14 13.403 14 12.6667C14 11.9303 13.403 11.3333 12.6667 11.3333C11.9303 11.3333 11.3333 11.9303 11.3333 12.6667C11.3333 13.403 11.9303 14 12.6667 14Z" fill="#FFFEFA"></path></svg></button><button id="list__view" class="sc-8t61xl-2 bWbXhw"><svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M3.33335 4.00001C3.33335 4.73638 2.7364 5.33334 2.00002 5.33334C1.26364 5.33334 0.666687 4.73638 0.666687 4.00001C0.666687 3.26363 1.26364 2.66667 2.00002 2.66667C2.7364 2.66667 3.33335 3.26363 3.33335 4.00001Z" fill="#FFFEFA"></path><path d="M2.00002 9.33334C2.7364 9.33334 3.33335 8.73638 3.33335 8C3.33335 7.26363 2.7364 6.66667 2.00002 6.66667C1.26364 6.66667 0.666687 7.26363 0.666687 8C0.666687 8.73638 1.26364 9.33334 2.00002 9.33334Z" fill="#FFFEFA"></path><path d="M2.00002 13.3333C2.7364 13.3333 3.33335 12.7364 3.33335 12C3.33335 11.2636 2.7364 10.6667 2.00002 10.6667C1.26364 10.6667 0.666687 11.2636 0.666687 12C0.666687 12.7364 1.26364 13.3333 2.00002 13.3333Z" fill="#FFFEFA"></path><path d="M5.33335 8.66667H15.3334V7.33334H5.33335V8.66667Z" fill="#FFFEFA"></path><path d="M15.3334 4.66667H5.33335V3.33334H15.3334V4.66667Z" fill="#FFFEFA"></path><path d="M5.33335 12.6667H15.3334V11.3333H5.33335V12.6667Z" fill="#FFFEFA"></path></svg></button></label></div><div class="sc-1rc3wko-2 jsCONy"></div></section><section id="linkViewMore" class="sc-88q8hx-0 hhWMTM"><a class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 dpsQkm gINUVb">Load more<svg width="16" height="17" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M8 10.312L4.138 6.45l-.943.943 4.334 4.334a.667.667 0 00.942 0l4.334-4.334-.943-.943L8 10.312z" fill="#B6CAFF"></path></svg></a></section></div></div><aside class="sc-17bje54-2 figwfx"><div class="sc-17bje54-3 jLSKET"></div><section class="fj6wb5-0 kjBEnM"><div class="styled__CardContainer-sc-fnzurd-0 kBmzHj"><h1 class="styled__Heading-sc-165cfko-2 utils-sc-11hlfw-0 Mbfvv cvLfHs">Resources</h1><div class="styled__CardWrapper-sc-fnzurd-1 jgYXEj"><a href="https://auth0.com/docs" class="styled__CardWrapper-sc-1f3qc75-0 hTMLxH"><div class="styled__CardImage-sc-1f3qc75-1 bnYGHo"></div><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt iJffKk"></p><h2 class="styled__Heading-sc-165cfko-2 utils-sc-11hlfw-0 FygDm bCeHxC">Docs</h2><svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" fill="none" class="styled__ArrowSvg-sc-1f3qc75-2 lnIRjC"><path fill="#FFFEFA" d="m17.568 8.832-8.864 8.832L7.04 16l5.984-5.984H0V7.648h13.024L7.04 1.664 8.704 0l8.864 8.832Z"></path></svg></a><a href="https://developer.auth0.com" class="styled__CardWrapper-sc-1f3qc75-0 hTMLxH"><div class="styled__CardImage-sc-1f3qc75-1 bnYGHo"></div><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt iJffKk"></p><h2 class="styled__Heading-sc-165cfko-2 utils-sc-11hlfw-0 FygDm bCeHxC">Developer Center</h2><svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" fill="none" class="styled__ArrowSvg-sc-1f3qc75-2 lnIRjC"><path fill="#FFFEFA" d="m17.568 8.832-8.864 8.832L7.04 16l5.984-5.984H0V7.648h13.024L7.04 1.664 8.704 0l8.864 8.832Z"></path></svg></a><a href="https://community.auth0.com" class="styled__CardWrapper-sc-1f3qc75-0 hTMLxH"><div class="styled__CardImage-sc-1f3qc75-1 bnYGHo"></div><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 jOKDAt iJffKk"></p><h2 class="styled__Heading-sc-165cfko-2 utils-sc-11hlfw-0 FygDm bCeHxC">Auth0 Community</h2><svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" fill="none" class="styled__ArrowSvg-sc-1f3qc75-2 lnIRjC"><path fill="#FFFEFA" d="m17.568 8.832-8.864 8.832L7.04 16l5.984-5.984H0V7.648h13.024L7.04 1.664 8.704 0l8.864 8.832Z"></path></svg></a></div></div></section><div color="#fffefa" class="styled__Grid-sc-vosx1t-0 utils-sc-11hlfw-0 gfVdta fMkBdy"><div class="styled__Content-sc-vosx1t-1 cvYPGz"><div span="7" class="styled__GridItem-sc-vosx1t-2 utils-sc-11hlfw-0 hmZChk jbTxDN"><h3 class="styled__Heading-sc-165cfko-2 utils-sc-11hlfw-0 OWQrv lbFYLj">Try for free today</h3><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 jXSJzE lbFYLj">Stop reading and start building.</p><div class="styled__ButtonWrapper-sc-2ky66j-2 iWCUjn"><a href="https://auth0.com/signup?place=blog-bottom-banner&amp;type=button&amp;text=try%20for%20free" role="button" tabindex="0" class="styled__Button-sc-1hwml9q-0 utils-sc-11hlfw-0 etdOck lbFYLj"><span>Try for free →</span></a><a href="https://auth0.com/contact-us?place=blog-bottom-banner&amp;type=button&amp;text=contact%20sales" role="button" tabindex="0" class="styled__Button-sc-1hwml9q-0 utils-sc-11hlfw-0 cmgpvv lbFYLj"><span>Contact sales</span></a></div></div></div></div></aside></div><div class="styled__Wrapper-sc-1gk46x3-0 joqbUW"><footer class="styled__Content-sc-1gk46x3-1 gDWHCk"><nav class="styled__Nav-sc-1gk46x3-2 fvSMPF"><section><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 VzOyt hlbQwp">Developers</p><ul class="styled__LinksList-sc-1gk46x3-3 fLDEkJ"><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://developer.auth0.com/resources" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Developer Hub<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://developer.auth0.com/resources/code-samples" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Code Samples and Guides<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/blog/developers/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Blog posts<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://identityunlocked.auth0.com/public/49/Identity,-Unlocked.--bed7fada" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Identity Unlocked - Podcasts<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://developer.auth0.com/newsletter" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Zero Index Newsletter<!-- --> </a></li></ul></section><section><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 VzOyt hlbQwp">Documentation</p><ul class="styled__LinksList-sc-1gk46x3-3 fLDEkJ"><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/docs/articles" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Articles<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/docs/quickstarts" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Quickstarts<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/docs/api" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">APIs<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/docs/libraries" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">SDK Libraries<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://auth0.com/blog/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Blog<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://auth0.com/resources/ebooks" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Reports<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://auth0.com/resources/webinars" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Webinars<!-- --> </a></li></ul></section><section><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 VzOyt hlbQwp">Support Center</p><ul class="styled__LinksList-sc-1gk46x3-3 fLDEkJ"><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://community.auth0.com/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Community<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://support.auth0.com/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Support<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://community.auth0.com/c/help/6" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Help<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://community.auth0.com/c/faq/42" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">FAQs<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://marketplace.auth0.com" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Auth0 Marketplace<!-- --> </a></li></ul></section><section><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 VzOyt hlbQwp">Company</p><ul class="styled__LinksList-sc-1gk46x3-3 fLDEkJ"><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/customers" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Our Customers<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/security" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Compliance - Ensuring privacy and security<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/partners" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Partners<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://www.okta.com/company/careers/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Careers<!-- --> <span class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 hYaXSW lbFYLj">We&#x27;re hiring!</span></a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://www.okta.com/company/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">About us<!-- --> </a></li></ul></section><section><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 VzOyt hlbQwp">Get Involved</p><ul class="styled__LinksList-sc-1gk46x3-3 fLDEkJ"><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://developer.auth0.com/events" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Events<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/research-program" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Auth0 Research Program<!-- --> </a></li></ul></section><section><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 VzOyt hlbQwp">Learning</p><ul class="styled__LinksList-sc-1gk46x3-3 fLDEkJ"><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/learn" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Learn<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/intro-to-iam" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Intro to IAM (CIAM)<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="https://auth0.com/blog/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Blog<!-- --> </a></li></ul></section><section><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 VzOyt hlbQwp">Platform</p><ul class="styled__LinksList-sc-1gk46x3-3 fLDEkJ"><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/platform/access-management" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Access Management<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/platform/extensibility" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Extensibility<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/platform/login-security" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Security<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/platform/user-management" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">User Management<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/platform/authentication" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Authentication<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/platform/cloud-deployment" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Cloud deployments<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/fine-grained-authorization" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Fine Grained Authorization<!-- --> </a></li></ul></section><section><p class="styled__Overline-sc-165cfko-0 utils-sc-11hlfw-0 VzOyt hlbQwp">Features</p><ul class="styled__LinksList-sc-1gk46x3-3 fLDEkJ"><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/features/universal-login" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Universal Login<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/features/single-sign-on" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Single Sign On<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/features/multifactor-authentication" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Multifactor Authentication<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/features/actions" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Actions<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/features/machine-to-machine" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Machine to Machine<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/features/passwordless" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Passwordless<!-- --> </a></li><li class="styled__LinksListItem-sc-1gk46x3-5 mYoth"><a href="/features/breached-passwords" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq dViOmG">Breached Passwords<!-- --> </a></li></ul></section><section class="styled__LastSection-sc-1gk46x3-6 bIoZHy"><div class="styled__Icons-sc-1gk46x3-7 ePaSVl"><a href="https://twitter.com/auth0" target="_blank" rel="noopener noreferrer" aria-label="Twitter link" class="styled__IconsLink-sc-1gk46x3-8 bqgUVT"><svg viewBox="0 0 24 24" aria-hidden="true" width="24" height="24" fill="none"><g><path fill="#fff" d="M18.244 2.25h3.308l-7.227 8.26 8.502 11.24H16.17l-5.214-6.817L4.99 21.75H1.68l7.73-8.835L1.254 2.25H8.08l4.713 6.231zm-1.161 17.52h1.833L7.084 4.126H5.117z"></path></g></svg></a><a href="https://linkedin.com/company/auth0" target="_blank" rel="noopener noreferrer" aria-label="Linkedin link" class="styled__IconsLink-sc-1gk46x3-8 bqgUVT"><svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M19.5561 3H4.53738C3.71707 3 2.99988 3.59063 2.99988 4.40156V19.4531C2.99988 20.2687 3.71707 20.9953 4.53738 20.9953H19.5514C20.3764 20.9953 20.9952 20.2641 20.9952 19.4531V4.40156C20.9999 3.59063 20.3764 3 19.5561 3ZM8.578 18H5.99988V9.98438H8.578V18ZM7.378 8.76562H7.35925C6.53425 8.76562 5.99988 8.15156 5.99988 7.38281C5.99988 6.6 6.54831 6 7.39206 6C8.23581 6 8.75144 6.59531 8.77019 7.38281C8.77019 8.15156 8.23581 8.76562 7.378 8.76562ZM17.9999 18H15.4218V13.6172C15.4218 12.5672 15.0468 11.85 14.1139 11.85C13.4014 11.85 12.9796 12.3328 12.7921 12.8016C12.7218 12.9703 12.703 13.2 12.703 13.4344V18H10.1249V9.98438H12.703V11.1C13.078 10.5656 13.6639 9.79688 15.028 9.79688C16.7202 9.79688 17.9999 10.9125 17.9999 13.3172V18Z" fill="#fff"></path></svg></a><a href="https://github.com/auth0" target="_blank" rel="noopener noreferrer" aria-label="Github link" class="styled__IconsLink-sc-1gk46x3-8 bqgUVT"><svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M12 1.5C6.20156 1.5 1.5 6.32344 1.5 12.2672C1.5 17.025 4.50937 21.0562 8.68125 22.4813C8.74687 22.4953 8.80312 22.5 8.85938 22.5C9.24844 22.5 9.39844 22.2141 9.39844 21.9656C9.39844 21.7078 9.38906 21.0328 9.38437 20.1328C8.99062 20.2219 8.63906 20.2594 8.325 20.2594C6.30469 20.2594 5.84531 18.6891 5.84531 18.6891C5.36719 17.4469 4.67813 17.1141 4.67813 17.1141C3.76406 16.4719 4.67344 16.4531 4.74375 16.4531H4.74844C5.80313 16.5469 6.35625 17.5687 6.35625 17.5687C6.88125 18.4875 7.58437 18.7453 8.2125 18.7453C8.70469 18.7453 9.15 18.5859 9.4125 18.4641C9.50625 17.7703 9.77812 17.2969 10.0781 17.025C7.74844 16.7531 5.29688 15.8297 5.29688 11.7047C5.29688 10.5281 5.70469 9.56719 6.375 8.81719C6.26719 8.54531 5.90625 7.44844 6.47812 5.96719C6.47812 5.96719 6.55312 5.94375 6.7125 5.94375C7.09219 5.94375 7.95 6.08906 9.36563 7.07344C10.2047 6.83437 11.1 6.71719 11.9953 6.7125C12.8859 6.71719 13.7859 6.83437 14.625 7.07344C16.0406 6.08906 16.8984 5.94375 17.2781 5.94375C17.4375 5.94375 17.5125 5.96719 17.5125 5.96719C18.0844 7.44844 17.7234 8.54531 17.6156 8.81719C18.2859 9.57188 18.6937 10.5328 18.6937 11.7047C18.6937 15.8391 16.2375 16.7484 13.8984 17.0156C14.2734 17.3484 14.6109 18.0047 14.6109 19.0078C14.6109 20.4469 14.5969 21.6094 14.5969 21.9609C14.5969 22.2141 14.7422 22.5 15.1312 22.5C15.1875 22.5 15.2531 22.4953 15.3187 22.4813C19.4953 21.0562 22.5 17.0203 22.5 12.2672C22.5 6.32344 17.7984 1.5 12 1.5Z" fill="#fff"></path></svg></a></div></section></nav><section class="styled__FooterBottom-sc-1gk46x3-10 iyAPaK"><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 kgFLyt dVQvBz">© <!-- -->2025<!-- --> Okta, Inc. All Rights Reserved.</p><div class="styled__Legal-sc-1gk46x3-12 blPSfp"><a href="https://status.auth0.com" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq lbFYLj">Status</a> <!-- -->•<!-- --> <a href="https://www.okta.com/agreements/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq lbFYLj">Legal</a> <!-- -->•<!-- --> <a href="/privacy" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq lbFYLj">Privacy</a> <!-- -->•<!-- --> <a href="https://www.okta.com/terms-of-service" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq lbFYLj">Terms</a> <!-- -->•<!-- --> <a href="/your-privacy-choices" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq lbFYLj">Your Privacy Choices</a><img alt="" src="https://cdn.auth0.com/website/footer/ccpa.svg"/></div></section><section class="styled__FooterBottomMobile-sc-1gk46x3-9 gobPqK"><div class="styled__Icons-sc-1gk46x3-7 bqmjrK"><a href="https://twitter.com/auth0" target="_blank" rel="noopener noreferrer" aria-label="Twitter link" class="styled__IconsLink-sc-1gk46x3-8 bqgUVT"><svg viewBox="0 0 24 24" aria-hidden="true" width="24" height="24" fill="none"><g><path fill="#fff" d="M18.244 2.25h3.308l-7.227 8.26 8.502 11.24H16.17l-5.214-6.817L4.99 21.75H1.68l7.73-8.835L1.254 2.25H8.08l4.713 6.231zm-1.161 17.52h1.833L7.084 4.126H5.117z"></path></g></svg></a><a href="https://linkedin.com/company/auth0" target="_blank" rel="noopener noreferrer" aria-label="Linkedin link" class="styled__IconsLink-sc-1gk46x3-8 bqgUVT"><svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M19.5561 3H4.53738C3.71707 3 2.99988 3.59063 2.99988 4.40156V19.4531C2.99988 20.2687 3.71707 20.9953 4.53738 20.9953H19.5514C20.3764 20.9953 20.9952 20.2641 20.9952 19.4531V4.40156C20.9999 3.59063 20.3764 3 19.5561 3ZM8.578 18H5.99988V9.98438H8.578V18ZM7.378 8.76562H7.35925C6.53425 8.76562 5.99988 8.15156 5.99988 7.38281C5.99988 6.6 6.54831 6 7.39206 6C8.23581 6 8.75144 6.59531 8.77019 7.38281C8.77019 8.15156 8.23581 8.76562 7.378 8.76562ZM17.9999 18H15.4218V13.6172C15.4218 12.5672 15.0468 11.85 14.1139 11.85C13.4014 11.85 12.9796 12.3328 12.7921 12.8016C12.7218 12.9703 12.703 13.2 12.703 13.4344V18H10.1249V9.98438H12.703V11.1C13.078 10.5656 13.6639 9.79688 15.028 9.79688C16.7202 9.79688 17.9999 10.9125 17.9999 13.3172V18Z" fill="#fff"></path></svg></a><a href="https://github.com/auth0" target="_blank" rel="noopener noreferrer" aria-label="Github link" class="styled__IconsLink-sc-1gk46x3-8 bqgUVT"><svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M12 1.5C6.20156 1.5 1.5 6.32344 1.5 12.2672C1.5 17.025 4.50937 21.0562 8.68125 22.4813C8.74687 22.4953 8.80312 22.5 8.85938 22.5C9.24844 22.5 9.39844 22.2141 9.39844 21.9656C9.39844 21.7078 9.38906 21.0328 9.38437 20.1328C8.99062 20.2219 8.63906 20.2594 8.325 20.2594C6.30469 20.2594 5.84531 18.6891 5.84531 18.6891C5.36719 17.4469 4.67813 17.1141 4.67813 17.1141C3.76406 16.4719 4.67344 16.4531 4.74375 16.4531H4.74844C5.80313 16.5469 6.35625 17.5687 6.35625 17.5687C6.88125 18.4875 7.58437 18.7453 8.2125 18.7453C8.70469 18.7453 9.15 18.5859 9.4125 18.4641C9.50625 17.7703 9.77812 17.2969 10.0781 17.025C7.74844 16.7531 5.29688 15.8297 5.29688 11.7047C5.29688 10.5281 5.70469 9.56719 6.375 8.81719C6.26719 8.54531 5.90625 7.44844 6.47812 5.96719C6.47812 5.96719 6.55312 5.94375 6.7125 5.94375C7.09219 5.94375 7.95 6.08906 9.36563 7.07344C10.2047 6.83437 11.1 6.71719 11.9953 6.7125C12.8859 6.71719 13.7859 6.83437 14.625 7.07344C16.0406 6.08906 16.8984 5.94375 17.2781 5.94375C17.4375 5.94375 17.5125 5.96719 17.5125 5.96719C18.0844 7.44844 17.7234 8.54531 17.6156 8.81719C18.2859 9.57188 18.6937 10.5328 18.6937 11.7047C18.6937 15.8391 16.2375 16.7484 13.8984 17.0156C14.2734 17.3484 14.6109 18.0047 14.6109 19.0078C14.6109 20.4469 14.5969 21.6094 14.5969 21.9609C14.5969 22.2141 14.7422 22.5 15.1312 22.5C15.1875 22.5 15.2531 22.4953 15.3187 22.4813C19.4953 21.0562 22.5 17.0203 22.5 12.2672C22.5 6.32344 17.7984 1.5 12 1.5Z" fill="#fff"></path></svg></a></div><div class="styled__LegalAndLangMobile-sc-1gk46x3-11 hyLWBj"><div class="styled__Legal-sc-1gk46x3-12 blPSfp"><a href="https://status.auth0.com" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq lbFYLj">Status</a> <!-- -->•<!-- --> <a href="https://www.okta.com/agreements/" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq lbFYLj">Legal</a> <!-- -->•<!-- --> <a href="/privacy" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq lbFYLj">Privacy</a> <!-- -->•<!-- --> <a href="https://www.okta.com/terms-of-service" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq lbFYLj">Terms</a> <!-- -->•<!-- --> <a href="/your-privacy-choices" class="styled__Link-sc-bubr9x-0 utils-sc-11hlfw-0 hwiOrq lbFYLj">Your Privacy Choices</a><img alt="" src="https://cdn.auth0.com/website/footer/ccpa.svg"/></div></div><p class="styled__Paragraph-sc-165cfko-1 utils-sc-11hlfw-0 kgFLyt bqMfzV">© <!-- -->2025<!-- --> Okta, Inc. All Rights Reserved.</p></section></footer></div><div id="asset-library-root"></div><div id="modal-root"></div><div id="alert-root"></div></div><script id="__NEXT_DATA__" type="application/json">{"props":{"pageProps":{"data":[{"title":"Japanese Now Available on the Auth0 Dashboard and Docs","path":"japanese-now-available-on-the-auth0-dashboard-and-docs","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/1Px9d9IlQhYZ4IFelDEPdN/bb60b98f2de0e33bd9e04b53acd151fd/hello-japan.jpg","size":{"width":1176,"height":1056}},"description":"Auth0 Dashboard and Docs are now available in Japanese - enjoy a localized experience for secure identity solutions.","category":["Announcements","Features","Japanese"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"4o4vu7R2x2fWnw00DRaTk9","type":"Entry","createdAt":"2025-03-19T14:08:34.872Z","updatedAt":"2025-03-19T14:08:34.872Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":6,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"nikhil-shrivastava","name":"Nikhil Shrivastava","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"WLfjU4V6tvuGBMDO1T7Ax","type":"Asset","createdAt":"2025-03-19T14:08:22.997Z","updatedAt":"2025-03-19T14:08:22.997Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"Nikhil Shrivastava","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/WLfjU4V6tvuGBMDO1T7Ax/5337f57a1d8aa91fed9e39741a7b8710/Nikhil_Shrivastava.jpeg","details":{"size":54920,"image":{"width":512,"height":512}},"fileName":"Nikhil Shrivastava.jpeg","contentType":"image/jpeg"}}},"lastUpdatedBy":"Robertino Calcaterra","email":"nikhil.shrivastava@okta.com","twitter":null,"github":null,"linkedin":null,"isPopular":false,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Senior Product Manager","description":null}}],"tags":["auth0","dashboard","docs","japan"],"postContent":"We’re excited to announce that Japanese has been added as a new language option to the Auth0 Dashboard and Documentation! This enhancement makes building secure and frictionless identity solutions in Japanese easier than ever before.\n\n## What’s New?\n\n* **Dashboard in Japanese**: Configure your applications and manage authentication flows directly in the Auth0 Dashboard with full Japanese support.\n* **Localized Documentation**: Whether you’re setting up Single Sign-On (SSO), implementing MFA, or exploring our SDKs, you can now access it all in Japanese.\n* **Consistent Experience**: Enjoy a seamless and coherent user experience across the platform, thanks to carefully localized interfaces and content.\n\n## How to Consume Content in Japanese\n\nBy default, if your language preference is set to Japanese in your browser settings, Auth0 will detect this and automatically serve the Dashboard and Documentation in Japanese. If you’d like to switch to another language—or if you want to manually override the default setting—here are the steps to do so:\n\n1. **On the Auth0 Dashboard**:\n\n* Log into the Auth0 Dashboard.\n* Look for the language switcher in the top-right corner.\n* Alternatively, click your account icon and navigate to **Your Profile**.\n* Select **Japanese** under the language options.\n\n\n\n\n\n2. **In the Auth0 Docs**:\n\n* Visit the Auth0 Docs.\n* Look for the language switcher in the top-right corner.\n* Choose **Japanese** to browse articles, tutorials, and guides in that language.\n\n\n\n## What’s Next\n\nIf you spot any issues with the translation - please share your feedback with us or contact our support team.\n\n**On the Dashboard**: Use the **Give Feedback** button in the bottom left corner to let us know how we’re doing.\n\n**In the Docs**: Look for the page-specific feedback form on each documentation page to share your thoughts.\n\nThank you and **ありがとうございます (arigatō gozaimasu)!** We’re looking forward to seeing how this update empowers developers and businesses in Japan and around the globe to build secure, scalable solutions with Auth0.","dateCreated":"2025-03-19T16:09","dateLastUpdated":null,"readTime":2,"formattedDate":"Mar 19, 2025"},{"title":"Enrich Auth0 Access Tokens with Auth0 FGA Data","path":"enrich-auth0-access-tokens-with-auth0-fga-data","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/6zbsbi997n49Aod4Q6aHW8/ef0e630ca01255470dbee2ebdc5b41c1/FGA_V01_X4.jpg","size":{"width":1176,"height":1056}},"description":"Supercharge your Auth0-issued access tokens with information, like organizations a user belongs to, from your Auth0 FGA decision engine.","category":["Developers","Deep Dive","FGA"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"5fTOMfW0VYZtFPDEs0Nbiy","type":"Entry","createdAt":"2021-03-22T08:21:15.685Z","updatedAt":"2025-03-18T14:20:37.385Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":23,"revision":6,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"sam-bellen","name":"Sam Bellen","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"6JDCSdc6YFkAE5g06YksRj","type":"Asset","createdAt":"2025-03-18T14:20:24.688Z","updatedAt":"2025-03-18T14:20:24.688Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"Sam4-square","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/6JDCSdc6YFkAE5g06YksRj/f41b687d8db8c9c3cc8d0dd19235c2a2/Sam4-square.jpeg","details":{"size":128146,"image":{"width":854,"height":853}},"fileName":"Sam4-square.jpeg","contentType":"image/jpeg"}}},"lastUpdatedBy":"Sam Bellen","email":null,"twitter":"https://twitter.com/sambego","github":"https://github.com/sambego","linkedin":"https://www.linkedin.com/in/sambellen/","isPopular":true,"personalWebsite":"https://sambego.tech/","type":"Auth0 Employee","jobTitle":"Principal Developer Advocate","description":"I'm an Identity nerd with many years of experience as a developer and advocate. I love explaining complex topics clearly and understandably. You can find me on stage at developer events worldwide or simply having great conversations in the hallway. Google has recognized me as a Google Developer Expert (GDE) in the domains of Web Technologies, Security, Privacy, Payments, and Identity."}}],"tags":["auth0","organization","openfga","fga"],"postContent":"Auth0 supports Roles and Permissions and allows you to add users' permissions to your access tokens with a convenient toggle in the dashboard. But what if you’re using a more fine-grained solution to make access control decisions, like [Auth0 FGA](https://a0.to/auth0-fga-content) or its open-source counterpart, [OpenFGA](https://a0.to/fga-content)?\n\nActions are our way of offering developers flexibility. There are many different use cases for Auth0 Actions, and enriching an access or ID token is one of them. In this blog post, we’ll explore how we can add some relevant user data from our Auth0 FGA decision engine to the access tokens issued by our Auth0 tenant so that we can use that data in our application logic.\n\n## Prerequisites\n\nFor this blog post, we assume you are familiar with either Auth0 FGA or OpenFGA and have an instance up and running. If you’d like to follow along, you can use the following model and tuples to set up a test store, or you could adapt the code for our Auth0 action later to reflect your use case.\n\n\u003e If you are unfamiliar with Auth0 FGA, OpenFGA, or how to get started, read [this blog](https://auth0.com/blog/fine-grained-access-control-with-okta-fga-nextjs/) post to learn more.\n\n## The OpenFGA Authorization Model\n\nOur [model](https://openfga.dev/docs/getting-started/configure-model) will contain a “user,” an “organization,” and a “document” type. An organization can have admins who are defined users and members who are either directly defined users or any user who’s already an admin for the organization. One or more organizations can own documents, and access rights are determined by the “doc_creator” and “doc_admin” relations from these organizations.\n\n```\nmodel\nschema 1.1\n\ntype user\n\ntype organization\nrelations\n define admin: [user]\n define member: [user] or admin\n define doc_creator: [user] or member\n define doc_admin: [user] or admin\n\ntype document\nrelations\n define owner: [organization]\n define can_create: doc_creator from owner\n define can_delete: doc_admin from owner\n```\n\n### OpenFGA Test Tuples\n\nThese are [the tuples](https://openfga.dev/docs/getting-started/update-tuples) I’ve added to our Auth0 FGA Store. The ``auth0|62...7f`` is a user identifier within Auth0 and will be part of the Access Token as the `sub` claim. We’ll use these user IDs in our action code to look up all organizations belonging to the current user.\n\n```js\n[\n {\n \"object\":\"organization:devrel\",\n \"relation\":\"admin\",\n \"user\":\"user:auth0|62...7f\"\n },\n {\n \"object\":\"organization:openfga\",\n \"relation\":\"member\",\n \"user\":\"user:auth0|62...7f\"\n } \n]\n```\n\n## Let’s Write Our Auth0 Action\n\nWe can create our [Action](https://auth0.com/features/actions) from the Library page under the Actions menu item. Once we’ve navigated to this page, click the “Create Action” button in the top-right corner. This will allow us to install an action from the marketplace, start from an existing template, or write one from scratch. We’ll choose “Choose a template”, as there’s a template available that can serve as a solid basis from which to start.\n\n\n\nOn the next page, select the “Enrich profile” use case and click on the “Add Email to Access Token” template. This template will add an email address to your access tokens, but we’ll adapt it to add organizations from Auth0 FGA instead.\n\n\n\nYou can now preview the code from the template and click on the “Use This Template” button to install it. The following popup will ask you to give a name to the new action. We will leave the “post-login” trigger and node runtime as is and click “Create”.\n\n\n\n\n\n### Namespace our custom claim\n\nThe [OpenID Connect specification](https://openid.net/specs/openid-connect-core-1_0.html#AdditionalClaims) recommends adding a namespace to [custom claim](https://auth0.com/docs/secure/tokens/json-web-tokens/create-custom-claims#namespaced-guidelines) names. The first few lines of code in our `onExecutePostLogin` function do just that. They check for a secret called `namespace` and ensure that it ends with a trailing slash.\n\nWe can add the namespace to the secrets by clicking on the Key icon in the left-side menu of the Action editor and clicking on the “Add Secret” button. Namespaces are usually a URI, so we will add `https://example.com` as a `NAMESPACE` secret. Feel free to change this to a more appropriate namespace.\n\n### Install and configure the OpenFGA SDK\n\nThe Actions editor also conveniently allows us to install packages from NPM. We can add the OpenFGA SDK by clicking on the box icon on the left side and clicking on the “Add dependency” button. The package name will be `@openfga/sdk`, and the version can remain “latest”. This will install the [`@openfga/sdk`](https://www.npmjs.com/package/@openfga/sdk) package so we can import and use it in the Action codebase.\n\nAdd the following line to the top of the Action’s codebase:\n\n```js\nconst { OpenFgaClient, CredentialsMethod } = require('@openfga/sdk');\n```\n\nNow that we’ve imported the OpenFGA client, let’s create a new instance and configure the credentials. \n\n```js\nconst fgaClient = new OpenFgaClient({\n apiUrl: event.secrets.FGA_API_URL,\n storeId: event.secrets.FGA_STORE_ID,\n authorizationModelId: event.secrets.FGA_MODEL_ID, // Optional, by default it will use the latest model\n credentials: {\n method: CredentialsMethod.ClientCredentials,\n config: {\n apiTokenIssuer: event.secrets.FGA_API_TOKEN_ISSUER,\n apiAudience: event.secrets.FGA_API_AUDIENCE,\n clientId: event.secrets.FGA_CLIENT_ID,\n clientSecret: event.secrets.FGA_CLIENT_SECRET,\n }\n }\n});\n```\n\nIt is a good idea to create a new authorized client through the [Auth0 FGA dashboard’s](https://dashboard.fga.dev/) settings page for us to use in the Actions editor. Once you’ve created this new client, you can add its Client ID and secret to the Actions editor’s secrets, together with all other necessary configuration parameters. \n\nHere’s a quick overview of what they should look like. Be sure to change the `eu1` region in the API URL and Audience to `us1` or `au1` depending on which jurisdiction you choose when creating your store.\n\n```\nFGA_API_URL=https://api.eu1.fga.dev\nFGA_API_AUDIENCE=https://api.eu1.fga.dev/\nFGA_API_TOKEN_ISSUER=auth.fga.dev\nFGA_CLIENT_ID=0U...4q\nFGA_CLIENT_SECRET=pB...kf\nFGA_STORE_ID=01...1M\nFGA_MODEL_ID=01...9C\n```\n\n### List all assigned organizations from Auth0 FGA\n\nAuth0 FGA exposes a `list-objects` endpoint that can return a set of objects of a particular type assigned to a user, such as all organizations for which a user is a member. This will also consider all indirect relationships, such as when a user is a member because they are an admin for a specific organization.\n\nTo use this endpoint, the OpenFGA client we just created exposes a `listObjects` method where we can pass a user, relation, and object type. Notice that we pass along the `user_id` from `event.user`. This is the actual ID of the user who is currently trying to log in.\n\nAdd the following snippet below the OpenFGA client initialization code in our Action.\n\n```js\nconst {objects} = await fgaClient.listObjects({\n user: `user:${event.user.user_id}`,\n relation: \"member\",\n type: \"organization\",\n})\n```\n\n### Add the Assigned Organizations to the Access Token\n\nThe last thing left to do is to add the returned organization to our access token. We can re-purpose the last existing line from the template by adding the email to add our organizations instead. With some minimal changes, that code will look something like this.\n\n```js\napi.accessToken.setCustomClaim(\n namespace + 'organizations', \n objects.map(organization =\u003e organization?.replace('organization:', ''))\n);\n```\n\nThe `list-objects` endpoint returns the object type together with the actual objects, so in our case, we can strip `organization:` from each returned organization. This will keep the organization names, which we can add to the custom claim.\n\n### Putting it All Together\n\nIf we add some error handling, we’ll end up with an action that should look like this. \n\n```js\nconst { OpenFgaClient, CredentialsMethod } = require(\"@openfga/sdk\");\n\nexports.onExecutePostLogin = async (event, api) =\u003e {\n let namespace = event.secrets.NAMESPACE || \"\";\n if (namespace \u0026\u0026 !namespace.endsWith(\"/\")) {\n namespace += \"/\";\n }\n\n try {\n const fgaClient = new OpenFgaClient({\n apiUrl: event.secrets.FGA_API_URL,\n storeId: event.secrets.FGA_STORE_ID,\n authorizationModelId: event.secrets.FGA_MODEL_ID,\n credentials: {\n method: CredentialsMethod.ClientCredentials,\n config: {\n apiTokenIssuer: event.secrets.FGA_API_TOKEN_ISSUER,\n apiAudience: event.secrets.FGA_API_AUDIENCE,\n clientId: event.secrets.FGA_CLIENT_ID,\n clientSecret: event.secrets.FGA_CLIENT_SECRET,\n },\n },\n });\n\n const { objects } = await fgaClient.listObjects({\n user: `user:${event.user.user_id}`,\n relation: \"member\",\n type: \"organization\",\n });\n\n api.accessToken.setCustomClaim(\n namespace + \"organizations\",\n objects.map((organization) =\u003e organization?.replace(\"organization:\", \"\"))\n );\n } catch (error) {\n api.access.deny(\"Could not list organizations\");\n }\n};\n```\n\nThe issued access token will now have a custom `https://example.com/organizations` claim, and when decoded, it can look something like the following:\n\n```js\n{\n \"iss\": \"https://\u003cyour-tenant\u003e.eu.auth0.com/\",\n \"sub\": \"auth0|62...7f\",\n \"aud\": [\n \"https://example.com\",\n \"https://\u003cyour-tenant\u003e.auth0.com/userinfo\"\n ],\n \"iat\": 1740579493,\n \"exp\": 1740665893,\n \"scope\": \"openid profile email address phone\",\n \"jti\": \"rDk6D9GigyYTfi2WN492AB\",\n \"client_id\": \"T1...aW\",\n \"https://example.com/organizations\": [\n \"devrel\",\n \"openfga\"\n ],\n}\n```\n\n## Wrapping Up\n\nIn this article, we’ve gone through the steps to create a new Auth0 Action. This action will run every time a user logs into our application and adds all organizations that the user is a member of to the Access Token. We can use this information in our backend systems by decoding the Access Token, which will be a JSON Web Token, and looking for our custom claim `https://example.com/organizations`.\n\nThe action does the following steps to accomplish this:\n\n* Import the [OpenFGA Node.js SDK](https://github.com/openfga/js-sdk).\n* Make sure we have a namespace configured and that it ends with a slash.\n* Create a new instance of the imported OpenFGA client.\n* Use this client to list all organizations assigned to the user by using the exposed `listObjects()` method.\n* Return the list of organizations as a custom claim prepended by our namespace in our Access Tokens.\n","dateCreated":"2025-03-18T15:03","dateLastUpdated":null,"readTime":8,"formattedDate":"Mar 18, 2025"},{"title":"Developer Week 2025: Building a Long-Term Relationship with AI","path":"developer-week-2025","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/4kdGIg1VVQ2692sYt7sWDU/638cd42a852d2492fbd3b63a56844cd0/Developer_Week.png","size":{"width":600,"height":456}},"description":"At DeveloperWeek 2025, AI took center stage—highlighting trust issues, security gaps, and transparency challenges as companies push for more reliable AI.","category":["Announcements","Company News","DeveloperWeek"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"3fRtTZBKyq257dQeBzEpfd","type":"Entry","createdAt":"2025-03-10T22:02:41.368Z","updatedAt":"2025-03-10T22:02:41.368Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":7,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"mira-sharma","name":"Mira Sharma","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"bFv46qtSNTlZVhPlw2zLH","type":"Asset","createdAt":"2025-03-10T22:02:10.340Z","updatedAt":"2025-03-10T22:02:10.340Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"Mira Sharma","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/bFv46qtSNTlZVhPlw2zLH/89442a2ffd3bca114ca2d4b5663337de/Mira_Sharma.jpeg","details":{"size":59623,"image":{"width":401,"height":400}},"fileName":"Mira Sharma.jpeg","contentType":"image/jpeg"}}},"lastUpdatedBy":"Robertino Calcaterra","email":"mira.sharma@okta.com","twitter":null,"github":null,"linkedin":null,"isPopular":false,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Associate Product Manager","description":"Mira is a Product Manager on Auth0’s Enterprise Federations team. She is passionate about building connections, whether they involve OIDC tokens, puzzling out the shape of new product features, or frustrating New York Times games. When she’s not working, she’s probably writing intergalactic stories, out on a run, or in a pool somewhere.\n"}}],"tags":["ai","security","auth0","product"],"postContent":"\n\n[DeveloperWeek 2025](https://www.developerweek.com/) was an AI-lover’s dream, a cornucopia of AI-driven innovation emerging from small startups to established industry leaders. There were dancing robot dogs, a plethora of cyber trucks, and a robot so intent on shaking human hands that it alarmed a few passersby as it scuttled speedily toward them. Attendees were privy to demos of voice cloning, roundtables with people from a diverse array of expertise, an enthusiastic DJ, and a small inflatable slide that lay in bouncy disuse. Any spies would be alarmed at the number of “agents” being openly discussed around them.\n\nThere is no denying that AI is the future. Yet like any nascent relationship, there are looming hurdles that must be navigated on the road to a happily-ever-after.\n\n## Trust Issues \n\n\nWhile many envision the ultimate AI solution as an autonomous agent capable of reasoning and handling complex tasks independently, today’s reality spans a wide range of autonomy. Most of the AI tools displayed at DeveloperWeek still require significant human input, with only a few pushing toward greater independence. \n\n\u003cimg src=\"https://images.ctfassets.net/23aumh6u8s0i/LxsZn0xN57pNGGo4iZZAv/ed74ed928f1c281636b91ceb8093c8c8/developer-week-bot.jpg\" width=\"200\" align=\"left\" style=\"padding: 10px; alt=\"Bot\" /\u003e After attending several popular speaker sessions, it became clear that a central challenge in achieving true autonomy is trust: how can AI-based products be designed to deliver reliable, accurate outputs? Many of today’s successful AI tools—such as GitHub Copilot and Cursor.ai—are B2B products used by trained developers, inherently relying on human oversight for verification. Rules and procedures for proper usage can be created and followed systematically, reducing the risk of hallucinated code or other errors impacting production environments. \n\n\n\u003cbr\u003e\nB2C products, on the other hand, have fewer means of imposing usage rules on customers. AI tools may work as expected with prompts provided for testing, but there is an infinite number of prompts that customers could inadvertently create. Attempting to circumvent things like hallucination and training data bias may superficially appear to act as guardrails, but they are hardly guaranteed. \n\n[Generative AI never doesn’t have an answer](https://www.ibm.com/think/topics/ai-hallucinations): This is wildly appealing in some use cases and terrifyingly misleading in others. The wild west of unreliable AI products, however, will not last forever; technology is improving at exponential rates, and people are learning how to interact with AI in more effective ways. In one of the most well-attended sessions, “Give Your LLM a Left Brain,” Neo4j’s Stephen Chin highlighted GraphRAG as a powerful tool to enhance the creativity of LLMs by incorporating actual data and helping models generate more logical and relevant outputs. Limiting AI expertise and function is also a simple way to enable more comprehensive output testing and promote greater transparency in acknowledging the model's limitations. The work to refine and balance these capabilities—much like connecting the left and right hemispheres of the brain—is already in motion.\n\n## All Talk? \n\nAugmenting AI prompts with real data to enhance results–going from RAGs to riches, if you will–is not a new concept, and neither were many of the ideas bubbling around the booths. Although AI is still new in terms of its technical revolution, it is no longer shiny and novel to the wider world–we’ve been hearing about it since 2022. And while all sorts of flashy demos have been presented to show off the glittering promise of the AI-led future, where is that future now? \n\nA slide from Auth0’s keynote, delivered by Shiv Ramji, was particularly apt for describing the lifetime of an AI product. Getting a product ready to demo is not the same as shipping it; many AI products are in the liminal stretch between demo and shipping, as illustrated below. \n\n\n\nIn short, this means that an explosion in AI technology is still imminent, with increasing numbers of ready-to-use, publicly available tools released regularly. As more companies push beyond [Gartner’s \"trough of disillusionment\"](https://www.gartner.com/en/articles/what-s-new-in-artificial-intelligence-from-the-2023-gartner-hype-cycle), we’re witnessing a shift from skepticism to real, tangible progress, signaling that AI’s potential is beginning to be fully realized in ways that were once thought far off.\n\n\n_Source_: [Gartner](https://www.gartner.com/en/articles/what-s-new-in-artificial-intelligence-from-the-2023-gartner-hype-cycle)\n\n## Lack of Transparency \n\nPart of AI’s sparkling allure is its ability to abstract away the nuisances of code and technicalities under the familiar veil of natural language. It’s this very abstraction, however, that turns AI into a black box that makes modification, testing, and usage more complicated. There is a growing gap between those who create AI models—the engineers and researchers developing the foundational architectures—and those who design AI-powered products—the product managers, UX designers, and business strategists shaping how AI is integrated into real-world applications. In one session, the presenter asked the packed audience if any of them had ever built an AI agent themselves, seeing as agents were the subject of the 25-minute session. Not a single hand was raised. \n\nThis audience may have been particularly bashful, but this was a clear indicator of the opaqueness that still surrounds the AI space. Everyone wants AI, but how many truly understand it—from the theory behind it to its actual development and proper usage? As no-code solutions become more common, this gap in practical knowledge will inevitably increase–and while this enables accessibility, another broadly beneficial aspect of the natural language abstraction, it also leaves room for oversights in development and usage. \n\nAnother consequence of the growing opaqueness of AI products is the simultaneous demand for increased visibility. Many companies at the event showcased products aimed at improving clarity through visualization, while others acknowledged that this need for visibility was a pressing concern. In some cases, companies leveraged the black box nature of AI to their advantage, using its opacity to conceal underlying deficiencies – like when it came to product security.\n\n## Insecurities \n\nSecurity is often a shocking afterthought in the development of many AI products despite [widespread overlapping security concerns across the industry](https://auth0.com/blog/the-rise-of-ai-agents-and-the-security-challenges-ahead/). Companies working with solutions involving RAG highlighted [Fine-Grained Authorization (FGA)](https://auth0.com/blog/streamline-your-authorization-workflow-with-auth0-fga/) and [Role-Based Access Control (RBAC)](https://auth0.com/docs/authorization/rbac) as key focuses, while others using AI agents to call APIs pointed to issues around [permissions and scope](https://auth0.com/blog/permissions-privileges-and-scopes/) as their most pressing security concerns. To address these challenges, companies took several different approaches.\n\n### 1. Implementing FGA or RBAC Internally\nThis approach, which was the most commonly mentioned in ad-hoc interviews during the event, involves companies handling security frameworks themselves. While this can be an effective way to ensure that sensitive data is protected, it raises an important question: why continue reinventing the wheel? Much like AI tools often build on the same foundational models, it seems inefficient for every company to address the same security challenge individually when much of the industry will ultimately tackle it in similar ways. Standardized solutions could save time and resources and enhance overall security across the board.\n\n### 2. Offloading Security to Customers\nSome companies initially reduce their security overhead by offloading the responsibility to their customers. This might seem like an attractive strategy early in product development, as it enables faster go-to-market timelines. However, this approach is unlikely to scale in the long term. As AI products mature, customers expect products to include robust, built-in security features, not to carry the burden themselves. \n\n### 3. Implementing Guardrails to Limit AI Functionality\nAnother approach companies are taking involves creating restrictions on what AI can and cannot do. Some limit AI to read-only access or severely restrict its interaction with APIs. One company took the latter approach even further, disabling the AI’s ability to make API calls altogether. Instead, the AI would leave placeholders where API calls should be made, requiring a human to fill in the gaps. This “human-in-the-loop” method reflects a cautious approach to security, recognizing that while AI is powerful, there are still areas where human oversight is indispensable. It also underscores the ongoing debate around [AI autonomy](https://auth0.com/blog/secure-human-in-the-loop-interactions-for-ai-agents/)—how much trust can we place in an AI to perform tasks traditionally handled by humans? (Also, should AI developers be counted as legitimate attendees at developer conferences?)\n\n### 4. Proceeding Without Considering Security\nFinally, the most concerning approach—still alarmingly common—entails moving forward without proper security measures in place. As AI continues to be integrated into production environments, neglecting security becomes an even greater risk, particularly with the rise of malicious actors leveraging AI capabilities. Security is most effective when it’s built-in from the start, not added as an afterthought or band-aid to patch vulnerabilities later on.\n\n## An Exciting Future \n\nSo, AI has some issues, and so do we. The challenges we face today—trust issues, security concerns, and the need for transparency, along with others—are simply part of the process of building a long-term, reliable partnership with this incipient technology. DeveloperWeek 2025 highlighted the significant progress made in the span of just a few years but also underscored the importance of addressing these challenges as we move forward. As we refine our approach to AI development, it will be crucial to balance innovation with responsibility. \n\nSecurity, in particular, remains one of the most pressing concerns. As AI systems become more capable and deeply integrated into business operations, ensuring secure authentication and access control will be critical to preventing vulnerabilities. Products like Auth0 are already tackling this challenge, offering insights into securing Generative AI applications with stronger identity and authorization frameworks. AI security is something that is most effective built-in from the start, enabling developers and businesses alike to balance AI innovation with robust safeguards. \n\n\u003e Explore how you can integrate robust AI security strategies with Auth0: [Auth for GenAI](https://auth0.com/blog/auth-for-genai/).\n\nThe future of AI holds tremendous promise, and with continued collaboration and thoughtful problem-solving, the potential for positive, transformative impact is within reach. \n\n## AI Resources\n\n* [Building a Secure RAG with Python, LangChain, and OpenFGA](https://auth0.com/blog/building-a-secure-rag-with-python-langchain-and-openfga/)\n* [Build a Secure RAG Agent Using LlamaIndex and Okta FGA on Node.js](https://auth0.com/blog/genai-llamaindex-js-fga/)\n* [Identity Challenges for AI-Powered Applications](https://auth0.com/blog/identity-challenges-for-ai-powered-apps/)\n* [Secure “Human in the Loop” Interactions for AI Agents](https://auth0.com/blog/secure-human-in-the-loop-interactions-for-ai-agents/)\n* [The Rise of AI Agents and the Security Challenges Ahead](https://auth0.com/blog/the-rise-of-ai-agents-and-the-security-challenges-ahead/)","dateCreated":"2025-03-14T18:54","dateLastUpdated":null,"readTime":9,"formattedDate":"Mar 14, 2025"},{"title":"New Auth0 Extension for Netlify: Available Now","path":"new-auth0-extension-for-netlify-available-now","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/1mUMR0A8KINhJK2yxzPTMI/efff7a59b80db46882bc1d9649bc7851/Co-Branded_Template_-_Image___Gradient_melon_-_600x456.png","size":{"width":600,"height":456}},"description":"Get started and ship fast with Auth0 and Netlify","category":["Announcements","Company News","Extension"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"6KmKkQ19xLww04sIfagYsz","type":"Entry","createdAt":"2023-04-10T16:28:26.328Z","updatedAt":"2024-07-24T16:56:13.319Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":10,"revision":2,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"calah-vargas","name":"Calah Vargas","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"6DYRVjtEDr45vRaSLHccqm","type":"Asset","createdAt":"2023-04-10T16:28:07.632Z","updatedAt":"2023-04-10T16:28:07.632Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"Calah Vargas","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/6DYRVjtEDr45vRaSLHccqm/97a28a4455d1600d65119516aa31ac02/Calah_Vargas.jpeg","details":{"size":21950,"image":{"width":512,"height":512}},"fileName":"Calah Vargas.jpeg","contentType":"image/jpeg"}}},"lastUpdatedBy":"Flor Caputti","email":"calah.vargas@okta.com","twitter":null,"github":null,"linkedin":null,"isPopular":false,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Associate Manager, PLG","description":"Calah Vargas is the Associate Manager of Product Led Growth, focusing on nonprofits, startups, and partnerships. She works on product marketing and customer marketing initiatives. Outside work, you can find her cooking, trying new restaurants, and traveling with friends and family."}}],"tags":["netlify","auth0","iam"],"postContent":"**TL;DR:** [New Auth0 Extension](https://www.netlify.com/integrations/auth0/) for Netlify: Available Now. We’ll go over why we partnered with Netlify and share resources to help you build and deploy an app.\n\n## Why Should I Choose Auth0?\n\nA secure login experience and access management are at the core of any application with users. Auth0 is a comprehensive auth solution built for developers with evolving needs. With Auth0, you can get your app to market fast by quickly turning on core features, enabling a secure experience for your users, and customizing experiences when your app’s needs change. \n\n## What is Netlify, and Why Did We Choose to Partner Together? \n\n[Netlify’s](https://www.netlify.com/) platform allows you to build highly performant and dynamic websites, e-commerce stores, and web applications. It also unites an extensive ecosystem of technologies, services, and APIs into one workflow to unlock team productivity. Integrating with a third-party platform like Auth0 allows Netlify users to deploy any modern frontend stack safely and securely. \n\nWe both share a commitment to an excellent developer experience, so this partnership is a great fit. This extension allows you to leverage Netlify to innovate, scale, and ship while relying on Auth0 to enhance security and a great user experience. \n\n## Let’s Start Building with Auth0 and Netlify\n\nChallenge: You’re looking to add authentication to your Netlify site easily.\n\nSolution: Use this new extension to add authentication to your Netlify site and connect your Auth0 tenants to your Netlify account dashboard. \n\nThis [guide](https://developers.netlify.com/guides/getting-started-with-the-new-auth0-extension-on-netlify/) will include instructions on how to set up the following while using the web framework Astro:\n\n* Authentication flows for login/logout\n* An Auth0-protected serverless function for serving user information\n\n\u003e [Let’s dive in here](https://developers.netlify.com/guides/getting-started-with-the-new-auth0-extension-on-netlify/).\n\nOnce complete, you will have built a static site and enabled the Auth0 extension. Congrats on successfully authenticating your new website! 🎉\n\n## Have Questions?\n\nIf you want to learn more, check out the new [Netlify documentation](https://docs.netlify.com/integrations/auth0/). Share your thoughts on the guide [here](https://developers.netlify.com/guides/getting-started-with-the-new-auth0-extension-on-netlify/#guide-feedback-form).\n\n\nHappy building!\n\n_This blog may contain hyperlinks to non-Okta websites that are created and maintained by third parties who are solely responsible for the content on such websites._","dateCreated":"2025-03-11","dateLastUpdated":null,"readTime":2,"formattedDate":"Mar 11, 2025"},{"title":"Building a Secure Python RAG Agent Using Auth0 FGA and LangGraph","path":"building-a-secure-python-rag-agent-using-auth0-fga-and-langgraph","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/20TfIDa2n6V6BugtObHk9L/1a46e349c381351e50ccffb084fa6ef0/Auth0_AI_technical.png","size":{"width":600,"height":456}},"description":"Learn how to use Auth0 FGA to secure your LangGraph RAG agent in Python.","category":["Developers","Tutorial","AI"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"7qC8LJD80VSx1qYcSdQ1Zh","type":"Entry","createdAt":"2021-08-23T12:59:46.069Z","updatedAt":"2025-01-08T14:00:38.100Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":42,"revision":6,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"juan-cruz-martinez","name":"Juan Cruz Martinez","avatar":{"metadata":{"tags":[{"sys":{"type":"Link","linkType":"Tag","id":"user"}}],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"5b3YvfAb53h2I5U6uanww4","type":"Asset","createdAt":"2022-07-07T09:23:40.589Z","updatedAt":"2022-07-07T09:23:56.422Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":10,"revision":5,"locale":"en-US"},"fields":{"title":"jcm","description":"Juan Cruz Martinez","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/5b3YvfAb53h2I5U6uanww4/f1dfa0e19f15f5df8eacd53f78a813f6/jcm.jpeg","details":{"size":29371,"image":{"width":400,"height":400}},"fileName":"jcm.jpeg","contentType":"image/jpeg"}}},"lastUpdatedBy":"Juan Cruz Martinez","email":"juan.martinez@okta.com","twitter":"https://twitter.com/bajcmartinez","github":"https://github.com/bajcmartinez","linkedin":"https://www.linkedin.com/in/bajcmartinez/","isPopular":true,"personalWebsite":"https://jcmartinez.dev/","type":"Auth0 Employee","jobTitle":"Staff Developer Advocate","description":"I stream, blog, and make youtube videos about tech stuff. I love coding, I love AI, and I love building stuff!"}}],"tags":["auth0","fga","rag","langchain","langgraph","ai"],"postContent":"Building Retrieval-Augmented Generation (RAG) applications are all the rage, and for a good reason. They let you tap into vast knowledge bases to answer questions, generate content, and power all sorts of AI-driven experiences. But what happens when you need to control who can access what information? That's where things get interesting.\n\nWe're diving deep into building a secure RAG pipeline using LangGraph, Python, and Auth0 FGA. Forget simple vector lookups; we're talking about a graph-based approach that lets you orchestrate complex workflows, integrate tools, and enforce fine-grained access control.\n\n## Proposed Solution: Secure Retrieval with LangGraph, OpenAI, and Auth0 FGA\n\nThe solution employs a workflow that integrates document retrieval, user-specific authorization filtering, and LLM response generation.\n\nWe’ll build a pipeline that uses:\n\n* **LangChain \u0026 LangGraph**: A helpful toolkit for chaining the steps of an RAG pipeline (loading data, creating embeddings, retrieving, and prompting).\n* **LLMs** (OpenAI or any other): For both embeddings (similarity search) and text generation.\n* **Auth0 FGA**: A fine-grained authorization service that checks, for each document, if a user has the “viewer” relationship.\n\n### LangChain \u0026 LangGraph\n\nLangChain and LangGraph are two complementary tools that simplify the development of LLM applications, each bringing unique strengths to the table.\n\nLangChain is a library that streamlines the assembly of components—such as document loaders, vector stores, and prompt templates—into a robust and cohesive framework. This makes it easier to build, maintain, and scale your RAG pipeline efficiently.\n\nLangGraph takes a different approach by enabling you to visualize and construct your workflows as a graph. With its ability to handle **complex graphs, branching logic, and advanced flow structures**, LangGraph empowers developers to design sophisticated pipelines that go beyond linear processes. By mapping out the connections between components visually, it enhances modularity and simplifies debugging and optimization. Read more here to get started: [https://langchain-ai.github.io/langgraph/](https://langchain-ai.github.io/langgraph/).\n\n### LLMs\n\nAlthough we’ll demonstrate OpenAI’s embeddings and Chat APIs, you can easily replace them with other providers (e.g., Anthropic, LLaMA, or Azure OpenAI). The main tasks here are:\n\n1. **Embedding** documents so you can do similarity searches.\n2. **Generating** text from the retrieved documents to answer the user’s query.\n\n### FGA, OpenFGA and Auth0 FGA\n\n**FGA (Fine-Grained Authorization)** is about controlling *who can do what* with *which resources*, down to an individual level. In a typical role-based system, you might say, “Admins can see everything, and Regular Users can see some subset.” But in a real-world app—especially one that deals with many documents—this might not be flexible enough.\n\n**OpenFGA (and Auth0 FGA)** addresses this by letting you define authorization *relationships.* The relationships defined in the authorization model can be either direct or indirect. Simply put, direct relationships are directly assigned between a consumer and a resource (we call them user and object) and stored in the database. Indirect relationships are the relationships we can infer based on the data and the authorization model.\n\nIf you would like to learn the basics of using FGA for RAG, check out this blog post on [RAG and Access Control: Where Do You Start?](https://auth0.com/blog/rag-and-access-control-where-do-you-start/).\n\n\u003cinclude\n src=\"LinkCard\"\n title=\"RAG and Access Control: Where Do You Start?\"\n link=\"https://auth0.com/blog/rag-and-access-control-where-do-you-start/\"\n description=\"Learn how to get started with Auth0 FGA for a RAG application.\" img=\"https://images.ctfassets.net/23aumh6u8s0i/79NCborGcFIrAMeaV7G8oi/f9c588c2d05f0828d447e72e1fe825cc/Latam01.jpg\"\n/\u003e\n\n## Implementation: Step-by-Step\n\nBelow is a sample setup in Python. We’ll keep it simple so you can see the big picture. Feel free to adapt for your chosen LLM or a more robust data store.\n\n### Set Up Prerequisites\n\nTo follow this tutorial and secure your application, you’ll need the following:\n\n* Python 3.9 or newer.\n* An Auth0 FGA account. If you don’t have one, you can [create one for free](https://dashboard.fga.dev/).\n* An [OpenAI account and API key](https://platform.openai.com/).\n\n### Download and install the sample code\n\nTo get started, clone the[ auth0-ai-samples](https://a0.to/auth0-ai-samples) repository from GitHub:\n\n```\ngit clone https://github.com/auth0-samples/auth0-ai-samples.git\ncd auth0-ai-samples/authorization-for-rag/langgraph-agentic-python\n# Create a virtual env\npython -m venv venv\n# Activate the virtual env\nsource ./venv/bin/activate\n# Install dependencies\npip install -r requirements.txt\n```\n\nThe application is written in Python and is structured as follows:\n\n* `main.py` \u0026mdash; The main entry point of the application, and it is where we define the RAG pipeline\n* `docs/*.md` \u0026mdash; Sample markdown files are to be used as context for the LLM. There are two types of docs, public and private. Private documents are only accessible to certain individuals.\n* `helpers/memory_store.py` \u0026mdash; Creates an in-memory vector store that acts as the base retriever in the chain.\n* `helpers/read_documents.py` \u0026mdash; Utility to read the markdown files from the `docs` folder.\n* `scripts/fga_init.py` \u0026mdash; Utility to initialize the Auth0 FGA authorization model and sample data.\n\n### RAG Pipeline\n\nThe `main.py` file defines the RAG graph using `LangGraph` to interact with the underlying LLM model and retrieve data from our context. In your project, your data may be sourced from different platforms and systems, make sure you check the proper documentation about [loaders in the Langchain ecosystem](https://python.langchain.com/v0.1/docs/modules/data_connection/).\n\nThe following diagram represents the RAG architecture we are defining:\n\n\n\n## Python Implementation\n\nLet’s now explore the code at `main.py`, which is where all the magic happens. We’ll start splitting the code into relevant chunks, so it will be easier to follow and understand.\n\nLet’s start by defining a LangChain tool that is responsible for querying the RAG for context by querying the vector database and filtering the relevant documents based on the user access:\n\n```python\n@tool\ndef agent_retrieve_context_tool(query: str):\n \"\"\"Call to get information about a company, e.g., What is the financial outlook for ZEKO?\"\"\"\n documents = read_documents()\n vector_store = MemoryStore.from_documents(documents)\n\n user_id = \"admin\"\n\n retriever = FGARetriever(\n retriever=vector_store.as_retriever(),\n build_query=lambda doc: ClientBatchCheckItem(\n user=f\"user:{user_id}\",\n object=f\"doc:{doc.metadata.get('id')}\",\n relation=\"viewer\",\n ),\n )\n\n relevant_docs = retriever.invoke(query)\n\n if len(relevant_docs) \u003e 0:\n return \"\\n\\n\".join([doc.page_content for doc in relevant_docs])\n\n return \"I don't have any information on that.\"\n\ntools = [agent_retrieve_context_tool]\n```\n\nThe `FGARetriever` defined in the `retrieve` node is designed to abstract the base retriever from the FGA query logic. The `build_query` argument lets us specify how to query our FGA model, in this case, by asking if the user is a viewer of the document.\n\n```python\nbuild_query=lambda doc: ClientBatchCheckItem(\n user=f\"user:{user_id}\",\n object=f\"doc:{doc.metadata.get('id')}\",\n relation=\"viewer\",\n),\n```\n\nThen we need to define the nodes in the Graph, each node will process unique functions, so we will explore them separately, starting with the `agent_node`, which is responsible for querying the LLM model based on the user’s input.\n\nEach node in LangGraph receives state as an object and can return state updates, for example:\n\n```python\ndef agent_node(state: State):\n \"\"\"\n Generate the response from the agent.\n \"\"\"\n llm_response = llm.invoke(state[\"messages\"])\n return {\"messages\": [llm_response]}\n```\n\nAfter the `agent_node` runs, we are using a conditional edge to determine the next step. In our particular case, the node` agent_should_continue` will finalize the execution of the graph if the LLM response didn’t trigger a tool call. But if we detect a tool call, then we continue the graph execution with the `tools` node.\n\n```python\ndef agent_should_continue(state: State):\n \"\"\"\n Determines whether the conversation should continue based on the user input.\n \"\"\"\n last_message = state[\"messages\"][-1]\n if last_message.tool_calls:\n return \"tools\"\n\n return END\n```\n\nThe `tools` node is a bit different from the others, as it builds on top of the Tool we declared at the start and uses the `ToolNode` method to simplify the logic. This method will wrap our tool into a node that adds a response from the tool into the chat messages state.\n\nBut that’s not all, as after we process the tool call, and we retrieve the proper context to answer the user’s input, we need to call, once again, the LLM model to generate an answer.\n\n```python\ndef generate_response_node(state: State):\n \"\"\"\n Generate the response from the agent based on the result of the RAG tool.\n \"\"\"\n prompt = PromptTemplate(\n template=\"\"\"You are an assistant for question-answering tasks. Use the following pieces of retrieved-context to answer the question. If you don't know the answer, just say that you don't know. Use three sentences maximum and keep the answer concise. Question: {question}. Context: {context}. Answer:\"\"\",\n input_variables=[\"question\", \"context\"],\n )\n\n question = state[\"messages\"][0].content\n context = state[\"messages\"][-1].content\n\n chain = prompt | llm\n\n llm_response = chain.invoke(\n {\"question\": question, \"context\": context}, prompt=prompt\n )\n\n return {\"messages\": [llm_response]}\n```\n\nIf you read the previous article, this may be familiar, but this is a simple chain that uses a prompt with a question and context to provide a good and relevant answer to the user.\n\nNow, with all the parts in place, we can build the graph:\n\n```python\n# Create the OpenAI chat tool\nllm = ChatOpenAI(model=\"gpt-4o-mini\").bind_tools(tools)\n\n# Build the graph\ngraph_builder = StateGraph(State)\ntool_node = ToolNode(tools)\n\n# Define the nodes\ngraph_builder.add_node(\"agent\", agent_node)\ngraph_builder.add_node(\"tools\", tool_node)\ngraph_builder.add_node(\"generate_response\", generate_response_node)\n\n# Define the edges\ngraph_builder.add_edge(START, \"agent\")\ngraph_builder.add_conditional_edges(\n \"agent\",\n agent_should_continue,\n [\"tools\", END],\n)\ngraph_builder.add_edge(\"tools\", \"generate_response\")\n\n# Compile the graph\ngraph = graph_builder.compile()\n```\n\nThat’s awesome! Now, if you set up all the environment variables, you could run the code. If you are not sure how to set them up, don’t worry; we will do that next.\n\n### Create an Auth0 FGA Account\n\nIf you already have an [Auth0 account](https://auth0.com/), you can use the same credentials to log in to the Auth0 FGA dashboard at [https://dashboard.fga.dev](https://dashboard.fga.dev/). If you don't have an Auth0 account, hop over to [https://dashboard.fga.dev](https://dashboard.fga.dev/) and create a free account.\n\nOnce you are logged in, you should see a dashboard similar to the one below.\n\n\n\n\u003e When you log into the Auth0 FGA dashboard for the first time, you may be asked to create a new store. This store will serve as the home for your authorization model and all the data the engine requires to make authorization decisions. Simply pick a name and create your store to get started.\n\n### Create an Auth0 FGA Client\n\nOnce you are in the dashboard, you’ll need a client to make API calls to Auth0 FGA. To create a client, navigate to **Settings**, and in the **Authorized Clients** section, click **Create Client**. Give your client a name, mark all three client permissions, and then click **Create**.\n\n\n\nWhen you create the client, Auth0 FGA will provide you with some data like a Store ID, a Client ID and a Client Secret. Don’t close that yet, you’ll need those values next.\n\nAt the root of the project, there’s a `.env.example` file. Copy the file and paste it as `.env`. Then, open the file and edit the three FGA-related variables using the values provided by Auth0 FGA. When you are ready, click continue, and the modal will display the values for the missing variables (`FGA_API_URL` and `FGA_API_AUDIENCE`).\n\nAt this step, you can also add your [OpenAI API Key](https://help.openai.com/en/articles/4936850-where-do-i-find-my-openai-api-key), which you’ll need to run the demo.\n\n### Configure the Auth0 FGA model\n\nNow that the application is set up, you can run the provided script to initialize the model and some sample data. To set things up, run:\n\n```\npython ./scripts/fga_init.py\n```\n\nYou can verify that the script worked by navigating to the model's page in Auth0 FGA. The following model should now have been created:\n\n```\nmodel\n schema 1.1\n\ntype user\n\ntype doc\n relations\n define owner: [user]\n define viewer: [user, user:*]\n```\n\n\u003e You can visit the Auth0 FGA documentation to learn more about[ modeling Auth0 FGA and creating an authorization model](https://docs.fga.dev/modeling).\n\nOn top of the model, the script also created two tuples. Tuples in Auth0 FGA define the relationships between the types.\n\nFirst, it defined a tuple to give all users access to the public doc:\n\n- **User** \u0026mdash; `user:*`\n- **Object** \u0026mdash; `public-doc`\n- **Relation** \u0026mdash; `viewer`\n\nThen, it created a second tuple to give the admin user access to the private doc:\n\n- **User** \u0026mdash; `user:admin`\n- **Object** \u0026mdash; `private-doc`\n- **Relation** \u0026mdash; `viewer`\n\n\u003e You can visit the Auth0 FGA documentation to learn more about [tuples and how to create them](https://docs.fga.dev/content/getting-started/new-getting-started#add-tuples).\n\n### Query the Graph\n\nInvoke the graph to process a query and generate a response.\n\n```python\n# Run the graph\nresult = graph.invoke(\n {\"messages\": [(\"human\", \"What is the financial outlook for ZEKO?\")]}\n)\nprint(result[\"messages\"][-1].content)\n```\n\nFantastic! You now know how to build and scale a secure RAG with Python and LangGraph. It’s time to test things out.\n\nTo run the graph, simply call the `main.py` file:\n\n```\npython main.py\n```\n\nIf you follow the steps, you’ll see responses like the following:\n\n```\nExample with no access:\nThe retrieved context does not provide any specific forecast or predictions for ZEKO (Zeko Advanced Systems Inc.). It mainly outlines the company's mission, technologies, and products without detailing any financial or market forecasts. Therefore, I don't know the forecast for ZEKO.\n\nExample with access:\nThe forecast for Zeko Advanced Systems Inc. (ZEKO) for fiscal year 2025 is generally bearish. Projected revenue growth is expected to remain subdued at 2-3%, with net income growth projected at 1-2%, primarily due to margin pressures and competitive challenges. Investors should be cautious, given the potential headwinds the company faces.\n```\n\nDepending on the user you use in the `agent_retrieve_context_tool`, you’ll see different results, experiment also by adding and removing privileges from the Auth0 FGA dashboard.\n\n## Learn More about Auth for GenAI, Auth0 FGA, and GenAI\n\nBefore you go, we have some great news to share: we are working on more content and sample apps in collaboration with amazing GenAI frameworks like [LlamaIndex](https://www.llamaindex.ai/), [LangGraph](https://www.langchain.com/), [CrewAI](https://www.crewai.com/), [Vercel AI](https://sdk.vercel.ai/), and others. \n\n[Auth for GenAI](https://a0.to/ai-content) is our upcoming product to help you protect your user's information in GenAI-powered applications.\n\nMake sure to join the [Auth0 Lab Discord server](http://a0.to/auth0-lab-discord) to hear more and ask questions.\n\nHappy coding!","dateCreated":"2025-03-10T15:04","dateLastUpdated":null,"readTime":12,"formattedDate":"Mar 10, 2025"},{"title":"Build, Launch, and Grow with Auth0","path":"build-launch-and-grow-with-auth0","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/710ijfMBkuZkf5e75bM0Hi/61f7acb15845e522ded0dfcdd688d309/infosec-hero","size":{"width":1765,"height":1585}},"description":"How Auth0 can support your product at any stage in your journey","category":["Business","Identity \u0026 Security","Product"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"6KmKkQ19xLww04sIfagYsz","type":"Entry","createdAt":"2023-04-10T16:28:26.328Z","updatedAt":"2024-07-24T16:56:13.319Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":10,"revision":2,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"calah-vargas","name":"Calah Vargas","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"6DYRVjtEDr45vRaSLHccqm","type":"Asset","createdAt":"2023-04-10T16:28:07.632Z","updatedAt":"2023-04-10T16:28:07.632Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"Calah Vargas","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/6DYRVjtEDr45vRaSLHccqm/97a28a4455d1600d65119516aa31ac02/Calah_Vargas.jpeg","details":{"size":21950,"image":{"width":512,"height":512}},"fileName":"Calah Vargas.jpeg","contentType":"image/jpeg"}}},"lastUpdatedBy":"Flor Caputti","email":"calah.vargas@okta.com","twitter":null,"github":null,"linkedin":null,"isPopular":false,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Associate Manager, PLG","description":"Calah Vargas is the Associate Manager of Product Led Growth, focusing on nonprofits, startups, and partnerships. She works on product marketing and customer marketing initiatives. Outside work, you can find her cooking, trying new restaurants, and traveling with friends and family."}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"1SqQDQn3J9X0ptECypNNRO","type":"Entry","createdAt":"2024-01-16T15:11:26.233Z","updatedAt":"2024-01-18T12:44:27.672Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":9,"revision":2,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"shreya-gupta","name":"Shreya Gupta","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"6cswqCdRjlVDj394oWchPg","type":"Asset","createdAt":"2024-01-16T15:08:04.649Z","updatedAt":"2024-01-16T15:08:04.649Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"Shreya Gupta","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/6cswqCdRjlVDj394oWchPg/e33efc96aac06b152e1e7c6cfb65dd3f/Shreya_Gupta.png","details":{"size":368532,"image":{"width":512,"height":512}},"fileName":"Shreya Gupta.png","contentType":"image/png"}}},"lastUpdatedBy":"robertino.calcaterra@auth0.com","email":"shreya.gupta@okta.com","twitter":null,"github":null,"linkedin":null,"isPopular":false,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Developer Advocate, Startups","description":"Shreya is the Developer Advocate for Auth0 for Startups. She previously founded a non-profit called Bit Project, worked at a YC-backed Startup as a Developer Advocate, and currently hosts The Developer Diaries podcast. Through each experience, she has found her love for building resources and tools that help move the needle for developers. Outside of work, she enjoys traveling, watching K-Dramas, and drinking boba."}},{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"4YHL7XnKQlZrqUpREBJf88","type":"Entry","createdAt":"2024-07-15T21:25:34.380Z","updatedAt":"2024-07-15T21:25:34.380Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":6,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"emma-gray","name":"Emma Gray","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"1PZdoF6w1UsiFep7X6sgeE","type":"Asset","createdAt":"2024-07-15T21:25:18.688Z","updatedAt":"2024-07-15T21:25:18.688Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"emma-gray","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/1PZdoF6w1UsiFep7X6sgeE/331c94695d9d87aa33a2adf8a52638c4/emma-gray.jpeg","details":{"size":86664,"image":{"width":512,"height":512}},"fileName":"emma-gray.jpeg","contentType":"image/jpeg"}}},"lastUpdatedBy":"Robertino Calcaterra","email":"emma.gray@okta.com","twitter":null,"github":null,"linkedin":null,"isPopular":false,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Sr. Manager, Product-Led Growth Marketing","description":null}}],"tags":["auth0","security","user-experience"],"postContent":"A secure login experience and access management are at the core of any application with users at any stage of development. At a high level, it’s helpful to bucket product development into one of three stages—**build, launch, and grow**—each with different needs for managing user access. Decisions made at any stage can have long-term benefits and ramifications.\n\nAuth0 is a comprehensive solution built for developers with evolving needs. Let’s walk through how Auth0 solves your needs at each stage – whether your app’s just an idea, in development, or already trusted by millions.\n\n*Which stage does your product fall into?*\n\n\n\n## Build\n\nWhether it’s a product that uses generative AI to create the perfect meal plan or a product that helps businesses analyze and act upon their data, your users will need the ability to sign up and log in seamlessly and safely.\n\nYou’ve started building your product, and now you’re developing how users interact with it:\n\n* How does a user register for your app?\n* How does a user authenticate securely every time?\n* For a B2B use case, how do you set up multiple environments for each business/team?\n\nTime is of the essence. The quickest path forward is to integrate a tool that satisfies your basic auth requirements for your MVP while iterating as needed. With Auth0, you can add a login screen, update your logo or brand, and access your user data [within minutes](https://auth0.com/docs/quickstarts). Up to 25,000 monthly active users can log into your application for free. We’re not counting accounts that register but never use the app again; we only count your captive audience.\n\nIf you’re depending on internal testing or an early access launch, you’ll be set up with Single Sign-On (SSO), branded forms, a custom domain, and more. You aren’t limited to a specific language or framework. And, if you want to move even faster, we offer [30+ SDKs \u0026 Quickstarts](https://auth0.com/docs/libraries) to help. For those building a B2B SaaS app, we released [SaaStart](https://auth0.com/blog/speed-up-your-customer-identity-journey-with-auth0-saastart/) last year, a reference B2B SaaS application built using Next.js and Auth0.\n\nYour tools must integrate seamlessly to capitalize on the work you’ve already done. Auth0 is built to be extensible—you can use Integrations, Actions, and Connections to expand your use case and user experience. Start at the [Marketplace](https://marketplace.auth0.com/) to explore your options, and head to [Docs](https://auth0.com/docs) to start implementing them.\n\nWe’re partnering with some of your favorite developer tools to launch integrations within their ecosystems. The [Auth0 integration is now in the Vercel marketplace](https://vercel.com/integrations/auth0), so you can build scalable, secure, and compliant applications with an enhanced user experience by leveraging the strengths of these two best-in-class platforms.\n\n\n\n## Launch\n\nCongrats on launch day! At this point, you’re eager for users to start interacting with your product so they can enjoy the fruits of your labor. However, you want to ensure that a fragmented or inconsistent login experience doesn’t deter them from exploring or, even worse, choosing an alternative app just because their login experience is better than yours. Features like [Enterprise MFA](https://auth0.com/docs/secure/multi-factor-authentication), so your users can use OTP Apps like Duo and Google or WebAuthn with Security Keys, can help create an accessible and secure experience.\n\nAt this stage, it’s also important to be able to handle your growing user base and collect data and insights to enhance your user experience. Our integration with [Datadog](https://marketplace.auth0.com/integrations/datadog-log-streaming) allows you to easily monitor your auth workflow logs, metrics, and request traces. Or, if your customers prefer a [passwordless connection](https://auth0.com/docs/authenticate/passwordless) (let’s face it, we all have too many passwords) or prefer to log in with GitHub over Gmail, our [Social Connections](https://marketplace.auth0.com/features/social-connections?_gl=1*1h59xrj*_gcl_aw*R0NMLjE3MzgwOTY5NTUuQ2p3S0NBaUFuZUs4QmhBVkVpd0FveTJIWVYtdjdFbENLNFVqeFpOT3lOaXN6dU5Va25IYmNWb3ZMWHBQUmlkc0ZlY2ZqNUFIOWxjRjZob0NORmdRQXZEX0J3RQ..*_gcl_au*OTU0MDY3ODU2LjE3MzcxNTg3Nzg.*_ga*MTQ1NzkzOTgwMy4xNzM2OTczNzM0*_ga_QKMSDV5369*MTczODEwNzI0MS4yNi4xLjE3MzgxMDk5NjguNDYuMC4w) have you covered. \n\nAs you analyze the data surrounding your users’ preferences, you may realize that a one-size-fits-all approach doesn’t work. By using [Actions](https://auth0.com/docs/customize/actions), you can customize and extend Auth0’s capabilities with custom logic. If you need some extra support to set your business up for success, we offer programs and discounts for eligible [early-stage startups](https://auth0.com/startups) and [nonprofits](https://auth0.com/nonprofits). \n\n## Grow\n\nYour app is a success — dare we say viral? You have loyal users, and your goal is to maintain your product's functionality while not spending too many resources on maintenance. However, you still want to invest in features that help you grow so your app stays competitive. As you’re looking to expand your customer base, either to include more countries if you’re building a B2C app or large enterprises if you’re building a B2B app, you may be held to new expectations. \n\nThe good news is that if you built with Auth0 in any of the previous phases, you’ve already enhanced the security of your customer’s journey. If you didn’t, don’t worry; you can always [migrate your users automatically from your database](https://auth0.com/docs/manage-users/user-migration/configure-automatic-migration-from-your-database). You’re not just implementing an auth solution; you’ve enlisted a squad of invested security experts to do the heavy lifting for you. With the option to enable [Bot Detection](https://auth0.com/docs/secure/attack-protection/bot-detection) to mitigate scripted attacks and [Fine Grained Authorization](https://auth0.com/fine-grained-authorization) (FGA) to manage complex authorization scenarios efficiently, your security posture can only get stronger as you scale. \n\n\n\nAnother evolving area that requires constant maintenance if you’re not using Auth0 is data privacy and compliance. When expanding to other geographies, especially ones with stricter data privacy regulations, it can seem impossible to maintain compliance when you’re moving quickly. Auth0 maintains and meets the requirements for [multiple compliance frameworks and certifications](https://auth0.com/docs/secure/security-center). \n\nIf you’re looking to test how enterprise-ready your app is, Auth0 can help. The [OpenID Foundation’s Interoperability Profiling for Secure Identity in the Enterprise (IPSIE)](https://openid.net/wg/ipsie/) working group is creating an open industry standard to enhance the end-to-end security of enterprise SaaS products. A few Auth0 capabilities that meet IPSIE’s proposed standards include SSO, SCIM, FGA, and Universal Logout. Read more about the new Identity security standard [here](https://www.okta.com/resources/datasheet-preparing-for-the-new-identity-security-standard/thankyou/).\n\nAs you're looking towards the future, Auth0 is right there with you. We just announced [Auth for GenAI](https://auth0.com/blog/auth-for-genai/), an upcoming Auth0 product for developers building applications with Generative AI, like chatbots and AI agents. This capability will enable you to confidently work alongside these chatbots and AI agents to build easily and securely. Head to [demo.auth0.ai](http://demo.auth0.ai/) to try the demo. \n\n\n\n### Try it for yourself today\n\nIf you care about:\n\n- Getting your app to market faster than your competitors by having the ability to turn on core features quickly while also promising 99.99% uptime;\n- Enabling a secure experience for your users;\n- Having the ability to customize experiences when your app’s needs change or your site goes viral, and you get many more monthly active users.\n\nAuth0 may be just what you’re looking for. [Try it out for yourself today](https://auth0.com/signup?utm_source=blog\u0026utm_medium=auth0\u0026utm_campaign=buildlaunchgrow).\n\n\n\n_These materials and any recommendations within are not legal, privacy, security, compliance, or business advice. These materials are intended for general informational purposes only and may not reflect the most current security, privacy, and legal developments or all relevant issues. You are responsible for obtaining legal, security, privacy, compliance, or business advice from your own lawyer or other professional advisor and should not rely on the recommendations herein. Okta is not liable to you for any loss or damages that may result from your implementation of any recommendations in these materials. Okta makes no representations, warranties, or other assurances regarding the content of these materials. Information regarding Okta's contractual assurances to its customers can be found at [okta.com/agreements](http://okta.com/agreements)._\n","dateCreated":"2025-03-06T15:56","dateLastUpdated":null,"readTime":7,"formattedDate":"Mar 6, 2025"},{"title":"Secure “Human in the Loop” Interactions for AI Agents","path":"secure-human-in-the-loop-interactions-for-ai-agents","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/79NCborGcFIrAMeaV7G8oi/f9c588c2d05f0828d447e72e1fe825cc/Latam01.jpg","size":{"width":1176,"height":1056}},"description":"AI agents are making decisions without you? Explore the challenges of AI autonomy and discover why human oversight is crucial for responsible AI. Learn how asynchronous authorization and CIBA can help you keep humans in the loop for critical AI actions.","category":["Developers","Product","AI"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"7qC8LJD80VSx1qYcSdQ1Zh","type":"Entry","createdAt":"2021-08-23T12:59:46.069Z","updatedAt":"2025-01-08T14:00:38.100Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":42,"revision":6,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"juan-cruz-martinez","name":"Juan Cruz Martinez","avatar":{"metadata":{"tags":[{"sys":{"type":"Link","linkType":"Tag","id":"user"}}],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"5b3YvfAb53h2I5U6uanww4","type":"Asset","createdAt":"2022-07-07T09:23:40.589Z","updatedAt":"2022-07-07T09:23:56.422Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":10,"revision":5,"locale":"en-US"},"fields":{"title":"jcm","description":"Juan Cruz Martinez","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/5b3YvfAb53h2I5U6uanww4/f1dfa0e19f15f5df8eacd53f78a813f6/jcm.jpeg","details":{"size":29371,"image":{"width":400,"height":400}},"fileName":"jcm.jpeg","contentType":"image/jpeg"}}},"lastUpdatedBy":"Juan Cruz Martinez","email":"juan.martinez@okta.com","twitter":"https://twitter.com/bajcmartinez","github":"https://github.com/bajcmartinez","linkedin":"https://www.linkedin.com/in/bajcmartinez/","isPopular":true,"personalWebsite":"https://jcmartinez.dev/","type":"Auth0 Employee","jobTitle":"Staff Developer Advocate","description":"I stream, blog, and make youtube videos about tech stuff. I love coding, I love AI, and I love building stuff!"}}],"tags":["authorization","ciba","ai","agent"],"postContent":"Imagine a world where AI agents handle complex tasks on your behalf – managing your finances, optimizing energy consumption in your home, or even coordinating logistics for a global supply chain. The potential benefits are enormous: increased efficiency, data-driven decisions, and automation of tedious processes. But what happens when these agents need to perform *critical* actions? Should an AI agent automatically buy a large amount of stock, transfer funds, or update sensitive records without any human oversight?\n\nMost of us would probably prefer to have a say in those decisions. **We want AI to *augment* our abilities, not replace our judgment**, especially when high-stakes actions are involved. The challenge is: how do we ensure human confirmation *before* an AI agent executes a sensitive action without disrupting the agent's workflow or creating a clunky user experience? Traditional, synchronous authorization methods can be a real pain in this scenario.\n\n## What Are AI Agents?\n\nLet's take a step back and define what we mean by \"AI agent.\" Essentially, an AI agent is an autonomous entity that can perceive its environment, make decisions based on that perception, and take actions to achieve specific goals. Think of it as a software robot with a brain (powered by AI, of course).\n\nWe're already seeing AI agents pop up in various domains:\n\n* **Finance:** Automated trading bots and fraud detection systems.\n* **Healthcare:** Diagnostic tools, personalized treatment recommendations.\n* **IoT:** Smart home controllers, automated industrial processes.\n* **Cybersecurity:** Threat detection and response systems.\n\nThe future potential of AI agents is vast. They could revolutionize industries, create personalized experiences, and unlock entirely new business models. However, this potential comes with responsibilities. We need to address concerns about job displacement, ethical considerations, and security risks. That's why responsible AI development and human oversight are so crucial.\n\n## Asynchronous User Confirmation\n\nSo, how do we keep humans in the loop without slowing down our AI agents? The answer lies in *asynchronous user authorization*.\n\nAsynchronous user authorization decouples the authorization request from the actual action. Instead of requiring immediate approval, the AI agent can request authorization and then continue its work while waiting for a response. This offers several key benefits:\n\n* **Non-Blocking:** The AI agent doesn't have to wait idly for human confirmation. It can continue processing other tasks or monitoring the environment.\n* **Improved User Experience:** Users can authorize actions at their convenience without being forced to respond immediately. Imagine getting a notification on your phone asking you to approve a stock trade, and you can do it with a single tap whenever you have a moment.\n* **Enhanced Security:** Asynchronous authorization provides an extra layer of protection against unauthorized actions. Even if an AI agent is compromised, it can't execute sensitive actions without explicit human approval.\n\nHere's a diagram that illustrates the flow:\n\n\n\n\nLet's break down what's happening in the diagram:\n\n1. The AI Agent needs to perform a sensitive action (e.g., \"Buy Stock\").\n2. It sends an authorization request to the Authorization Server, specifying the action it wants to perform.\n3. The Authorization Server notifies the user (e.g., via push notification, email, or SMS) and prompts them to approve or deny the request.\n4. The user reviews the request and makes a decision.\n5. The Authorization Server informs the AI Agent of the user's decision.\n6. The AI Agent executes the action *only if* authorization is granted.\n\n## Enter CIBA: A Standard for Asynchronous Authorization\n\nNow, you might be thinking, \"This sounds great, but how do I actually implement this?\" That's where CIBA (Client Initiated Backchannel Authentication) comes in.\n\nCIBA is [a standardized protocol for asynchronous authorization](https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0.html). It provides a secure and interoperable way for AI agents to request authorization from users without relying on traditional browser-based redirects.\n\nThink of CIBA as a common language that AI agents and authorization servers can use to communicate securely and efficiently. It offers several key features:\n\n* **Backchannel Communication:** The AI agent and the authorization server communicate directly using secure API calls. This eliminates the need for browser redirects, which can be clunky and insecure.\n* **User Device Notification:** The authorization server can notify the user on any device (e.g., smartphone, tablet, desktop) using push notifications, SMS, or other channels.\n* **Standardized Protocol:** CIBA is a well-defined standard that ensures interoperability between different AI agents and authorization servers. This means you can use a CIBA-compliant AI agent with any CIBA-compliant authorization server without having to worry about compatibility issues.\n\nFor more information, please refer to the [CIBA flow and how to get started with Auth0 and CIBA documentation](https://auth0.com/docs/get-started/authentication-and-authorization-flow/client-initiated-backchannel-authentication-flow).\n\n## AI Agent Example with CIBA in JavaScript\n\nLet's look at a simple JavaScript example to see how an AI agent can use CIBA to request authorization for an action. This is a simplified example, but it illustrates the core concepts.\n\n\u003e **Note:** This example assumes you have a CIBA-compliant authorization server. For a streamlined experience, consider using [Auth for GenAI](https://a0.to/ai-content), which provides the platforms and SDKs you need to build AI agents that implement asynchronous user confirmation.\n\n\n```js\nimport { Auth0AI, Auth0State } from \"@auth0/ai-langchain\";\n\n// Instantiate Auth0AI\nconst auth0AI = new Auth0AI();\n\n/**\n * Configures the CIBA flow with Auth0 AI.\n */\nconst ciba = auth0AI.withCIBA({\n audience: process.env[\"AUDIENCE\"],\n config: {\n onResumeInvoke: \"conditional-tool-call-example\",\n scheduler: async (input) =\u003e {\n // Custom scheduler\n await SchedulerClient().schedule(input.cibaGraphId, { input });\n },\n },\n});\n\n// Define the state annotation\nconst StateAnnotation = Annotation.Root({\n ...MessagesAnnotation.spec,\n ...Auth0State.spec,\n data: Annotation\u003cToolCallExampleType\u003e(),\n});\n\n// Define a new State Grapth with CIBA protection\nconst stateGraph = ciba.registerNodes(\n new StateGraph(StateAnnotation)\n .addNode(\"checkCondition\", checkCondition)\n .addNode(\"notifyUser\", notifyUser)\n .addNode(\"stopScheduler\", stopScheduler)\n .addNode(\n \"tools\",\n new ToolNode([\n ciba.protectTool(tradeTool, {\n onApproveGoTo: \"tools\",\n onRejectGoTo: \"stopScheduler\",\n scope: \"example:trade\",\n binding_message: async (_) =\u003e {\n return `Do you want to call example? ${_.toolProperty}`;\n },\n }),\n ])\n )\n .addEdge(START, \"checkCondition\")\n .addEdge(\"tools\", \"stopScheduler\")\n .addEdge(\"stopScheduler\", \"notifyUser\")\n .addConditionalEdges(\"checkCondition\", ciba.withAuth(shouldContinue))\n);\n\nconst checkpointer = new MemorySaver();\nconst store = new InMemoryStore();\n\n// Compile the graph\nexport const graph = stateGraph.compile({\n checkpointer,\n store,\n});\n```\n\nLet's walk through the code:\n\n1. First, we instantiate `Auth0AI` and the configurations for the CIBA flow.\n2. Then we define the state annotations for the graph with all the annotations required for the Graph, plus the CIBA flow-specific annotations.\n3. To build the Graph we must wrap the StateGraph with the `ciba.registerNodes`, this will enable the CIBA functionality on the given graph.\n4. In the graph we define multiple nodes, each node would represent a step or tool in the graph, but we also add a special `ToolNode` that we protect with CIBA through the `protectTool` method.\n * This method expects the nodes in the graph to jump to when the request is approved by the user, or rejected by the user, as well as the scope required for the approval and the binding message.\n\nIn further blog posts, we will share full code samples and step-by-step guidance on how to implement Async Confirmation for users in complex workflow scenarios using LangGraph and other frameworks.\n\n## Conclusion\n\nAs AI agents become more prevalent, it's crucial to ensure that they operate responsibly and ethically. Asynchronous user authorization, powered by standards like CIBA, provides a powerful mechanism for keeping humans in the loop without sacrificing the efficiency and autonomy of AI systems.\n\nBy embracing asynchronous authorization, we can build AI systems that are both powerful and responsible, ensuring that humans remain in control where it matters most. Let's work together to create a future where AI augments our abilities and empowers us to make better decisions.\n\nAnd be sure to check out [Auth for GenAI](https://a0.to/ai-content) to learn more about authentication and authorization for AI applications, including features like async user confirmation, fine-grained access control, async authentication, and calling APIs on the user’s behalf.\n\nThe future of AI is in our hands; let’s build it responsibly.\n\nThanks for reading!","dateCreated":"2025-03-04T14:59","dateLastUpdated":null,"readTime":7,"formattedDate":"Mar 4, 2025"},{"title":"February 2025 Updates: What's New in Auth0","path":"february-2025-updates-whats-new-in-auth0","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/66sxu2kJhij3CIkF37IvOY/e236f2da7178f160d5b1c03b324729de/Auth0__Monthly_Updates_-_Option_3.png","size":{"width":600,"height":456}},"description":"Discover the latest releases, updates, events, and all things developer-related from Auth0!","category":["Announcements","Company News","Updates"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"4F5DXBIe41JDDai76rIANY","type":"Entry","createdAt":"2021-03-22T08:17:43.875Z","updatedAt":"2025-03-21T20:59:43.388Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":41,"revision":8,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"ana-cidre","name":"Ana Cidre","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"60h9rZ48wjcIn8slwKNNau","type":"Asset","createdAt":"2024-08-22T20:24:57.059Z","updatedAt":"2024-08-22T20:24:57.059Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"ana-cidre","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/60h9rZ48wjcIn8slwKNNau/0fd0b3c26e980dc3ef610c00a72d586a/ana-cidre.png","details":{"size":355082,"image":{"width":512,"height":512}},"fileName":"ana-cidre.png","contentType":"image/png"}}},"lastUpdatedBy":"Robertino Calcaterra","email":"ana.cidre@okta.com","twitter":null,"github":null,"linkedin":"https://www.linkedin.com/in/ana-cidre","isPopular":null,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Sr Manager, Developer Advocacy","description":"Ana Cidre is a passionate advocate for the developer community and leads the Developer Advocacy team at Auth0. She's committed to fostering a more inclusive and diverse tech world, drawing on her technical background and strategic vision to improve developer experiences and build meaningful connections.\n\n\u003cbr\u003e\n\nAs the founder of GalsTech, an initiative supporting women in tech in Galicia, and through her active efforts to create welcoming spaces for underrepresented groups, Ana's dedication to diversity and inclusion extends beyond her daily work.\n\n\u003cbr\u003e\n\nAna has a proven track record of building global Developer Relations teams, cultivating active developer communities, and crafting impactful educational content. She maintains a strong connection to the community through speaking engagements and direct interaction with developers."}}],"tags":["auth0","security","identity"],"postContent":"In the ever-evolving world of application development, managing identity is no small feat. But with the right tools, you can streamline your security and user management like never before. In this recap, we’ll dive into the latest updates from Auth0, showcasing how we’re enhancing your development experience with new features, integrations, and updates that bring both simplicity and power to the forefront.\n\nLet’s explore the key updates you’ll want to know about and see how they can help you streamline your identity management, bolster security, and deliver more powerful, user-centric applications.\n\n## Updates You Don’t Want to Miss\n\n\n\n### Next.js SDK v4 (GA) Released\n\nIf you’re a **Next.js** developer, this update will significantly enhance your workflow. With **Next.js SDK v4**, now fully compatible with **Next.js 15** and **React 19**, you can take advantage of cutting-edge features like:\n\n* **Middleware-Based Authentication**: A streamlined approach that makes authentication management easier and reduces maintenance.\n* **Improved Security**: Encrypted cookies replace outdated logic, bringing your app's security up to date.\n* **Better Session Management**: Features like rolling sessions and custom database support ensure a smoother user experience.\n\n\u003e This update is designed to help you take full advantage of the latest web development advancements without sacrificing security or performance.\n\n### Advanced Customizations for Universal Login (Early Access)\n\nFor customers who want to take their Universal Login experience to the next level, we’ve launched Advanced Customizations for Universal Login (ACUL) in Early Access. ACUL enables you to create fully custom, client-rendered versions of each Universal Login screen. With ACUL, you get full control over every pixel of the login and signup screens.\n\nSupported flows include Single Step Signup/Login, ID First Signup/Login with various authentication methods (password, passwordless, passkeys, etc.), and more.\n\nThis is just the beginning, with more features and a new configuration UI coming in the months ahead. [Check out the online documentation](https://auth0.com/docs/customize/login-pages/advanced-customizations) for all the details, and start building today!\n\n### Okta Universal Logout Integration Now Supported in Auth0\n\nFor teams using **Okta** to manage their workforce identity, we’re rolling out [Universal Logout](https://auth0.com/blog/okta-universal-logout-integration-now-supported-in-auth0/) integration with Auth0. This update means you no longer need to build a global token revocation endpoint. Instead, when Okta detects a change in risk, it will automatically revoke sessions and refresh tokens.\n\n\u003e It’s a simple **integration** with minimal configuration, but the **security** benefits are huge, making it easier for you to ensure your applications are always up-to-date and protected.\n\n### Custom Token Exchange – Early Access\n\nWe’re thrilled to announce[ Custom Token Exchange](https://auth0.com/docs/custom-token-exchange-early-access) in Early Access. This OAuth grant-type feature allows you to exchange security tokens for other tokens, such as access tokens and offers flexibility using Actions for custom logic.\n\nThis new feature enables advanced use cases like:\n\n* Migrating users to Auth0\n* Integrating external IDPs\n* Exchanging Auth0 tokens for different audiences\n\n\u003e **Custom Token Exchange** provides the flexibility you need to handle sophisticated integrations where regular federation and OIDC flows aren’t feasible.\n\n### More cool features we have shipped to improve your experience: \n\n- **Optimised TOTP Enrollment for Mobile Devices:** We’ve made the process of enrolling in TOTP (Time-Based One-Time Password) on mobile devices more intuitive. Check out [**Auth0 Temporary OTP**](https://auth0.com/docs/secure/multi-factor-authentication/auth0-guardian#temporary-one-time-passwords) for more details!\n\n- **Email OTP Verification – Email OTP(One Time Password) Verification:** is now Generally Available (GA), providing an additional layer of security during signup and password reset. This feature requires **Universal Login** and can be enabled by changing the **Verification Method** from Verification Link to OTP in your connection settings.\n\n- **Usage Metrics Dashboard for Auth0 FGA:** We’re introducing the **Usage Metrics Dashboard** for **Auth0 Fine-Grained Authorization (FGA)**. This new tool gives teams deep visibility into their authorization usage, enabling more efficient monitoring and management of monthly active users, total number of tuples, and monthly average requests per second.\n\n- **New Private Cloud Region in India:** We’ve expanded our Private Cloud availability by adding a new region in Hyderabad. This follows the Mumbai AWS region in India, providing additional flexibility, reduced latency, and improved data residency options for Auth0 customers in the region.\n\n### Deprecations\n\n**Node.js 12 and 16 Extensibility Runtimes Deprecation:** We’re phasing out the Node.js 12 and 16 runtimes for extensibility integrations, such as Actions, Rules, Hooks, Custom Database Connections, and Custom Social Connections. If you’re using these runtimes, we strongly recommend migrating to Node.js 22, which is our recommended runtime for all new and existing extensibility integrations.\n\n**Unwarranted Session Removal After User Updates (Deprecated):** In a bid to improve the user experience, we’ve deprecated the automatic invalidation of user sessions when performing database connection user updates with unchanged email or `email_verified` attributes. This change will ensure that the session invalidation behavior aligns more closely with the email verification flows. \n\n## Community and Events\n\n### Partnering with LangChain and LlamaIndex\n\nAs Generative AI (GenAI) applications become more powerful, securing these systems becomes essential. The \"[Auth for GenAI](https://auth0.com/blog/auth-for-genai/)\" initiative is here to help developers integrate strong authentication and authorization into their GenAI applications, ensuring sensitive data is protected when interacting with external APIs and data sources.\n\nWe’re thrilled to announce our partnerships with [LangChain](https://auth0.com/blog/building-a-secure-rag-with-python-langchain-and-openfga/) and [LlamaIndex](https://auth0.com/blog/genai-llamaindex-js-fga/)—two leading frameworks in the GenAI space. Together, we’re demonstrating how Auth0 can seamlessly integrate with these tools to secure your AI applications.\n\nKey aspects of our collaboration include:\n\n* **Framework-Specific SDKs** to simplify the integration of Auth0’s authentication and authorization solutions.\n* **Informative Developer Content** that offers best practices, guides, and examples for secure GenAI app development.\n* **Fine-Grained Access Control** using **Auth0 FGA (Fine-Grained Authorization)**, which ensures that AI applications can securely access external data sources and APIs.\n\nThis partnership is a great step toward building secure, scalable, and compliant AI applications. We’re excited to collaborate with **LangChain** and **LlamaIndex**, and provide developers with the tools and resources they need to build the next generation of secure AI-powered systems.\n\n\u003e Together, we’re building the future of secure **Generative AI**. Let’s innovate and secure the AI applications of tomorrow!\n\n* [Building a Secure RAG with Python, LangChain, and OpenFGA](https://auth0.com/blog/building-a-secure-rag-with-python-langchain-and-openfga/)\n* [Build a Secure RAG Agent Using LlamaIndex and Okta FGA on Node.js](https://auth0.com/blog/genai-llamaindex-js-fga/)\n\n### Events\n\nAt Auth0, we’re passionate about engaging with the developer community and sharing insights at events worldwide. Whether we’re speaking at conferences, hosting workshops, or simply connecting with like-minded developers, we’re excited to be part of the conversations shaping the future of identity and security. Here’s a look at where we’ve been recently and where you can catch us next!\n\n#### Where Were We?\n\nIn the past few weeks, we’ve had the privilege of attending some amazing events and meeting incredible developers:\n\n* [JFokus](https://www.jfokus.se/talks/1839) – February 3-6\n* [Developer Week](https://www.developerweek.com/) – February 11-13\n* [DevWorld Amsterdam](https://devworldconference.com/) – February 27-28\n\n\n\nIt’s been a blast connecting with the community, and if you joined us at any of these events, we hope you had a chance to chat with the team and explore what’s new with Auth0.\n\nLooking ahead, we’ve got a busy schedule and can’t wait to meet more of you at these upcoming events:\n\n* [All Things Open AI](https://allthingsopen.ai/) – March 17-18\n* [Tech.eu Summit](https://tech.eu/event/2025/summit-london/) – March 25-26\n\nMake sure to swing by our booth if you’ll be at any of these events, we’d love to talk all things identity, security, and the future of AI-powered applications!\n\nThat’s all for this month! We’re committed to keeping you updated with the latest and greatest features to help you build secure, scalable applications. Stay tuned for more in March!\n","dateCreated":"2025-03-03T15:00","dateLastUpdated":null,"readTime":7,"formattedDate":"Mar 3, 2025"},{"title":"Authentication, Authorization, and Accounting For Developers","path":"authentication-authorization-and-accounting-for-developers","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/6fjXeiKm0cnBhKSstu382A/6e93da722d4f0bca241ff54b6f3f93bb/auth0-hero-announcement.jpg","size":{"width":1176,"height":1156}},"description":"AAA (Authentication, Authorization, Accounting) helps developers secure web apps by verifying users, controlling access, and tracking actions.","category":["Business","Industry","AAA"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"6nc2ZBdGPm0a4S2GkXSEf4","type":"Entry","createdAt":"2021-03-22T08:18:24.514Z","updatedAt":"2023-11-01T17:44:05.194Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":8,"revision":3,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"dan-arias","name":"Dan Arias","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"6WmRCtZz0eDp6KE7pw8cJ3","type":"Asset","createdAt":"2021-03-22T08:29:52.872Z","updatedAt":"2021-03-22T08:29:52.872Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"37590801?s=460\u0026v=4","description":"37590801?s=460\u0026v=4 avatar","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/6WmRCtZz0eDp6KE7pw8cJ3/7329ebb6302316cab8f55705100abab5/37590801_s_460_v_4","details":{"size":10772,"image":{"width":298,"height":298}},"fileName":"37590801?s=460\u0026v=4","contentType":"image/jpeg"}}},"lastUpdatedBy":"robertino.calcaterra@auth0.com","email":"dan.arias@okta.com","twitter":"http://twitter.com/getDanArias","github":null,"linkedin":null,"isPopular":true,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Staff Developer Advocate","description":"Howdy! 🤠 I do technology research at Auth0 with a focus on security and identity and develop apps to showcase the advantages or pitfalls of such technology. I also contribute to the development of our SDKs, documentation, and design systems, such as \u003ca target='_blank' rel='noopener noreferrer' href='https://github.com/auth0/cosmos'\u003e\u003cstrong\u003eCosmos\u003c/strong\u003e\u003c/a\u003e.\u003cbr /\u003e\u003cbr /\u003eThe majority of my engineering work revolves around AWS, React, and Node, but my research and content development involves a wide range of topics such as Golang, performance, and cryptography. Additionally, I am one of the core maintainers of this blog. Running a blog at scale with \u003cstrong\u003eover 600,000 unique visitors per month\u003c/strong\u003e is quite challenging!\u003cbr /\u003e\u003cbr /\u003eI was an Auth0 customer before I became an employee, and I've always loved how much easier it is to implement authentication with Auth0. Curious to try it out? \u003ca href='https://auth0.com/signup' data-amp-replace='CLIENT_ID' data-amp-addparams='anonId=CLIENT_ID(cid-scope-cookie-fallback-name)'\u003e\u003cstrong\u003eSign up for a free account\u003c/strong\u003e\u003c/a\u003e ⚡️."}}],"tags":["aaa","authentication","authorization","identity"],"postContent":"Historically, the AAA framework (Authentication, authorization, and accounting) has been deeply tied to network security, particularly in the context of remote access, VPNs, and network devices. However, AAA is a conceptual framework and not a protocol itself, allowing us to apply it anywhere identity and access matter. Instead of a VPN gateway, you’re securing a web application. Instead of a network admin, it’s a customer buying shoes online. The scale gets bigger, the users are external, and the focus shifts toward balancing security and usability, but the AAA principles still fit to help us build robust, secure, and maintainable user-facing applications.\n\nFor developers, considering AAA in your design decisions means not only verifying who your users are (Authentication) but also controlling what they can do (Authorization) and tracking their actions for auditing and analytics (Accounting). This holistic approach minimizes security risks, enhances user experience, and simplifies compliance.\n\n## A Framework to Measure Identity Platforms\n\nA good identity platform gives you features out of the box that tackle each component of the AAA triad, transforming a simple login system into a comprehensive identity management system that meets your security and compliance requirements. User data is one of the most precious and valuable assets we handle as developers. As such, when we make the decision to delegate creating and handling the identity of our users to a third-party vendor, we need to ensure that we are getting better security, scalability, and user-centric experience than what we could build ourselves. The AAA framework is a helpful tool to assess whether an Identity-as-a-Service (IDaaS) vendor can help you build application systems that are resilient against threats, aligned with business requirements, and equipped for future growth.\n\nIn today’s competitive digital landscape, including identity and security as part of your MVP or existing product is a competitive advantage. A holistic approach to security is not just an option—it’s a necessity. However, not every player in the field can deliver the security the current security and threat landscape requires. Let’s dive into why Auth0 is a robust identity platform that meets the requirements of the AAA framework and why you should consider it as your identity solution of choice.\n\n## Authentication\n\nAuthentication is the process of verifying a user's identity before granting access to your application. It answers the question: **\"Who are you?\"**\n\n* [Seamless User Sign-Up and Login](https://auth0.com/docs/authenticate/login)\n * Auth0 offers multiple authentication methods, such as social logins, passwordless options, and multi-factor authentication (MFA). These features enable quick and secure identity verification.\n* [Personable User Experience](https://auth0.com/docs/customize)\n * With customizable interfaces, Auth0 reduces barriers during sign-up and login, ensuring that the verification process is both secure and user-friendly.\n* [Relevant User Journeys](https://auth0.com/docs/customize/forms)\n * Auth0 offers customization of the metadata you collect from users or creates a unique authentication journey that serves your business needs while still being secure.\n* [Uncompromised Internationalization and Localization](https://auth0.com/docs/customize/internationalization-and-localization)\n * Auth0 can handle different languages across the authentication experience, allowing you to connect authentically and accurately with millions of potential customers across the globe. Auth0 adapts to your users instead of forcing users to adapt to inflexible platforms.\n\n## Authorization\n\nAuthorization defines what actions or resources a user is allowed to access once they are authenticated. It answers the question: **\"What can you do?\"**\n\nAuth0 allows developers to implement flexible yet comprehensive authorization models that fit different threat models.\n\n* [Role-Based Access Control (RBAC)](https://auth0.com/blog/an-overview-of-commonly-used-access-control-paradigms/#Role-Based-Access-Control--RBAC-):\n * Auth0 allows you to set granular permissions by assigning roles to users. This ensures that users only access the features and data relevant to their privileges.\n* [Auth0 Actions](https://auth0.com/docs/manage-users/access-control/sample-use-cases-actions-with-authorization)\n * Actions are secure Node.js functions that allow you to modify or complement the outcome of the decision made by pre-configured authorization policies. Developers can use Auth0 Actions to[ handle more complicated cases](https://auth0.com/docs/manage-users/access-control/sample-use-cases-actions-with-authorization) than is possible with role-based access control (RBAC).\n* [Fine Grained Authorization](https://auth0.com/fine-grained-authorization)\n * Auth0 FGA delivers relationship-based access control ([ReBAC](https://auth0.com/blog/an-overview-of-commonly-used-access-control-paradigms/#Relationship-Based-Access-Control--ReBAC-)) designed for complex authorization needs, such as restricting resource edits to team leads. As a managed service, it scales to handle millions of permission checks per second with minimal latency, eliminating the need to build and maintain custom solutions.\n\n## Accounting\n\nAccounting, also known as auditing, involves tracking and logging user activities within your application. It answers the question: **\"What did you do?\"**\n\n* [Detailed Logging](https://auth0.com/docs/deploy-monitor/logs)\n * Auth0 maintains a comprehensive audit trail of authentication and authorization events. This detailed logging is essential for monitoring user behavior and identifying potential security incidents.\n* [Usage Analytics](https://auth0.com/docs/get-started/auth0-overview/dashboard/activity)\n * The collected data helps analyze user interactions, optimize authentication flows, and ensure compliance with industry regulations. Accounting provides valuable insights into how your application is used.\n* [Log Streaming](https://auth0.com/docs/customize/log-streams)\n * Auth0's log streaming service allows you to export tenant log events to a log event analysis service URL, leveraging robust data services, such as DataDog, Splunk, and Amazon EventBridge, and allowing you to react to events like password changes or new registrations with your own business logic.\n\n## Bringing It All Together\n\nOverlaying the AAA framework on your Auth0-powered B2C or B2B solutions ensures:\n\n* **Enhanced Security:**\n * A multi-layered approach that not only verifies identities (Authentication) but also enforces precise access controls (Authorization) and continuously monitors user activities (Accounting).\n* **Improved User Experience:**\n * While users benefit from a smooth and secure sign-up process, the detailed authorization rules and accounting measures ensure that they access the right features with confidence.\n* **Operational Excellence:**\n * With robust logging and analytics, you can swiftly detect anomalies, refine your application, and maintain compliance with regulatory standards.\n\nIf you haven’t tried it already, [get started with Auth0 today](https://a0.to/get-started)!\n","dateCreated":"2025-02-28T19:51","dateLastUpdated":null,"readTime":5,"formattedDate":"Feb 28, 2025"},{"title":"Designing Apps for Growth: How a Layered Identity Solution Helps You Win","path":"designing-apps-for-growth-how-a-layered-identity-solution-helps-you-win","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/68cELKqU4g415QEgRMJyau/10926ee4b8234e7940ed353959c65db1/adaptive-mfa-hero","size":{"width":1176,"height":1056}},"description":"Innovative companies are reshaping CX with instant gratification, consistency, and hyper-personalization, raising consumer expectations and market standards.","category":["Business","Industry","Growth"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"5Cxo7BkkpLSAVnUALpZPZj","type":"Entry","createdAt":"2025-01-14T09:09:35.013Z","updatedAt":"2025-01-14T09:09:35.013Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":21,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"samantha-murphy","name":"Samantha Murphy","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"2oMV11FnSFARDSPLUf7u5Z","type":"Asset","createdAt":"2025-01-14T09:08:21.118Z","updatedAt":"2025-01-14T09:08:21.118Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"samantha-murphy","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/2oMV11FnSFARDSPLUf7u5Z/5855d45c57b8fab5122b6017545e6f3f/samantha-murphy.jpg","details":{"size":50351,"image":{"width":560,"height":560}},"fileName":"samantha-murphy.jpg","contentType":"image/jpeg"}}},"lastUpdatedBy":"Andrea Chiarelli","email":null,"twitter":null,"github":null,"linkedin":"https://www.linkedin.com/in/samantha-murphy","isPopular":false,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Principal Product Marketing Manager, Customer Identity","description":"Samantha Murphy is a Principal Product Marketing Manager for Okta. She leads the Customer Identity Security portfolio, driving go-to-market strategy, messaging, launches, and strategic growth initiatives. Before Okta, Sam spent over six years in product management roles in Identity and Access Management.\n\nShe holds a Bachelor of Commerce degree from Queen’s Smith School of Business and is from Ottawa, Canada.\n\nIn her free time, Sam makes the most of winter by playing an awesome ice skating sport called ringette."}}],"tags":["identity","auth0","security"],"postContent":"Innovative companies like streaming services and digital marketplaces are setting bold new Customer Experience (CX) standards, redefining consumer expectations around speed, convenience, and personalization. To accelerate and cement their market dominance, these CX powerhouses have raised the bar (and customer expectations) in three key ways:\n\n- **Instant gratification** \u0026mdash; in the form of instant access and seamless experiences such as one-click checkouts\n- **Consistency** \u0026mdash; interactions continue seamlessly across channels, devices, products and services\n- **Hyper-personalization** \u0026mdash; individualized experiences and recommendations based on preferences and behaviors\n\n## Better Experiences = Better Business\n\nThese new CX standards aren’t merely nice-to-haves that customers prefer––they are table-stakes requirements for any business hoping to build and maintain a competitive advantage. Today’s customers *expect* engaging experiences, convenient journeys, and secure digital platforms. Before they give you their business, they need to know that you’re able to cater to their unique needs, provide ease of use across multiple channels, and protect their data and sensitive information.\n\n\n\n## It All Starts With Identity\n\nMeeting these customer expectations begins with getting Customer Identity right. \n\nWhy? Because Identity orchestration is the backbone of everything — from security to a best-in-class CX.\n\n\u003e **Identity Orchestration** \u0026mdash; is the process of managing and integrating Identity-related functions such as authentication, authorization, security, privacy, and personalization across systems and channels.\n\n**Identity Orchestration** supports every critical aspect of the modern customer journey, from login to omnichannel navigation and continuous threat protection. **Modern Customer Identity** can strengthen security and fraud prevention while simultaneously creating seamless cross-channel continuity and personalized journeys that delight your customers. It also drives privacy by helping protect customer-sensitive data and enabling companies to progressively build customer profiles with consent. This in turn supports key marketing functions like loyalty activation and tracking, driving business growth.\n\n\u003e **In short: Getting the customer experience right begins with getting Customer Identity right**. But this is easier said than done.\n\n## Upgrade Identity, Unlock Customer Loyalty\n\nHere’s the ugly truth: Homegrown and legacy Identity solutions simply cannot support the modern CX and security standards that today’s customers demand.\n\nFor example, solely relying on legacy Identity methods like complex passwords, captchas, and rigid multifactor authentication (MFA) policies creates friction that undermines conversion. Identity-powered data-collection tools that burden customers with a million questions at sign-up have the same revenue-tanking effect.\n\nTo support customer loyalty and long-term growth, your business needs a modern Identity platform that streamlines experiences, enables personalized interactions, and strengthens security (without adding excessive friction).\n\nCompromising on any one of these points isn’t an option. Today’s competitive landscape requires an approach to Customer Identity that can hit every mark––quickly, efficiently, and continuously.\n\n## Auth0 Is the Answer\n\nAuth0 helps businesses of all types and sizes deliver convenient, trustworthy experiences that customers have come to expect. Designed for both simplicity and scalability, Auth0 empowers companies like yours to adopt a modern, developer-first approach to Customer Identity. In doing so, Auth0 enables your teams to leverage the full power of Identity across every aspect of the customer journey and deliver outcomes that support growth.\n\n\n\n## Layer 1: Secure Experiences\n\n\n\nAuth0 helps secure customer experiences across their entire journey \u0026mdash; before, at, and after login. To keep experiences streamlined, Auth0 leverages context to add additional layers of security when needed and reduce them when not needed. This enables the ideal combination of security and seamlessness.\n\n### Before Login\n\nSpotlight solutions:\n\n* **Bot Detection** \u0026mdash; Continuous, AI-powered monitoring for Identity threats that responds to bad bots in real time \n* **Breached Password Detection** \u0026mdash; Detect compromised credentials and block and notify users in real time to keep threat actors out\n* **SCIM** \u0026mdash; Streamlined user management that automates the provisioning and de-provisioning of user access for B2B SaaS applications\n\n\nRead more about this story [here](https://www.okta.com/customers/jersey-mikes/).\n\n### At Login\n\nSpotlight solutions:\n\n* **Universal Login** \u0026mdash; A customizable toolkit for building robust, branded authentication flows from a variety of login methods\n* **Passwordless** \u0026mdash; Convenient, secure sign-in using options including passkeys, email magic links, biometrics and One-Time-Passwords (OTPs).\n* **Attack Protection** \u0026mdash; helps prevent account takeover attacks with Brute Force Protection and Suspicious IP Throttling.\n* **Token Management** \u0026mdash; A secure framework for issuing, validating, and renewing JSON Web Tokens (JWTs) that streamline API access while protecting sensitive data during transmission\n* **Progressive Profiling** \u0026mdash; An easy way to gather customer data over time as they engage with your brand (as opposed to flooding them with questions at sign-up or login and scaring them away)\n* **Organizations** \u0026mdash; Enterprise-grade, secure, scalable, branded multi-tenant authentication for your B2B SaaS applications\n\n\nRead more about this story [here](https://www.okta.com/customers/moneyfarm/).\n\n\nRead more about this story [here](https://www.okta.com/customers/cinepolis/).\n\n### After Login\n\nSpotlight solutions:\n\n* **Auth0 Fine-Grained Authorization** \u0026mdash; A simpler way to programmatically define authorization and access at scale across applications\n* **Highly Regulated Identity** \u0026mdash; Powerful protections for highly sensitive information that trigger Strong Customer Authentication (SCA) when necessary\n* **Client Initiated Backchannel Authentication** \u0026mdash; Secure and streamlined user authentication for call center, in-person, and online interactions\n* **Continuous Session Protection** \u0026mdash; A unified way to monitor and manage user sessions, including the prevention of session hijacking and the revocation of suspicious sessions\n* **Universal Logout** \u0026mdash; Terminate users’ sessions when integrated threat monitoring tools identify a change in risk\n\n\nRead more about this story [here](https://www.okta.com/customers/cribl/).\n\n## Layer 2: Orchestration\n\n\n\nYour business is one of a kind, and this is evident in the uniqueness of your security needs and CX strategy. \n\nAuth0 puts customization at the core of your company’s security and CX with a range of offerings that your development teams can leverage to build better products––faster. Low- and no-code tools help developers build and optimize authentication flows faster, while pro-code options enable last-mile customizations tailored to your business’s unique needs. \n\n### Developer Tooling\n\nSpotlight solutions:\n\n* **SDKs and Quickstarts** \u0026mdash; With a few lines of code, your teams can easily integrate Auth0 with any app written in any language and any framework \n* **Automated deployment** \u0026mdash; Manage Auth0 tenant configuration integrated with your existing CI/CD pipeline using Auth0 Deploy CLI or Terraform provider\n\n\nRead more about this story [here](https://www.okta.com/customers/signify/).\n\n### Custom authentication flows\n\nSpotlight solutions:\n\n* **Actions** \u0026mdash; Empower developers with a drag-and-drop interface and flexible code environment that enables them to customize and extend Identity experiences—no-code for speed, pro-code for precision\n* **Forms** \u0026mdash; A no-code visual editor for orchestrating, customizing, and securing sign-up and login flows\n\n\nRead more about this story [here](https://www.okta.com/customers/submittable/).\n\n### Security operations\n\nSpotlight solutions:\n\n* **Security Center** \u0026mdash; helps organizations detect and respond to attacks faster and fine-tune their security posture with intelligent insights and custom threshold alerting for Identity-related events, anomalies, and general efficacy.\n* **Log Streaming** \u0026mdash; further supports faster event response by allowing the streaming of relevant Auth0 activity to third-party SIEM tooling.\n\n\n\n## Layer 3: Extensibility\n\n\n\nAs your business evolves, your identity solution should seamlessly connect with your changing tech and security stack—it's crucial for long-term success. \n\nAuth0 is built on the principle of extensibility. By connecting every part of your technology and security ecosystem, Auth0 enables continuous strength of security while also supporting changing customer experience functions across all channels.\n\n### Marketplace Integrations\n\nQuickly find and add low-maintenance, no-code integrations with applications and APIs. Using an intuitive drag-and-drop interface, it easily addresses a variety of Identity use cases such as Identity verification/proofing, fraud prevention, log streaming, data platforms, and consent management.\n\n\n\n## The Auth0 Difference\n\nBest-in-class businesses adopt modern, developer-first Customer Identity. With Auth0, your development teams get pre-built tools—SDKs, APIs, customizable UI components, and security integrations—that can be activated instantly and extended as needed. This approach enables businesses to:\n\n* Secure every step of the customer journey without adding friction\n* Automate and orchestrate Identity flows to accelerate time to market\n* Empower developers to integrate Identity their way, providing scalability and future-proofing\n\nThat’s exactly what the Auth0 Platform delivers to thousands of businesses worldwide—powering **10+ billion** authentications every month. Yes, that’s** billion with a B! **\n\nReady to build seamless, secure identity experiences? [Let’s talk](https://auth0.com/contact-us). Want to learn more about why companies like yours choose Auth0? Check out our [ebook](https://auth0.com/resources/ebooks/why-auth0-by-okta).\n","dateCreated":"2025-02-25T19:57","dateLastUpdated":null,"readTime":7,"formattedDate":"Feb 25, 2025"},{"title":"Knowledge Belongs to You: Introducing the New Okta Learning Experience","path":"introducing-the-new-okta-learning-experience","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/2P32POkRTFgvghmGvamiKz/75d0bb1ffc213f67be6b831d091b0f20/okta-learning-hero.jpg","size":{"width":1176,"height":1156}},"description":"New skills unlocked with Okta Learning!","category":["Business","Enterprise","Okta"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"3WpL5GTyaaAoNyDi3EY91o","type":"Entry","createdAt":"2025-02-05T20:18:13.276Z","updatedAt":"2025-02-05T20:18:13.276Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":10,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"sara-kazemi","name":"Sara Kazemi","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"ryR40muWvp5wJTPlC95rK","type":"Asset","createdAt":"2025-02-05T20:14:52.831Z","updatedAt":"2025-02-05T20:14:52.831Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"sara-kazemi","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/ryR40muWvp5wJTPlC95rK/b7aaf0a513ada462770a5c7319666eba/sara-kazemi.png","details":{"size":215565,"image":{"width":600,"height":600}},"fileName":"sara-kazemi.png","contentType":"image/png"}}},"lastUpdatedBy":"Robertino Calcaterra","email":"sara.kazemi@okta.com","twitter":null,"github":null,"linkedin":null,"isPopular":false,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Senior Technical Curriculum Developer - Expert Acceleration","description":"As a former computer science educator and software engineer, I joined Okta in 2021 to combine these skills to create engaging, accessible learning experiences for devs."}}],"tags":["okta","learning"],"postContent":"We're excited to introduce [Okta Learning](https://learning.okta.com/), our new learning experience designed to help you level up your identity and access management (IAM) superpowers. With Okta Learning, you can develop new skills and earn valuable certifications that can help advance your career. Whether you're a seasoned developer or just getting started, Okta Learning offers self-paced, tailored learning paths and plans to help you master the tools and technologies you need to succeed in the world of digital identity.\n\n## Personalized Learning Paths for Every Developer\n\nWe know that every developer has unique learning needs. That’s why we’ve built custom [learning paths](https://learning.okta.com/page/courses-all#swimlane-learningpaths) based on the specific skills you want to learn. Whether you're interested in leveraging Auth0 APIs and SDKs, integrating authentication protocols, or learning how to implement security best practices, you can choose the path that aligns with your personal learning goals.\n\n\n\n## Goal-Oriented Learning Plans\n\nIf you're working toward a specific objective—like earning your [Okta Developer - Customer Identity Cloud Certification](https://certification.okta.com/okta-developer-cic-certification-exam)—our [learning plans](https://learning.okta.com/page/development) are designed to guide you through a curated set of activities to support you through your learning journey. These plans provide a clear, structured roadmap so you can stay on track and feel confident in your preparation.\n\n\n\n## Hands-On Coding Labs and Interactive Learning\n\nWe believe in learning by doing. That's why we’ve included interactive activities and [hands-on coding labs](https://learning.okta.com/page/courses-all#delivery-method_hands-on-lab) that allow you to apply what you've learned in a real-world context. From working with Auth0 SDKs to creating custom identity flows you'll gain practical experience to help you build better, more secure applications that fit your requirements.\n\n\n\n## Earn Badges to Showcase Your Skills\n\nTo recognize your progress and achievements, we’ve introduced skills-based badging assessments. Successfully pass an assessment, and you'll earn a badge that showcases the skill you've gained—whether it's a foundational understanding of digital identity or an advanced feature of Auth0. [These badges](https://learning.okta.com/page/skill-badges) serve as both a personal accomplishment and a tangible way to demonstrate your expertise to peers, employers, and the broader tech community.\n\n\n\n## Start Your Learning Journey Today\n\nWith Okta Learning, you can take ownership of your own learning journey at your own pace. Whether you’re just starting out in the digital identity space or working towards career advancement, Okta Learning has a path for you.\n\nGet started today and unlock your potential with [Okta Learning](https://learning.okta.com/)!","dateCreated":"2025-02-24T16:59","dateLastUpdated":null,"readTime":3,"formattedDate":"Feb 24, 2025"},{"title":"Authentication and Authorization For Developers Who Build at Global Scale","path":"authorization-authentication-developers-global-scale","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/6fjXeiKm0cnBhKSstu382A/6e93da722d4f0bca241ff54b6f3f93bb/auth0-hero-announcement.jpg","size":{"width":1176,"height":1156}},"description":"For developers tasked with building global applications, choosing the right authentication solution is crucial. Auth0's ability to bridge the gap between enterprise and consumer needs makes it a standout choice in the crowded authentication landscape.","category":["Developers","Product"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"6nc2ZBdGPm0a4S2GkXSEf4","type":"Entry","createdAt":"2021-03-22T08:18:24.514Z","updatedAt":"2023-11-01T17:44:05.194Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":8,"revision":3,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"dan-arias","name":"Dan Arias","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"6WmRCtZz0eDp6KE7pw8cJ3","type":"Asset","createdAt":"2021-03-22T08:29:52.872Z","updatedAt":"2021-03-22T08:29:52.872Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"37590801?s=460\u0026v=4","description":"37590801?s=460\u0026v=4 avatar","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/6WmRCtZz0eDp6KE7pw8cJ3/7329ebb6302316cab8f55705100abab5/37590801_s_460_v_4","details":{"size":10772,"image":{"width":298,"height":298}},"fileName":"37590801?s=460\u0026v=4","contentType":"image/jpeg"}}},"lastUpdatedBy":"robertino.calcaterra@auth0.com","email":"dan.arias@okta.com","twitter":"http://twitter.com/getDanArias","github":null,"linkedin":null,"isPopular":true,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Staff Developer Advocate","description":"Howdy! 🤠 I do technology research at Auth0 with a focus on security and identity and develop apps to showcase the advantages or pitfalls of such technology. I also contribute to the development of our SDKs, documentation, and design systems, such as \u003ca target='_blank' rel='noopener noreferrer' href='https://github.com/auth0/cosmos'\u003e\u003cstrong\u003eCosmos\u003c/strong\u003e\u003c/a\u003e.\u003cbr /\u003e\u003cbr /\u003eThe majority of my engineering work revolves around AWS, React, and Node, but my research and content development involves a wide range of topics such as Golang, performance, and cryptography. Additionally, I am one of the core maintainers of this blog. Running a blog at scale with \u003cstrong\u003eover 600,000 unique visitors per month\u003c/strong\u003e is quite challenging!\u003cbr /\u003e\u003cbr /\u003eI was an Auth0 customer before I became an employee, and I've always loved how much easier it is to implement authentication with Auth0. Curious to try it out? \u003ca href='https://auth0.com/signup' data-amp-replace='CLIENT_ID' data-amp-addparams='anonId=CLIENT_ID(cid-scope-cookie-fallback-name)'\u003e\u003cstrong\u003eSign up for a free account\u003c/strong\u003e\u003c/a\u003e ⚡️."}}],"tags":["auth0","authentication","authorization","developer experience","idaas"],"postContent":"In today's multi-platform world, identity management isn't a one-size-fits-all solution. As developers, we need an authentication system that not only secures enterprise-level applications (B2B) but also delivers a seamless, user-friendly experience for consumer-facing products (B2C). That's why developers across the world turn to Auth0 when they feel it's time to delegate the task of building and maintaining ***authentication and authorization*** to a vendor with deep security expertise and adaptable technical capabilities. \n\n## The Challenge of Global Scale\n\nGlobal companies with multifaceted portfolios face a unique set of challenges:\n\n- **Multiple Platforms:** Users access their services via smartphones, PCs, consoles, and more.\n\n- **Diverse Regulatory Requirements:** Compliance with international data privacy and security regulations is non-negotiable.\n\n- **Customization Needs:** Every organization has its own unique workflows and integration requirements, such as compatibility with legacy authentication systems or [support for protocols like SCIM](https://auth0.com/docs/authenticate/protocols/scim).\n\nFor developers building at a global scale, the solution needs to be robust enough to handle high security and regulatory demands while remaining flexible for rapid development and global expansion.\n\n## Why Auth0 Stands Out\n\nAuth0's strength lies in its ability to effectively serve both B2B and B2C needs across geographical regions. Here's what makes it a compelling choice:\n\n### Dual capability\n\nAuth0 is built to handle both enterprise-grade integrations and consumer-friendly interfaces. While many competitors specialize in one or the other, Auth0 offers the best of both worlds.\n\n### Robust security\n\nWith advanced features like multi-factor authentication (MFA), threat detection, and continuous monitoring, Auth0 meets stringent global security standards—critical for protecting sensitive user data and adhering to mandatory compliance requirements. Don't let regulation get in the way of expansion.\n\n### Scalability\n\nWhether you're serving thousands or millions of users across different regions, Auth0 scales seamlessly. This is vital for companies that operate in a global marketplace.\n\n### Flexible customization\n\nAuth0 allows extensive customization through robust APIs that support multiple programming languages and frameworks. This flexibility means you can tailor the authentication process to meet your specific needs, ensuring a smooth user experience regardless of the platform. Whether you are building the next top-ranking mobile game, a desktop AI application, or a streaming service, Auth0 has a solution that adapts to the user experience you want to attract, convert, and retain paying customers.\n\n### Comprehensive support\n \nTransitioning to a new authentication system can be complex. Auth0's professional services and support ensure that even challenges like regulatory compliance or cloud infrastructure migrations (e.g., AWS) are managed efficiently.\n\n## Auth0 Is Ahead of the Competition\n\nWhile there are strong contenders in the IDaaS space, they often excel in more niche areas. A competitor may be a strong option for enterprise integrations but may require extra effort to tailor it for consumer-facing applications. Some competitor platforms often focus on streamlined, developer-friendly solutions for either simple consumer apps or internal enterprise tools. However, they might not offer the same depth of customization and B2B/B2C functionality required for complex global environments or operations.\n\nAuth0's proven track record in both B2B and B2C scenarios makes it uniquely suited for organizations that need a versatile, scalable, and secure authentication solution.\n\n## See Auth0 in Action\n\nSeeing is believing. Experience Auth0's power firsthand by diving into our developer resources. There, you can quickly set up secure authentication flows for both business and consumer scenarios.\n\n### Interactive demo\n \nTry out [our reference B2B SaaS application](https://saastart.app/) to experience features of multi-tenancy support, user management and access controls, security policies, self-service Single Sign-On configuration, and more out-of-the-box. Follow our [guided walkthrough](https://auth0.com/blog/speed-up-your-customer-identity-journey-with-auth0-saastart/) to see how easily Auth0 can secure B2B SaaS applications. If you prefer to learn while reading code, check out the [Auth0 B2B SaaS Starter open-source repo](https://github.com/auth0-developer-hub/auth0-b2b-saas-starter).\n\n### Step-by-step developer guides\n\nCheck out our [detailed developer guides](https://developer.auth0.com/resources/guides) on integrating strong authentication using Auth0 with different frameworks and languages. These guides will show you how to implement everything from simple login pages to role-based access control in Single-Page Applications (SPAs), APIs, and web applications. Once you are done with the basics, explore our [developer labs](https://developer.auth0.com/resources/labs) to learn how to extend your authentication solution to include features such as Single-Sign On (SSO) for end-users using Google, GitHub, or X/Twitter, as well as enhancing your authorization models with Fine-Grained Authorization.\n\n### Code samples\n\n[Clone any of our starter projects](https://developer.auth0.com/resources/code-samples) and see practical examples of how Auth0 streamlines the implementation of authentication and authorization. Experiment with the code, tweak it to suit your needs, and accelerate your development process.\n\n## Conclusion\n\nFor developers tasked with building global applications, choosing the right IDaaS solution is crucial. Auth0's ability to bridge the gap between enterprise and consumer needs—coupled with its robust security, scalability, and flexibility—makes it a standout choice in the crowded authentication landscape. \n\nIf you're developing a platform that must meet both B2B and B2C demands on a global scale, Auth0 is definitely worth a closer look. [Global companies like SEGA have chosen Auth0](https://www.okta.com/jp/press-room/press-releases/sega-auth0/) as a comprehensive and compliant yet flexible authentication solution that not only enhances security and user experience but also streamlines development and operational efficiency: by opting for a ready-to-use IDaaS solution rather than maintaining an in-house system, SEGA was able to lower development friction, allowing their teams to focus more on core game development and innovation.","dateCreated":"2025-02-21T15:56","dateLastUpdated":null,"readTime":5,"formattedDate":"Feb 21, 2025"},{"title":"OpenFGA for an Express + Typescript Node.js API","path":"express-typescript-fga","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/6zbsbi997n49Aod4Q6aHW8/ef0e630ca01255470dbee2ebdc5b41c1/FGA_V01_X4.jpg","size":{"width":1176,"height":1056}},"description":"How to add Fine-Grained Authorization (FGA) to an Express + Typescript API using the OpenFGA Javascript and Node.js SDK.","category":["Developers","Tutorial","FGA"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"Ig2u6hjCYoC21ZWAZhWs2","type":"Entry","createdAt":"2022-11-04T15:03:09.626Z","updatedAt":"2022-11-04T15:03:09.626Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":13,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"jimena-garbarino","name":"Jimena Garbarino","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"6n2KMotWFa7LndqNTfsakg","type":"Asset","createdAt":"2022-11-04T15:00:32.250Z","updatedAt":"2022-11-04T15:00:32.250Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"jimena-garbarino","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/6n2KMotWFa7LndqNTfsakg/146f8a5dfb3e6da804b9b0521899c5ae/jimena-garbarino.png","details":{"size":226750,"image":{"width":400,"height":400}},"fileName":"jimena-garbarino.png","contentType":"image/png"}}},"lastUpdatedBy":"robertino.calcaterra@auth0.com","email":null,"twitter":"https://twitter.com/indiepopart","github":"https://github.com/indiepopart","linkedin":null,"isPopular":false,"personalWebsite":null,"type":"Guest Author","jobTitle":"Spring Cloud Developer","description":"Jimena is an experienced result and value-oriented programmer with a strong engineering background. She excels with Ruby on Rails, Java, and Scrum development. She has worked in web development for 10+ years in many industries and has a master's degree in software engineering from Universidad de Buenos Aires."}}],"tags":["aws","fga","api","security"],"postContent":"OpenFGA is an open-source Relationship-Based Access Control (ReBAC) system designed by Okta for developers, and adopted by the Cloud Native Computing Foundation (CNCF). It offers scalability and flexibility, and it also supports the implementation of RBAC and ABAC authorization models, moving authorization logic outside application code, making it simpler to evolve authorization policies as complexity grows. In this guide, you will learn how to secure a Node.js API with Auth0 and integrate Fine-Grained Authorization (FGA) into document operations with OpenFGA.\n\n\u003e **This tutorial was created with the following tools and services**:\n\u003e - [Node 20.10.0](https://jdk.java.net/java-se-ri/21)\n\u003e - [Auth0 account](https://auth0.com/signup)\n\u003e - [Auth0 CLI 1.4.0](https://github.com/auth0/auth0-cli#installation)\n\u003e - [Docker 24.0.7](https://docs.docker.com/desktop/)\n\u003e - [FGA CLI v0.2.7](https://openfga.dev/docs/getting-started/install-sdk)\n\n\n## Add API Authorization\n\nAuth0 is an easy to implement, adaptable authentication and authorization platform, and you can implement authentication for any application in just minutes. With Auth0 CLI you can create access tokens and use them for identifying the user when making requests to the document API. Sign up at [Auth0](https://auth0.com/signup) and install the [Auth0 CLI](https://github.com/auth0/auth0-cli). Then in the command line run:\n\n```shell\nauth0 login\n```\n\nThe command output will display a device confirmation code and open a browser session to activate the device.\n\nYou don't need to create a client application at Auth0 for your API if not using opaque tokens. But you must register the API within your tenant, you can do it using Auth0 CLI:\n\n```shell\nauth0 apis create \\\n --name \"Document API\" \\\n --identifier https://document-api.okta.com \\\n --offline-access=false\n```\n\nLeave scopes empty and default values when prompted.\n\nCheckout the document API repository, which already implements basic request handling:\n\n```shell\ngit clone https://github.com/indiepopart/express-typescript-fga.git\n```\n\nThe repository contains two project folders, `start` and `final`. The bare bones document API is a Node.js project in the `start` folder, open it with your favorite IDE. Add the `express-oauth2-jwt-bearer` dependency:\n\n```shell\ncd express-typescript-fga/start\nnpm install express-oauth2-jwt-bearer\n```\n\nCreate the middleware for token validation in the file `src/middleware/auth0.middleware.ts`, with the following content:\n\n```typescript\n// src/middleware/auth0.middleware.ts\nimport * as dotenv from \"dotenv\";\nimport { auth } from \"express-oauth2-jwt-bearer\";\n\ndotenv.config();\n\nexport const validateAccessToken = auth({\n issuerBaseURL: `https://${process.env.AUTH0_DOMAIN}`,\n audience: process.env.AUTH0_AUDIENCE,\n});\n```\n\nCall `validateAccessToken` from the router, for example:\n\n```typescript\n// src/documents/document.router.ts\n...\ndocumentRouter.get(\"/\", validateAccessToken, async (req, res, next) =\u003e {\n try {\n const documents = await getAllDocuments();\n res.status(200).json(documents);\n } catch (error) {\n next(error);\n }\n});\n...\n```\n\nAdd error handling to `error.middleware.ts`, the final code should look like this:\n\n```typescript\nimport { Request, Response, NextFunction } from \"express\";\nimport {\n InvalidTokenError,\n UnauthorizedError,\n} from \"express-oauth2-jwt-bearer\";\n\nimport mongoose from \"mongoose\";\n\nexport const errorHandler = (\n error: any,\n request: Request,\n response: Response,\n next: NextFunction\n) =\u003e {\n console.log(error);\n\n if (error instanceof InvalidTokenError) {\n const message = \"Bad credentials\";\n\n response.status(error.status).json({ message });\n\n return;\n }\n\n if (error instanceof UnauthorizedError) {\n const message = \"Requires authentication\";\n\n response.status(error.status).json({ message });\n\n return;\n }\n\n if (error instanceof mongoose.Error.ValidationError) {\n const message = \"Bad Request\";\n\n response.status(400).json({ message });\n\n return;\n }\n\n if (error instanceof mongoose.Error.CastError) {\n console.log(\"handle ValidationError\");\n const message = \"Bad Request\";\n\n response.status(400).json({ message });\n\n return;\n }\n\n const status = 500;\n const message = \"Internal Server Error\";\n\n response.status(status).json({ message });\n};\n```\n\nCopy `.env.example` to `.env` and add the properties:\n\n```shell\nAUTH0_AUDIENCE=https://document-api.okta.com\nAUTH0_DOMAIN=\u003cyour-auth0-domain\u003e\n```\n\nRun the MongoDB database with:\n\n```shell\ndocker compose up mongodb mongo-express\n```\n\nRun the API with:\n\n```shell\nnpm install \u0026\u0026 npm run dev\n```\n\nObtain a test access token with Auth0 CLI:\n\n```shell\nauth0 test token -a https://document-api.okta.com -s openid\n```\nChoose an available `[Generic]` client when prompted. Set the access token in an environment var:\n\n```shell\nACCESS_TOKEN=\u003caccess-token\u003e\n```\n\nCreate a document with cURL:\n\n```shell\ncurl -i -X POST \\\n -H \"Authorization:Bearer $ACCESS_TOKEN\" \\\n -H \"Content-Type: application/json\" \\\n -d '{\"name\": \"planning.doc\"}' \\\n http://localhost:6060/api/documents\n```\n\nThe output should look like:\n\n```json\n{\n \"name\": \"planning.doc\",\n \"_id\": \"66feb9c1f106b84c28644d3e\",\n \"__v\": 0\n}\n```\n\nRetrieve all documents:\n\n```shell\ncurl -i -H \"Authorization: Bearer $ACCESS_TOKEN\" localhost:6060/api/documents\n```\n\nThe output should look like:\n\n```json\n[\n {\n \"_id\": \"66feb9c1f106b84c28644d3e\",\n \"name\": \"planning.doc\",\n \"__v\": 0\n }\n]\n```\n\nVerify access is denied if the access token is not present:\n\n```shell\ncurl -i localhost:6060/api/documents\n```\n\nThe response code should be `401 Unauthorized`.\n\n## Initialize an Authorization Model in OpenFGA\n\nAt a high level, an authorization model is defined by indicating user types, object types, and relationships between them. As we are not going to deep-dive on [ReBAC](https://openfga.dev/docs/authorization-concepts#what-is-relationship-based-access-control) in this guide, you can refer to OpenFGA documentation for learning about modeling concepts. Under the [Advanced use-cases](https://openfga.dev/docs/modeling/advanced) section in the doc, there is a simplified authorization model for a [Google Drive](https://openfga.dev/docs/modeling/advanced/gdrive) application ready to test. Prepare the model for import to the OpenFGA service, creating the file `auth-model.fga` in the directory `start/openfga`:\n\n```fga\nmodel\n schema 1.1\n\ntype user\n\ntype document\n relations\n define owner: [user, domain#member] or owner from parent\n define writer: [user, domain#member] or owner or writer from parent\n define commenter: [user, domain#member] or writer or commenter from parent\n define viewer: [user, user:*, domain#member] or commenter or viewer from parent\n define parent: [document]\n\ntype domain\n relations\n define member: [user]\n```\n\nFor saving the authorization model in an OpenFGA store, it must be transformed to JSON format with FGA CLI:\n\n```shell\nfga model transform --file=auth-model.fga \u003e auth-model.json\n```\n\nRun the OpenFGA service with:\n\n```shell\ndocker compose up openfga\n```\n\nCreate a store:\n\n ```shell\n export FGA_API_URL=http://localhost:8090\n fga store create --name \"documents-fga\"\n ```\n\n Set the store id in the output as an env var, and write the model:\n\n ```shell\n export FGA_STORE_ID=\u003cstore-id\u003e\n fga model write --store-id=${FGA_STORE_ID} --file auth-model.json\n ```\n\n Set the model ID in the output as an env var:\n\n ```shell\n export FGA_MODEL_ID=\u003cmodel-id\u003e\n ```\n\n## Add Fine-Grained Authorization (FGA) with OpenFGA\n\nFirst, add the following vars to the `.env` file:\n\n```shell\nFGA_API_URL=http://localhost:8090\nFGA_STORE_ID=\u003cstore-id\u003e\nFGA_MODEL_ID=\u003cmodel-id\u003e\n```\n\nCreate a middleware for permission checks using OpenFGA Node.js SDK. Install the dependency:\n\n```shell\nnpm install @openfga/sdk\n```\n\nAdd the file `src/middleware/openfga.middleware.ts`:\n\n```typescript\n// src/middleware/openfga.middleware.ts\nimport * as dotenv from \"dotenv\";\nimport { NextFunction, Request, Response } from \"express\";\nimport { ClientCheckRequest, OpenFgaClient } from \"@openfga/sdk\";\n\ndotenv.config();\n\nexport class PermissionDenied extends Error {\n constructor(message: string) {\n super(message);\n }\n}\n\nconst fgaClient = new OpenFgaClient({\n apiUrl: process.env.FGA_API_URL, // required\n storeId: process.env.FGA_STORE_ID, // not needed when calling `CreateStore` or `ListStores`\n authorizationModelId: process.env.FGA_MODEL_ID, // Optional, can be overridden per request\n});\n\nexport const forView = (req: Request): ClientCheckRequest =\u003e {\n const userId = req.auth?.payload.sub;\n const tuple = {\n user: `user:${userId}`,\n object: `document:${req.params.id}`,\n relation: \"viewer\",\n };\n return tuple;\n};\n\nexport const forUpdate = (req: Request): ClientCheckRequest =\u003e {\n const userId = req.auth?.payload.sub;\n const tuple = {\n user: `user:${userId}`,\n object: `document:${req.params.id}`,\n relation: \"writer\",\n };\n return tuple;\n};\n\nexport const forDelete = (req: Request): ClientCheckRequest =\u003e {\n const userId = req.auth?.payload.sub;\n const tuple = {\n user: `user:${userId}`,\n object: `document:${req.params.id}`,\n relation: \"owner\",\n };\n return tuple;\n};\n\nexport const forCreate = (req: Request): ClientCheckRequest | null =\u003e {\n const userId = req.auth?.payload.sub;\n const parentId = req.body.parentId;\n const tuple = parentId\n ? {\n user: `user:${userId}`,\n object: `document:${parentId}`,\n relation: \"writer\",\n }\n : null;\n return tuple;\n};\n\nexport const checkPermissions = (\n createTuple: (req: Request) =\u003e ClientCheckRequest | null\n) =\u003e {\n return async (req: Request, res: Response, next: NextFunction) =\u003e {\n try {\n const tuple = createTuple(req);\n\n console.log(\"tuple\", tuple);\n\n if (!tuple) {\n next();\n return;\n }\n const result = await fgaClient.check(tuple);\n\n if (!result.allowed) {\n next(new PermissionDenied(\"Permission denied\"));\n return;\n }\n\n next();\n } catch (error) {\n next(error);\n }\n };\n};\n```\n\nCall the middleware from the document router:\n\n```typescript\n// src/documents/document.router.ts\n\ndocumentRouter.post(\n \"/\",\n validateAccessToken,\n checkPermissions(forCreate),\n async (req, res, next) =\u003e {\n try {\n const document = await saveDocument(req.body);\n res.status(200).json(document);\n } catch (error) {\n next(error);\n }\n }\n);\n\ndocumentRouter.put(\n \"/:id\",\n validateAccessToken,\n checkPermissions(forUpdate),\n async (req, res, next) =\u003e {\n try {\n const document = await updateDocument(req.params.id, req.body);\n if (!document) {\n res.status(404).json({ message: \"Document not found\" });\n return;\n }\n res.status(200).json(document);\n } catch (error) {\n next(error);\n }\n }\n);\n\ndocumentRouter.delete(\n \"/:id\",\n validateAccessToken,\n checkPermissions(forDelete),\n async (req, res, next) =\u003e {\n try {\n const document = await deleteDocumentById(req.params.id);\n if (!document) {\n res.status(404).json({ message: \"Document not found\" });\n return;\n }\n res.status(200).send();\n } catch (error) {\n next(error);\n }\n }\n);\n\ndocumentRouter.get(\n \"/:id\",\n validateAccessToken,\n checkPermissions(forView),\n async (req, res, next) =\u003e {\n try {\n const document = await findDocumentById(req.params.id);\n if (!document) {\n res.status(404).json({ message: \"Document not found\" });\n return;\n }\n res.status(200).json(document);\n } catch (error) {\n next(error);\n }\n }\n```\n\nUpdate the error handling middleware:\n\n```typescript\n// src/middleware/error.middleware.ts\nif (error instanceof PermissionDenied) {\n const message = \"Permission denied\";\n\n response.status(403).json({ message });\n\n return;\n}\n```\n\n## Send Requests to the Express API\n\nRun the API and try a read operation:\n\n```shell\ncurl -i -H \"Authorization: Bearer $ACCESS_TOKEN\" localhost:6060/api/documents\n```\n\n```shell\ncurl -i -H \"Authorization: Bearer $ACCESS_TOKEN\" localhost:6060/api/documents/\u003cdocument-id\u003e\n```\n\nIt should fail with the following `403 Forbidden` response:\n\n```json\n{\n \"message\": \"Permission denied\"\n}\n```\n\nGo to https://jwt.io/ and decode the Auth0 access token, and copy the `sub` claim value to use it as UserIDº.\n\nThen grant read access to the document with FGA CLI:\n\n```shell\nfga tuple write --store-id=${FGA_STORE_ID} --model-id=$FGA_MODEL_ID 'user:\u003csub-claim\u003e' viewer document:\u003cdocument-id\u003e\n```\n\nYou can add other relationships for the user and document like `owner`, `writer`. Retry the read operation and it should succeed with `200 OK`.\n\n## Learn More about Node.js and Fine-Grained Authorization\n\nIn this post, you learned about OpenFGA integration to a Node.js API using the [OpenFGA Javascript and Node.js SDK](https://github.com/openfga/js-sdk). I hope you enjoyed this quick tutorial, and if you'd rather skip the step-by-step and prefer running a sample application, follow the [README](https://github.com/indiepopart/express-typescript-fga) instructions in the same repository.\n\nAlso, if you liked this post, you might enjoy these related posts:\n\n- [Secure Node.js Applications from Supply Chain Attacks](https://auth0.com/blog/secure-nodejs-applications-from-supply-chain-attacks/)\n- [Authorization in your Next.js application using Okta FGA](https://auth0.com/blog/fine-grained-access-control-with-okta-fga-nextjs/)\n\nCheck out the Javascript resources in our Developer Center:\n\n- [Express.js Code Samples: API Security in Action](https://developer.auth0.com/resources/code-samples/api/express)\n- [Express.js Code Sample: API Role-Based Access Control](https://developer.auth0.com/resources/code-samples/api/express/basic-role-based-access-control)\n- [Node (Express) API: Authorization](https://auth0.com/docs/quickstart/backend/nodejs)\n\nPlease follow us on Twitter [@oktadev](https://twitter.com/oktadev) and subscribe to our [YouTube channel](https://www.youtube.com/oktadev) for more Node.js and microservices knowledge.\n\nYou can also sign up for our [developer newsletter](https://a0.to/nl-signup/java) to stay updated on everything Identity and Security.","dateCreated":"2025-02-21T13:32","dateLastUpdated":null,"readTime":9,"formattedDate":"Feb 21, 2025"},{"title":"The Rise of AI Agents and the Security Challenges Ahead","path":"the-rise-of-ai-agents-and-the-security-challenges-ahead","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/79NCborGcFIrAMeaV7G8oi/f9c588c2d05f0828d447e72e1fe825cc/Latam01.jpg","size":{"width":1176,"height":1056}},"description":"How do leaders ensure their teams are able to build AI securely into their applications? Learn how Auth for GenAI is the answer.","category":["Business","Industry","AI"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"7kOZdcfZid5MJAJIYzwEyD","type":"Entry","createdAt":"2023-09-22T16:08:02.150Z","updatedAt":"2025-02-18T19:34:46.628Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":19,"revision":4,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"michelle-agroskin","name":"Michelle Agroskin","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"1mEXdnxrs8L5cU6ZJqseqa","type":"Asset","createdAt":"2023-10-17T12:56:55.937Z","updatedAt":"2023-10-17T12:56:55.937Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"Michelle Agroskin","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/1mEXdnxrs8L5cU6ZJqseqa/001a94671576aff7304ab09e31136639/Michelle_Agroskin.JPG","details":{"size":563670,"image":{"width":1781,"height":1781}},"fileName":"Michelle Agroskin.JPG","contentType":"image/jpeg"}}},"lastUpdatedBy":"Robertino Calcaterra","email":"michelle.agroskin@okta.com","twitter":null,"github":null,"linkedin":null,"isPopular":false,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Product Marketing Manager, Customer Identity Cloud","description":"Michelle Agroskin is a Product Marketing Manager for Okta. She leads the Customer Identity AI, Authorization, and Consumer portfolios, driving go-to-market strategy, messaging, launches, and strategic growth initiatives.\n\nShe lives in NYC and in her free time, loves to travel the world and try new restaurants!"}}],"tags":["ai","agents","security","organizations"],"postContent":"AI agents are already shaping how businesses operate. They answer customer service chats, generate reports, and even help developers write code. Some automate everyday tasks, while others are more advanced and capable of reasoning and making decisions on their own. Their potential is huge, but so is the risk.\n\nWhat happens when an AI Agent designed for password resets is manipulated into sharing credentials? Or is an AI Agent meant to help employees find relevant messages that accidentally expose the CEO's chat history? These are no longer far-fetched, hypothetical scenarios. Security flaws in AI agents will be exploited if they are not implemented correctly.\n\n## Potential Security Gaps With AI Agents\n\nThe more responsibility we give to AI Agents, the more critical it becomes to ensure they are secured. Traditional security approaches are built for static applications and human identities, not for autonomous systems. Particularly AI agents:\n\n* Expand the attack surface, introducing possibilities for new types of attacks.\n* Operate autonomously, meaning any security failures can scale quickly.\n* May require access to user data, APIs, and enterprise applications, increasing exposure.\n\nOrganizations can’t rely on traditional security measures or DIY approaches that were not designed for AI. Without the right strategy for implementing AI when building apps, they’ll face the risk of breaches, compliance hurdles, and loss of customer trust.\n\n## Securing AI Agents\n\nThere has been no blueprint for building AI securely into applications. Developers at organizations have been figuring out DIY solutions to building the AI Agent itself.\n\nAuth0 has been talking to organizations and doing research to understand what are the critical components of building AI Agents securely. We came up with four requirements:\n\n* **Authenticate users** \u0026mdash; easily implement secure login experiences for AI agents – from interactive chatbots to background workers.\n* **Call APIs on users’ behalf** \u0026mdash; securely access popular services like Google, Slack, Spotify, and GitHub while seamlessly integrating an application with other products.\n* **Provide Async User Approval for AI actions** \u0026mdash; enable autonomous agents to work independently while maintaining user control by getting explicit user approval for critical actions.\n* **Secure Document Access Control for RAG** \u0026mdash; enforce granular permissions for document retrieval and help ensure AI Agents only access authorized content.\n\nTo realize GenAI's full potential, we must solve all four requirements. Whether you are building your own custom GenAI framework on top of a language like Python or using one of the many fast-growing frameworks that have emerged in the past two years, these requirements need to be addressed. \n\n## Security Can’t Be an Afterthought\n\nIt’s easy to think that security adds a complicated and expensive layer that slows down AI innovation. \n\nHowever, it can be much more disruptive and costly when security attacks occur down the line. In fact, the [global average cost of a data breach](https://www.ibm.com/reports/data-breach)¹ in 2024 was $5 million, which is a 10% increase over last year and the highest total ever. These security failures won’t just result in costs; they can eliminate customer trust (and your bottom line). Customers won’t use AI-powered products if they can’t trust them with their data. Businesses won’t integrate AI agents into their workflows if they don’t trust those agents are secure. \n\nThe way forward is to make security a core part of AI development. Security needs to be built into AI Agents from the start to avoid gaps. These gaps could let bad actors hijack AI agents, steal data, or manipulate their actions. Fixing these problems after deployments is much harder than preventing them in the first place. By making security a core part of AI Agent development, organizations can avoid risks, meet compliance regulations, and build user trust. \n\n## It’s the New Big Thing\n\n“AI” has become a household name in the last few years. \n\nWith this growth, investments in AI are booming. \n\n* By 2027, [82%](https://www.capgemini.com/us-en/insights/research-library/generative-ai-in-organizations-2024/) of organizations are expected to have implemented AI Agents.² \n* [78%](https://www2.deloitte.com/content/dam/Deloitte/us/Documents/consulting/us-state-of-gen-ai-q4.pdf) of organizations expect to increase their overall AI spending in the next fiscal year.³ \n* Not to mention, spending predictions are huge. The global GenAI market is expected to [reach over $100 billion by 2030](https://www.fortunebusinessinsights.com/industry-reports/artificial-intelligence-market-100114), growing at an annual rate of 30%.⁴\n\nThis is not the first time we’re experiencing and adapting to a massive technology shift. AI isn’t a passing trend. We’re in the middle of a shift as significant as the rise of the internet, mobile-first experiences, and cloud applications. Each of these transformations brought new security challenges—and new identity standards. \n\nIn fact, when cloud apps gained popularity, we saw an opportunity and built a developer-centric platform, Auth0, that made implementing authentication easier than ever. And now, it is time to pioneer these identity standards for the AI Agent ecosystem. But first, we need to enable builders to securely integrate GenAI into their apps, making them AI and enterprise-ready. This is where Auth0 can help; security and identity are big reasons AI Agents are not commonplace yet. \n\nIf you are interested in learning more about Auth for GenAI, you [can join our waitlist](http://auth0.ai/) and start experimenting today!\n\n### References\n\n- ¹ [Cost of a Data Breach Report 2024](https://www.ibm.com/reports/data-breach) \n- ² [Generative AI in organizations 2024](https://www.capgemini.com/us-en/insights/research-library/generative-ai-in-organizations-2024/)\n- ³ [Deloitte’s State of Generative AI in the Enterprise\nQuarter four report](http://www2.deloitte.com/content/dam/Deloitte/us/Documents/consulting/us-state-of-gen-ai-q4.pdf)\n- ⁴ [Artificial Intelligence Market Size](https://www.fortunebusinessinsights.com/industry-reports/artificial-intelligence-market-100114)\n","dateCreated":"2025-02-19T15:37","dateLastUpdated":null,"readTime":5,"formattedDate":"Feb 19, 2025"},{"title":"Add Auth0 Organizations to Your B2B Blazor Web App","path":"auth0-organizations-for-b2b-saas-blazor-web-apps","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/4iM5kVfghB6lIZpWzwEs6e/c369b375e74f84945dbb8a860ad6b9ed/blazor-logo","size":{"width":1176,"height":1056}},"description":"Enable multitenancy in your Blazor Web App with Auth0 Organizations and get ready for B2B.","category":["Developers","Tutorial",".NET"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"2HCuH3W40qazXVABB25aef","type":"Entry","createdAt":"2021-03-22T08:17:46.537Z","updatedAt":"2023-04-14T13:21:31.122Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":28,"revision":5,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"andrea-chiarelli","name":"Andrea Chiarelli","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"20yAvTcosk60ReBcBSlaOJ","type":"Asset","createdAt":"2021-03-22T08:26:53.021Z","updatedAt":"2021-03-22T08:26:53.021Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"andrea-chiarelli","description":"andrea-chiarelli avatar","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/20yAvTcosk60ReBcBSlaOJ/be0d3d390368edf9cdf3d50e76207164/andrea-chiarelli","details":{"size":23483,"image":{"width":400,"height":400}},"fileName":"andrea-chiarelli","contentType":"image/jpeg"}}},"lastUpdatedBy":"andrea.chiarelli@auth0.com","email":"andrea.chiarelli@auth0.com","twitter":"https://twitter.com/andychiare","github":"https://github.com/andychiare","linkedin":"https://www.linkedin.com/in/andreachiarelli/","isPopular":true,"personalWebsite":"https://andreachiarelli.it/","type":"Auth0 Employee","jobTitle":"Principal Developer Advocate","description":"I have over 20 years of experience as a software engineer and technical author. Throughout my career, I've used several programming languages and technologies for the projects I was involved in, ranging from C# to JavaScript, ASP.NET to Node.js, Angular to React, SOAP to REST APIs, etc.\n\nIn the last few years, I've been focusing on simplifying the developer experience with Identity and related topics, especially in the .NET ecosystem."}}],"tags":["dotnet","blazor","b2b","saas","organizations","auth0-organizations","multitenancy"],"postContent":"When you build B2B SaaS, you need multitenancy for better resource allocation while keeping security. Auth0 Organizations provides you with a set of features that allow you to build your B2B application with a high level of flexibility. Let's explore how you can use these features to build your B2B SaaS on the .NET platform using Blazor.\n\n\u003e This article uses Blazor as the reference framework to build the sample project, but you can use the same approach with any other server-side ASP.NET Core framework, such as ASP.NET Core MVC and Razor Pages.\n\n## Why Use Organizations?\n\nWhen you use Auth0 to secure your application, you set up an Auth0 tenant to isolate the resources and the users dedicated to it. That's pretty fine when your userbase does not need any further structuring. Assume you need to further isolate groups of users, i.e., you want to create groups of users that can access your application with different authentication options, different sets of roles, or different branding. This is a typical scenario for B2B SaaS, where you provide access to your application to your business customers. Your business customers have their own users, which need to be isolated for security and customization reasons while still using the same application.\n\nThis is where [Auth0 Organizations](https://auth0.com/docs/manage-users/organizations) can help you!\n\nAt a high level, see Auth0 Organizations a way to structure groups of users within an Auth0 tenant, as illustrated by the following diagram:\n\n\n\nIn a B2B scenario, your application is associated with one Auth0 tenant and supports multiple Organizations, one for each of your customers. These Organizations allow you to isolate users and customize your application for each customer.\n\nLet's see how this works in practice.\n\n## The Sample Project\n\nThroughout this article, you will use a basic Blazor application with Auth0 authentication. You will add support for Auth0 Organizations and will learn how to add users and manage their authentication in the Organization context.\n\nFor the purpose of this article, we will focus on a B2B scenario with the following constraints:\n\n- You set up the Auth0 Organization for your customers.\n- Users can't autonomously sign up.\n- Only members of an Organization can access your application.\n- You create the Organization's members on behalf of your customers.\n\nYou can build the starter application in two ways:\n\n- Using the Auth0 Templates for .NET.\n- Building it from scratch.\n\n### Use the Auth0 Templates for .NET\n\nYou can build the starter application by leveraging the [Auth0 Templates for .NET](https://github.com/auth0/auth0-dotnet-templates) , specifically, the [Blazor Web Application template](https://github.com/auth0/auth0-dotnet-templates/blob/main/docs/auth0blazor.md). Make sure you [follow the instructions to install the NuGet package](https://github.com/auth0/auth0-dotnet-templates?tab=readme-ov-file#installation) and use the Blazor Web App template through the .NET CLI, Visual Studio, or JetBrains Rider.\n\nIf you use the .NET CLI and have the [Auth0 CLI](https://github.com/auth0/auth0-cli) installed on your machine and [logged in to your Auth0 tenant](https://github.com/auth0/auth0-cli?tab=readme-ov-file#authenticating-to-your-tenant), you can leverage the [automatic registration](https://github.com/auth0/auth0-dotnet-templates/blob/main/docs/auth0blazor.md#automatic-registration) feature by simply running the following command:\n\n```shell\ndotnet new auth0blazor -o MyBlazorSaaS\n```\n\nThis command will create a ready-to-run Blazor application with Auth0 authentication embedded in the `MyBlazorSaaS` folder.\n\nOtherwise, if you don't have the Auth0 CLI installed or you use the template with Visual Studio or Rider, you need to [register your app with Auth0](https://auth0.com/docs/get-started/auth0-overview/create-applications/regular-web-apps) and configure the `appsettings.json` file manually.\n\n### Build the app from scratch\n\nIf you want to build your starter application from scratch, read [this article to learn how to add Auth0 authentication to a basic Blazor Web App](https://auth0.com/blog/auth0-authentication-blazor-web-apps/).\n\nWhatever approach you used to build and configure your starter app, run it to make sure that everything works as expected.\n\n\u003cinclude src=\"ebook-ads/dotnetIdentity\" /\u003e\n\n## Set Up a New Organization\n\nNow, assume you sold your awesome SaaS application to the company Acme Inc. You will need to create an Auth0 Organization for them so that they can use your application without interfering with the users of your other customers.\n\n### Create a new Organization\n\nGo to your Auth0 dashboard and select the [Organizations](https://manage.auth0.com/#/organizations) item in the left-hand menu, then click the *Create Organization* button. You will be asked to enter the new Organization's name and display name, as shown in the following image:\n\n\n\nIn the picture above, you can see \"acme\" as the name and \"Acme Inc.\" as the display name of the Organization you are creating. Click the *Add Organization* button and you will navigate to the configuration page for your new customer's Organization:\n\n\n\nCongratulations! You have created a basic Organization for your customer.\n\n\u003e The Organization's configuration page allows you to manage and customize your customer's Organization. You will use it in the following, but we will not explore all the available features. Read [the documentation to learn how to configure your Organization](https://auth0.com/docs/manage-users/organizations/configure-organizations).\n\nIf you go back to the [Organizations](https://manage.auth0.com/#/organizations) page, you can see the new Organization listed there:\n\n\n\nNote the *Identifier* column. This value will allow you to identify this Organization in your code.\n\n### Enable connections for your Organization\n\nNow, open your Organization page again by clicking the link associated with the Organization's display name (\"Acme Inc.\" in our example), and navigate to the *Connections* tab. Here you can add the [connections](https://auth0.com/docs/authenticate/identity-providers) that determine how users will log in to your application in the context of this Organization.\n\nBy default, you have no connections configured. So, click the *Enable Connections* button and select the connections you want to enable. You could enable just the built-in `Username-Password-Authentication` connection or add a social connection. It depends on how your customer wants their users to access the application. Select the `Username-Password-Authentication` connection and click the *Enable Connection* button:\n\n\n\n\u003e Keep in mind that you can enable only connections that have been already configured for your tenant. If you don't see the connection you want to enable here, navigate to the [Authentication menu of your dashboard](https://manage.auth0.com/#/authentication) and configure it first.\n\nOnce you select a connection and enable it, you will land on the connection configuration page in the context of this Organization, where you can define how users can join the Organization. This choice strictly depends on the type of application you built and how your business customer wants to manage their users. For the purpose of this article, assume that your application is meant to give your customers control over who can access it. In other words, users cannot autonomously sign up for the application. In this scenario, you can leave the default configuration for the `Username-Password-Authentication` connection. Users will not be able to sign up to the application. Only an Organization admin will be able to add users to the Organization:\n\n\n\n### Configure the Organization's behavior for your app\n\nOnce your customer's Organization is configured, you need to define how users can access your application via an Organization. Navigate to the [Applications \u003e Applications](https://manage.auth0.com/#/applications) menu and select your application. On the configuration page, select the *Organizations* tab. A page like the following will show:\n\n\n\nOn this page, you define the types of users that can log in to your application in the context of Organizations and the login flow you want to enable. The image above shows the settings you will apply for the purpose of this article. Read the documentation to learn more about [Login Flows for Organizations](https://auth0.com/docs/manage-users/organizations/login-flows-for-organizations).\n\nBased on the constraints we set above, only members of an Organization can log in to your application. So, you select *Business Users* as the type of user. Also, you select *Prompt for Credentials* as the login flow because you want to show the usual login page.\n\nThat's it! The Organization configuration is almost ready.\n\n## Manage User Invitations\n\nThe next step is to add users to the newly created Organization. There are a few ways to accomplish this, depending on the specific strategy you want to use for your application. Based on the constraints defined earlier, you don't want users to sign up for an Organization. Therefore, you will add users to your Auth0 tenant and then [make them members of an Organization](https://auth0.com/docs/manage-users/organizations/configure-organizations/assign-members). Alternatively, you can invite them to join an Organization via email. Basically, the user will receive an email with a link to join the Organization. If the user accepts the invitation by navigating the link, they are automatically added to the Organization.\n\nLet's explore how you can implement the invitation flow.\n\n### Configure the invitation link\n\nFirst, you need to define a URL that matches your application's route and will handle the invitation. Let's say that `\u003cBASE_URL\u003e/account/invitation` is that invitation URL, where `\u003cBASE_URL\u003e` is the base URL of your application. Navigate to the [Applications page](https://manage.auth0.com/#/applications) of your Auth0 dashboard, select your application, and in the *Settings* tab, scroll down to the *Application URIs* section. Here, add the invitation link to the *Application Login URI* field, as shown below:\n\n\n\n\u003cdiv className=\"alert alert-info alert-icon\"\u003e\n \u003ci className=\"icon-budicon-500\"\u003e\u003c/i\u003e\n \u003cstrong\u003e\n The `\u003cBASE_URL\u003e` must be a public accessible URL. You cannot use `localhost` in the invitation link.\u003cbr/\u003e\n For testing purposes, you can associate a domain name with localhost by adding an entry to your `hosts` file.\n \u003c/strong\u003e\n \u003c/div\u003e\n\n\nClick the *Save Changes* button to complete the configuration.\n\n### Handle the invitation\n\nNow, when the user accepts the invitation received via email and clicks the invitation link, you need to handle the incoming request. The invitation URL generated by Auth0 has two parameters: `invitation`, which is the ID of the invitation instance, and `organization`, which is the ID of the Organization the user is invited to join. Let's implement an endpoint in the Blazor application that handles this request.\n\nGo to the `MyBlazorSaaS` folder and edit the `Program.cs` file by adding the code highlighted below:\n\n```csharp\n// MyBlazorSaaS/Program.cs\n\n// ...existing code...\n\n// 👇 new code\napp.MapGet(\"/account/invitation\", async (HttpContext httpContext, string organization, string invitation) =\u003e\n{\n var authenticationProperties = new LoginAuthenticationPropertiesBuilder()\n .WithOrganization(organization)\n .WithInvitation(invitation)\n .Build();\n\n await httpContext.ChallengeAsync(Auth0Constants.AuthenticationScheme, authenticationProperties);\n});\n// 👆 new code\n\napp.MapRazorComponents\u003cApp\u003e()\n .AddInteractiveServerRenderMode()\n .AddInteractiveWebAssemblyRenderMode()\n .AddAdditionalAssemblies(typeof(MyBlazorSaaS.Client._Imports).Assembly);\n\napp.Run();\n```\n\nThis code leverages the [Auth0 ASP.NET Core Authentication SDK](https://github.com/auth0/auth0-aspnetcore-authentication) to start the login process within an Organization with an invitation.\n\n\u003e You can customize the user invitation experience by adapting the Universal Login page and the email that the user receives. Read [here](https://auth0.com/docs/manage-users/organizations/configure-organizations/invite-members#customize-the-user-invitation-flow) to learn more.\n\nNow your application is ready to handle invitations accepted by the users.\n\n### Send the user invitation\n\nTo invite a user to join your customer's Organization, navigate to the [Organizations menu item of your dashboard](https://manage.auth0.com/#/organizations) and select the Organization you want to add the user to. In the Organization page, select the *Invitations* tab and click the *Invite Members* button:\n\n\n\nIn the page that opens, select your application and add the email address of the user you want to invite to join, as shown in the following image:\n\n\n\n\u003e You can invite up to five users at a time from the Auth0 dashboard. You can optionally define the connection with which the user will accept the invitation and the role assigned to the user. These options are out of the scope of this article.\n\nOnce you filled out that form, click the *Send Invites* button.\n\nAs a result, an email with the invitation link will be sent to the user and you will see the newly sent invitation in a *Pending* status on the invitation list page.\n\nWhen the user clicks the invitation URL received via email, they will be redirected to the sign-up form to join the customer's Organization, as in the following example:\n\n\n\nOnce the user has chosen a password and created their profile, they are automatically logged in to your application in the context of your customer's Organization.\n\n## Authenticate Users in an Organization\n\nAs you learned earlier, you can configure the login flow in a few different ways. For the purpose of this article, you applied the *Prompt for Credentials* flow. This means that the next time the user logs in, your application will authenticate them through the [Universal Login page](https://auth0.com/docs/authenticate/login/auth0-universal-login) as usual.\n\nIn this scenario, you need to consider two cases: your application knows the user's Organization before authenticating the user or it does not know the user's Organization. Let's analyze both cases.\n\n### Authenticate users without knowing the Organization\n\nAssume your application does not know the user's Organization before authenticating them. In this case, the code to authenticate users does not change:\n\n```csharp\n// MyBlazorSaaS/Program.cs\n\n//...existing code...\n\napp.MapGet(\"/account/login\", async (HttpContext httpContext, string redirectUri = \"/\") =\u003e\n{\n var authenticationProperties = new LoginAuthenticationPropertiesBuilder()\n .WithRedirectUri(redirectUri)\n .Build();\n\n await httpContext.ChallengeAsync(Auth0Constants.AuthenticationScheme, authenticationProperties);\n});\n\n//...existing code...\n\n```\n\nSince Auth0 does not know the Organization to which the user belongs, the tenant's Universal Login page will be shown to the user. In other words, the user does not see the login page that you have possibly customized for the Organization. Only after authentication Auth0 will know what Organization the user is member of and include this information in the `org_id` claim of the ID and access tokens.\n\nSince, in this scenario, your application does not pass the Organization ID to Auth0, you need to validate the value of the `org_id` claim received in the ID and access tokens [for security reasons](https://auth0.com/docs/manage-users/organizations/using-tokens#validate-tokens).\n\nHere is an example of how to validate the `org_id` claim in the tokens you receive from Auth0:\n\n```csharp\n// MyBlazorSaaS/Program.cs\n\n//...existing code...\n\nbuilder.Services\n .AddAuth0WebAppAuthentication(options =\u003e {\n options.Domain = builder.Configuration[\"Auth0:Domain\"];\n options.ClientId = builder.Configuration[\"Auth0:ClientId\"];\n // 👇 new code\n options.OpenIdConnectEvents = new OpenIdConnectEvents\n {\n OnTokenValidated = (context) =\u003e\n {\n var organizationClaimValue = context.SecurityToken.Claims.SingleOrDefault(claim =\u003e claim.Type == \"org_id\")?.Value;\n var expectedOrganizationIds = new List\u003cstring\u003e {\"org_123\", \"org_456\u003e\"};\n if (!string.IsNullOrEmpty(organizationClaimValue) \u0026\u0026 !expectedOrganizationIds.Contains(organizationClaimValue))\n {\n context.Fail(\"Unexpected org_id claim detected.\");\n }\n\n return Task.CompletedTask;\n }\n };\n // 👆 new code\n });\n\n//...existing code...\n```\n\nYou added a handler for the `TokenValidated` event that checks if the value of the `org_id` claim is included in the list of Organization IDs `expectedOrganizationIds`. In case it's not there, an exception is raised.\n\nIn the example above, the content of the `expectedOrganizationIds` list is embedded in the code. In a real-world scenario, the content of this list comes from an external source like a database or an API.\n\n### Authenticate users knowing the Organization\n\nIf your application knows the Organization ID before authenticating the user, your code can send the Organization ID to Auth0 so that the customized login page will be shown. To pass the Organization ID to Auth0, you can simply add a line to your code, as highlighted below:\n\n```csharp\n// MyBlazorSaaS/Program.cs\n\n//...existing code...\n\napp.MapGet(\"/account/login\", async (HttpContext httpContext, string redirectUri = \"/\") =\u003e\n{\n var authenticationProperties = new LoginAuthenticationPropertiesBuilder()\n .WithRedirectUri(redirectUri)\n .WithOrganization(\"\u003cORG_ID\u003e\") //👈 new code\n .Build();\n\n await httpContext.ChallengeAsync(Auth0Constants.AuthenticationScheme, authenticationProperties);\n});\n\n//...existing code...\n\n```\n\nIn the code above, the `WithOrganization()` method gets the Organization ID as a string and includes it as a parameter to be sent to Auth0.\n\n\u003e How your application can get the organization ID before authenticating the user is outside the scope of this article.\n\nIn this case, you don't need to explicitly validate the Organization ID because the SDK will do it for you.\n\n### Get the current user's Organization\n\nWhatever your scenario is, the ID token and access token you receive from Auth0 will contain the Organization ID to which your user belongs. You can use this value to customize your application for this specific Organization.\n\nYou can extract this value directly from the tokens in the token validation step shown earlier:\n\n```csharp\nvar organizationClaimValue = context.SecurityToken.Claims.SingleOrDefault(claim =\u003e claim.Type == \"org_id\")?.Value;\n```\n\nIn any case, you can extract the Organization ID associated with the current user from the [ClaimsPrincipal](https://learn.microsoft.com/en-us/dotnet/api/system.security.claims.claimsprincipal) object of the current User in the [AuthenticationState](https://learn.microsoft.com/en-us/aspnet/core/blazor/security/authentication-state):\n\n```csharp\nprivate Task\u003cAuthenticationState\u003e? authenticationState { get; set; }\n\n...\n\n if (authenticationState is not null)\n {\n var state = await authenticationState;\n\n var orgId = state.User.Claims.SingleOrDefault(claim =\u003e claim.Type == \"org_id\")?.Value;\n }\n```\n\n\u003cinclude src=\"SignupCTA\" text=\"Try out Auth0 authentication for free.\" linkText=\"Get started →\" /\u003e\n\n## Summary\n\nIt was a long journey of exploring Organizations, but I think it was worth it.\n\nYou learned how to create and configure a new Organization to authenticate your customer's users. You defined the type of users and the login flow for your applications and learned how to configure and send user invitations. Then, on your application side, you modified its code to handle the acceptance of those user invitations. Finally, you saw how to authenticate your Organization users both when you know in advance which Organization the user wants to access and when you don't, and how to get the Organization ID of the current user to customize their user experience.\n\nOf course, the use of Auth0 Organizations we have made in this article is minimal and mainly manual. There is still much to explore to make the management of Organizations and users simpler and more automated. We will explore this together in a series of upcoming articles. Stay tuned!\n","dateCreated":"2025-02-18T15:46","dateLastUpdated":null,"readTime":15,"formattedDate":"Feb 18, 2025"},{"title":"Tool Calling in AI Agents: Empowering Intelligent Automation Securely","path":"genai-tool-calling-intro","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/4LrNhImjPcdPVpmCIrhlG9/4efed8dfb26630e6cf48b4a478a1f550/genai-tool-calling-intro.png","size":{"width":1176,"height":1056}},"description":"Discover how AI agents are taking center stage by seamlessly integrating with multiple digital tools like Gmail, Calendar, Slack, and Google Drive to be more efficient. Learn why it is important to secure them and how to do it.","category":["Developers","Deep Dive","AI"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"3lx6DXRO22Z3Dj6dPHnLSI","type":"Entry","createdAt":"2022-11-17T11:59:30.756Z","updatedAt":"2024-12-13T14:27:59.880Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":34,"revision":2,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"deepu-sasidharan","name":"Deepu K Sasidharan","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"1fApVZwDd5MqC86klNgqxA","type":"Asset","createdAt":"2022-11-11T11:58:38.431Z","updatedAt":"2022-11-11T11:58:38.431Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"deepu-sasidharan","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/1fApVZwDd5MqC86klNgqxA/8723248ab3b90d30b32f55cc7287f87c/deepu-sasidharan.jpg","details":{"size":143270,"image":{"width":750,"height":750}},"fileName":"deepu-sasidharan.jpg","contentType":"image/jpeg"}}},"lastUpdatedBy":"Robertino Calcaterra","email":"deepu.sasidharan@okta.com","twitter":"https://twitter.com/deepu105","github":"https://github.com/deepu105","linkedin":"https://www.linkedin.com/in/deepu05","isPopular":true,"personalWebsite":"https://deepu.tech/","type":"Auth0 Employee","jobTitle":"Staff Developer Advocate","description":"Deepu is a polyglot developer, Java Champion, and OSS aficionado. He mainly works with Java, JS, Rust, and Golang. He co-leads JHipster and created the JDL Studio and KDash. He's a Staff Developer Advocate at Okta. He is also an international speaker and a published author."}}],"tags":["ai","tool-calling","token-exchange","ai-agents"],"postContent":"**AI agents** or **Operators** are the latest trend in AI. At their core, agents are autonomous systems that not only process natural language using Large Language Models (LLMs) but also decide when and how to act by interfacing with external tools and APIs. These smart entities blend machine learning with decision-making capabilities, enabling them to perform complex tasks, interact in real-time, use the most efficient tools to perform certain tasks, and even learn from their environment—all without constant human intervention.\n\n\u003cAmpContent\u003e\n\u003camp-youtube\n data-videoid=\"r7wEinUG0ns\"\n layout=\"responsive\"\n width=\"480\" height=\"270\"\u003e\n\u003c/amp-youtube\u003e\n\u003c/AmpContent\u003e\n\n\u003cNonAmpContent\u003e\n\u003cdiv\n className='embed-container'\n style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden; max-width: 100%;margin-bottom:40px;\"\u003e\n \u003ciframe\n style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%;\"\n src='https://www.youtube.com/embed/r7wEinUG0ns'\n frameborder='0' allowfullscreen\u003e\n \u003c/iframe\u003e\n\u003c/div\u003e\n\u003c/NonAmpContent\u003e\n\n## Tool Calling Agents\n\nLLMs on their own are still susceptible to hallucinations and mistakes, but the ability to call tools opens up a whole new world of possibilities where error-prone tasks can be offloaded to a more traditional non-AI tool, like using a calculator to do math rather than relying on the LLM for it. Similarly, tool calling allows AI agents to interface with other applications and services, like Gmail, Calendar, Slack, and Google Drive, to do more for you than just answering questions.\n\nTool calling can be generally classified into these:\n\n1. **Unauthenticated Tools:** These are tools that don't require authentication and are generally simpler to configure, like a calculator, a weather API, or a unit converter.\n2. **Authenticated Tools:** These are tools that require authentication and are generally complex to configure, such as an API provided by another internal application or services like Gmail, Calendar, Slack, and Google Drive.\n\nIn an enterprise environment, the authenticated tools can be further classified into:\n\n1. **First-Party Tools:** These are services that are part of the same infrastructure and require authentication, like an API provided by another internal application or a microservice.\n2. **Third-Party Tools:** These are external services that require more complex authentication. They could be services that are authenticated using service accounts or API keys, like a payment API, or services that need to be authenticated by the end user, such as Gmail, Calendar, Slack, and Google Drive.\n\nTool calling provides many key advantages to an AI agent:\n\n- **Autonomous Decision-Making:** AI agents analyze context and determine the next best action, reducing the need for manual oversight.\n- **Optimized Task Execution:** They can connect to various services and APIs, enabling them to perform specialized tasks like data retrieval, scheduling, and communication.\n- **Scalability and Adaptability:** As systems evolve, agents can easily incorporate new functionalities, adapting to changes in workflow or priorities.\n- **Improved User Experience:** Their ability to tackle diverse tasks leads to more personalized and efficient interactions, making technology feel both intuitive and proactive.\n\n## Tool Calling Agent: A Conceptual Example\n\nImagine an AI personal assistant that consolidates your digital life by dynamically accessing multiple tools to help you stay organized and efficient. Here’s how it could work:\n\n1. **Gmail Integration:** The assistant regularly scans your inbox to generate concise summaries. It highlights urgent emails, categorizes conversations by importance, and even suggests drafts for quick replies.\n2. **Calendar Management:** By interfacing with your calendar, it can remind you of upcoming meetings, check for scheduling conflicts, and even propose the best time slots for new appointments based on your availability.\n3. **Slack Notifications:** For team communications, the assistant monitors Slack channels. It identifies key messages and creates action items, ensuring you never miss an important update from your colleagues.\n4. **Google Drive Access:** Whether you need immediate access to the latest project document or a file related to a current task, the assistant retrieves pertinent documents from Google Drive on demand. It can create document summaries and even create new documents based on your instructions.\n\nWith tool-calling capabilities, the possibilities are endless. In this conceptual scenario, the AI agent embodies a digital personal secretary—one that not only processes information but also proactively collates data from connected services to provide comprehensive task management. This level of integration not only enhances efficiency but also ushers in a new era of intelligent automation, where digital assistants serve as reliable, all-in-one solutions that tailor themselves to your personal and professional needs.\n\n## Security Challenges with Tool Calling AI Agents\n\nBuilding such an assistant is not that difficult. Thanks to frameworks like [LangChain](https://www.langchain.com/), [LlamaIndex](https://www.llamaindex.ai/), and [Vercel AI](https://vercel.com/ai), you can get started quickly. The difficult part is doing it securely so that you can protect the user's data and credentials.\n\nMany current solutions involve storing credentials and secrets in the AI agent application’s environment or letting the agent impersonate the user. Storing credentials securely in the environment might work for APIs that require API keys or service accounts. However, this is not a good idea for cases where the end users need to authenticate to the service, as it can lead to security vulnerabilities and excessive scope and access for the AI agent.\n\n\u003cbr\u003e\n\n\u003cdiv class=\"alert alert-info alert-icon\"\u003e\n \u003ci class=\"icon-budicon-487 icon-info\"\u003e\u003c/i\u003e\n \u003cb\u003eTo learn more about other security concerns and vulnerabilities in AI check out this blog post on \u003ca href=\"https://auth0.com/blog/identity-challenges-for-ai-powered-apps/\"\u003eIdentity Challenges for AI-Powered Applications\u003c/a\u003e.\u003c/b\u003e\u003cbr\u003e \n\u003c/div\u003e\n\nWhen you build an AI agent, you need to consider all its other security implications as well. You don't want an LLM to have unlimited access to your personal data like email and documents, and more importantly, you don't want to provide your credentials to the LLM to access these tools. Let's face it, regardless of how secure the LLM is, there is always a possibility of it getting manipulated into divulging sensitive information or doing something you don't want it to do.\n\n## Tool Calling with the Help of Auth0\n\nThis is where Auth0 comes to the rescue. As the leading identity provider (IdP) for modern applications, our upcoming product, [Auth for GenAI](https://auth0.com/blog/auth-for-genai/), provides standardized ways built on top of OAuth and OpenID Connect to call APIs of tools on behalf of the end user from your AI agent.\n\nAuth0 brokers a secure and controlled handshake between the AI agents and the services you want the agent to interact with on your behalf – in the form of scoped access tokens. This way, the agent and LLM do not have access to the credentials and can only call the tools with the permissions you have defined in Auth0. This also means your AI agent only needs to talk to Auth0 for authentication and not the tools directly, making integrations easier.\n\n### Call first-party APIs on users' behalf\n\nWhen your AI agent, secured with Auth0, needs to call another application also secured with Auth0, you can use standard OAuth 2.0 flows, like the [Authorization Code Flow](https://auth0.com/docs/get-started/authentication-and-authorization-flow/device-authorization-flow), to get an API token from that application with user consent. In this case, Auth0 will manage the retrieval of new access tokens using cached refresh tokens when the API token expires.\n\n### Call third-party APIs on users' behalf\n\nWhen your AI agent, secured with Auth0, wants to call external services like Gmail, Calendar, Slack, and Google Drive, Auth0 can help the agent get access tokens for the external service on behalf of the end user. In this case, Auth0 brokers the API access token from the external service to the AI agent.\n\n\n\nThis is made possible by Federated API token exchange, which is a way to obtain an access token from an external identity provider without the need for the user to re-authenticate every time. The end user authenticates and connects the external service once, and Auth0 intermediates the authentication and authorization process and provides the API access token to the AI agent. Auth0 takes care of storing refresh tokens and getting new access tokens when the current access token expires.\n\n## Security Best Practices for Tool Calling AI Agents\n\nHere is a summary of security best practices to consider when building a tool-calling AI agent:\n\n- **Least Privilege**: Grant the minimum permissions needed (e.g., read-only access).\n- **Audit Logs**: Track API calls and credential usage.\n- **Proxying**: Use an IdP like Auth0 as a broker between the AI agent and the tools to protect the user's credentials.\n- **Encryption**: Encrypt credentials at rest and in transit (HTTPS/TLS).\n- **Token Rotation**: Regularly rotate API keys and tokens.\n- **Sandboxing**: Run tools in isolated environments when possible to limit damage from leaks.\n\n## Learn More about AI Agents and Auth for GenAI\n\nThis post offers a glimpse into the transformative potential of AI agents and highlights how secure and intelligent tool calling can empower AI agents to deliver a more connected and personalized experience. Stay tuned for a series of posts on tool-calling Agents with [Auth for GenAI](https://a0.to/ai-content), where we will build the conceptual personal assistant from the previous section in Node.js and Python, showing how to integrate with different types of services securely using your favorite AI frameworks and Auth0.\n\nBefore you go, we have some great news to share: we are working on more content and sample apps in collaboration with amazing GenAI frameworks like [LlamaIndex](https://www.llamaindex.ai/), [LangChain](https://www.langchain.com/), [CrewAI](https://www.crewai.com/), [Vercel AI](https://vercel.com/ai), and [GenKit](https://firebase.google.com/docs/genkit). [Auth for GenAI](https://auth0.com/blog/auth-for-genai/) is our upcoming product to help you protect your user's information in GenAI-powered applications. Make sure to join the [Auth0 Lab Discord server](http://a0.to/auth0-lab-discord) to hear more and ask questions.","dateCreated":"2025-02-14T15:30","dateLastUpdated":"2025-03-12","readTime":8,"formattedDate":"Mar 12, 2025"},{"title":"Innovation Ignited: How to Start Your Digital Identity Management Journey","path":"how-to-start-your-digital-identity-management-journey","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/6fjXeiKm0cnBhKSstu382A/6e93da722d4f0bca241ff54b6f3f93bb/auth0-hero-announcement.jpg","size":{"width":1176,"height":1156}},"description":"To meet innovation, experience, and security requirements, organizations must establish digital Identity strategies and implement them into every product and service.","category":["Business","Industry","CIAM"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"7Ih1qvPwR92Se3kBybUAXa","type":"Entry","createdAt":"2025-02-12T22:48:39.809Z","updatedAt":"2025-02-12T22:48:39.809Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":6,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"jacquelyn-painter","name":"Jax Painter","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"4A4tbUtTmWOnKKSbLVrvwd","type":"Asset","createdAt":"2025-02-12T22:48:02.497Z","updatedAt":"2025-02-12T22:48:02.497Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"Jax Painter","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/4A4tbUtTmWOnKKSbLVrvwd/d6e92163f09b31d11e628515b0482283/Jax_Painter.jpeg","details":{"size":18811,"image":{"width":512,"height":512}},"fileName":"Jax Painter.jpeg","contentType":"image/jpeg"}}},"lastUpdatedBy":"Robertino Calcaterra","email":"jacquelyn.painter@okta.com","twitter":null,"github":null,"linkedin":null,"isPopular":false,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Director, Product Marketing","description":null}}],"tags":["ciam","iam","innovation","Identity"],"postContent":"## The Multifaceted Challenges of Managing Digital Identities\n\nPeople leading development, technology, security, and product strategies collectively seek to drive innovation and improve customer and employee experiences. Aligning those teams while managing an increasingly complex technology and security threat landscape is easier said than done.\n\nWithout a unified digital Identity strategy, developers and product teams often experience problems balancing customer experience, security, and speed. These challenges create delays and slow product development cycles, from planning and coding to maintenance and scale out. Technology and security teams can also struggle to streamline access for employees in ways that don't create vulnerabilities.\n\nThe stakes to get Identity correct are so high that fear often creates additional blockers. No one wants to make a mistake that could jeopardize their career or end up being tomorrow’s headline. An organization's reputation is now deeply tied to how well it protects customer data against rapidly evolving threats. So the bottom line is: Security breaches and regulatory compliance issues can result in devastating costs. In 2024, the global average cost of a data breach was [$4.88 million](https://www.ibm.com/reports/data-breach), a 10% increase since 2023.\n\nTo meet today's (and tomorrow's) innovation, experience, and security requirements, organizations of all sizes must establish intentional digital Identity strategies and implement them into every product and service from the ground up. \n\n## Seamless Experiences Are Driven by Digital Identities\n\nBusiness efficiency and growth depend on seamless experiences for customers and employees. All of these experiences — from customer-facing digital services and AI-driven innovations to employee onboarding and business intelligence — are driven by scalable Identity and data access controls.\n\nAchieving business efficiency and growth is easier when teams can take advantage of automation, no-code solutions, AI, and other technologies to eliminate rote work and focus on what drives the business forward. Along with equipping developers and product teams with intelligent, integrated tools for managing authentication, a unified digital Identity solution also empowers technology and security teams with flexible, scalable tools for managing customer and employee access. By implementing an integrated strategy for digital identities, organizations can:\n\n* Infuse consistent Identity practices into agile development processes\n* Implement critical changes like single sign-on and privileged access management faster\n* Scale out solutions with less effort\n* Help prevent risks associated with cloud usage, shadow IT, and anywhere collaboration\n* Keep up with rapidly evolving cybersecurity challenges and regulations\n\n## A Unified Digital Identity Approach Makes It Easier to Drive Innovation with Data\n\nEffective and easy-to-use digital Identity solutions can empower any organization to fearlessly innovate and readily adapt to changing markets and customer demands. With the right authentication and access management tools, teams can safely leverage data to develop differentiating experiences and products using technologies like AI.\n\nOrganizations that successfully implement a unified digital Identity strategy realize measurable benefits across multiple fronts through financial savings and by improving productivity throughout the organization. In a research study, IDC found that companies using CIAM solutions [saved $4.3 million](https://www.okta.com/sites/default/files/2022-06/TheBusinessValueofOktaCustomerIdentityandAccessManagement.pdf) through productivity improvements alone, and for every customer-facing application they saw \u003e$166,000 in combined annual benefits. IDC also found team efficiency benefits throughout organizations, with a 33% time savings for IT and infrastructure teams, 23% for developer teams, and 13% for security teams. \n\n## Identity Is Everyone’s Business \n\nWhen leaders spearheading development, technology, security, and product roadmaps understand how important a unified digital Identity strategy is, they can work together on a comprehensive strategy that equips everyone to achieve their goals. \n\nDevelopers can quickly and easily build and maintain required authentication flows that don't break and keep customers happy. Security teams can see who has access to what, when, and under whose authorization — on demand and across silos. \n\nProduct teams can get to market faster while helping to ensure customers that their data is safe. Technology leaders can implement unified solutions that scale, lower risk, and ultimately improve the experiences of employees and customers. \n\nInterested in learning how to implement a collaborative strategy for digital identities? Stay tuned for the next four blogs in the Innovation Ignited series covering Identity responsibilities that development, technology, security, and product leaders face and the outcomes they can realize with a unified digital Identity strategy.\n\n* Create a culture of synergy with digital identities: This piece explains how development leaders can empower teams to overcome authentication complexity and focus on creating differentiating solutions that improve customer experience \n* Ignite innovation with digital Identity: This piece explores how technology leaders can optimize Identity and Access Management and authentication to create a culture of alignment that fuels collaboration and continuous improvement\n* How to keep your developers focused on development: Identity management burdens often overwhelm developers and delay product launches, but leaders can streamline authentication through unified digital identity solutions, allowing teams to focus on core innovation\n* Accelerate product workflows and adoption: Learn how product leaders can create ambitious and realistic roadmaps that include differentiating authentication capabilities — while accelerating the journey from ideas to market success\n\n## Accelerate Your Organization's Growth\n\nImprove user experience, security, and innovation with a unified digital Identity solution. \n\n\u003e [Read more from Auth0 thought leaders](https://www.okta.com/blog/)\n\n## Resources\n\nAuth0 equips organizations with an intelligent, integrated digital Identity solution that makes it easier to meet security and business requirements — and drive growth, differentiation, and impact. To learn more about how Auth0 equips businesses of all sizes with the tools they need for unified digital Identity strategies, check out the following resources.\n\n* [Okta Named a Leader in 2023 Gartner® Magic Quadrant™ for Access Management for Seventh Consecutive Year](https://www.okta.com/press-room/press-releases/okta-named-a-leader-in-2023-gartnerr-magic-quadranttm-for-access/)\n* [Okta named a Leader in first ever Forrester Wave™️ for Workforce Identity Platforms](https://www.okta.com/resources/analyst-research-okta-named-a-leader-in-first-ever-forrester-wavetm-for-workforce/)\n* [Okta Recognized as a Gartner® Peer Insights™ Customers' Choice for Access Management](https://www.okta.com/resources/analyst-research-okta-recognized-as-a-2024-gartner-peer-insights/)","dateCreated":"2025-02-12T23:58","dateLastUpdated":null,"readTime":5,"formattedDate":"Feb 12, 2025"},{"title":"Innovation Ignited: How Development Leaders Make Authentication an Innovation Engine","path":"how-development-leaders-make-authentication-an-innovation-engine","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/6fjXeiKm0cnBhKSstu382A/6e93da722d4f0bca241ff54b6f3f93bb/auth0-hero-announcement.jpg","size":{"width":1176,"height":1156}},"description":"Empower your team with a unified digital Identity strategy that includes intelligent, integrated auth capabilities that minimize risk while improving experience.","category":["Business","Industry","Innovation"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"7Ih1qvPwR92Se3kBybUAXa","type":"Entry","createdAt":"2025-02-12T22:48:39.809Z","updatedAt":"2025-02-12T22:48:39.809Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":6,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"jacquelyn-painter","name":"Jax Painter","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"4A4tbUtTmWOnKKSbLVrvwd","type":"Asset","createdAt":"2025-02-12T22:48:02.497Z","updatedAt":"2025-02-12T22:48:02.497Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"Jax Painter","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/4A4tbUtTmWOnKKSbLVrvwd/d6e92163f09b31d11e628515b0482283/Jax_Painter.jpeg","details":{"size":18811,"image":{"width":512,"height":512}},"fileName":"Jax Painter.jpeg","contentType":"image/jpeg"}}},"lastUpdatedBy":"Robertino Calcaterra","email":"jacquelyn.painter@okta.com","twitter":null,"github":null,"linkedin":null,"isPopular":false,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Director, Product Marketing","description":null}}],"tags":["auth0","okta","authentication"],"postContent":"Developers are the backbone of innovation. What they focus on can accelerate or hinder the delivery of new products. Authentication and authorization have always been a top development priority, but increases in data volumes, data usage, mobility, and other factors are creating significant complexity.\n\nNavigating increasing auth challenges with manual, cumbersome approaches —while also trying to keep up with the latest security standards and regulations — can be overwhelming. This situation can result in frustrated developers, delayed launch dates, and an increased risk of security gaps that can cause outages, costly non-compliance fees, and damaged business reputations. AI and [GenAI](https://www.okta.com/blog/2024/10/unlocking-the-power-of-generative-ai-with-identity/) adoption only amplify developers' auth challenges because models require massive amounts of information for accuracy and all data usage must align with evolving security and compliance regulations.\n\nHow organizations manage auth also determines their effectiveness in protecting data against evolving threats, complying with regulations, and improving brand reputation. Building auth services from scratch or relying on features in legacy systems can easily lead to compliance and governance missteps caused by Identity fragmentation across applications and systems. After all, siloed Identity management is difficult to track, making it harder to safeguard customer data.\n\nChief technology officers, directors, and development leaders can empower their teams with a unified digital Identity strategy that includes intelligent, integrated auth capabilities that minimize complexity and risk while improving experience. By building and maintaining authentication with less effort and simplifying governance and compliance, developers can spend the bulk of their time doing what they excel at, bringing new products and services to market faster.\n\n## Moving from Complexity to Clarity — and Ideas to Impact\n\nAuthentication and authorization are critical vehicles for creating innovative solutions and differentiating experiences for customers and employees. That’s because users expect scalable, frictionless access to apps, digital tools, and cloud services.\n\nTo make this possible while enabling teams to manage all their tasks, developers need easy-to-use auth systems that minimize the need for custom code and specialized security skills. That way, developers have what they need to build flexible solutions that can easily integrate with other technologies, support new authentication methods, and facilitate new use cases including AI and GenAI — all in a way that minimizes risk and delivers positive user experiences.\n\n## How LaunchNotes Uses Authentication to Drive Growth\n\n[LaunchNotes](https://www.okta.com/customers/launchnotes/) equips product and development teams with the tools they need to effectively communicate, understand, and manage the what, when, and why of product roadmaps. To drive growth, especially in the enterprise customer space, LaunchNotes replaced their authentication software with a unified solution from Auth0. It provides the enterprise-grade authentication and authorization capabilities prospective customers were looking for, like [single sign-on](https://www.okta.com/products/single-sign-on-workforce-identity/) (SSO).\n\nAuth0 is also easy to use. With it, developers were able to set up a proof of concept in one hour and deploy their new auth solution, including SSO capabilities, within less than three weeks. Within one week of going live, LaunchNotes’ first enterprise customer signed up and more than 10 customers re-engaged.\n\nDevelopers are also realizing ongoing efficiencies with their unified auth solution. Today, they spend 95% less time managing password policies for B2B customers. They implemented social logins in just minutes. And now, they onboard new customers up to 20% faster, which improves the experience of customers and employees.\n\n## How Cribl Transforms Auth to Bring New Products to Market Faster\n\n[Cribl](https://www.okta.com/customers/cribl/) helps organizations collect, process, route, and analyze logs, traces, and other telemetry data from their in-house and third-party systems and apps. Because this data is critical in establishing and managing seamless, protected communication between systems, Cribl provides customers with strict access controls. For years, Cribl used [role-based access controls](https://www.okta.com/identity-101/what-is-role-based-access-control-rbac/) (RBAC) to authorize users.\n\nHowever, when they introduced virtual Workspaces for their customers, Cribl quickly recognized that their RBAC approach could not scale with increasing complexity and growth. Developers were spending too much time manually building and maintaining auth systems. To set up authentication for just one Workspace, they had to manually define up to 400 roles in a JSON Web Token.\n\nAfter evaluating their best options, Cribl’s teams unanimously chose to adopt a unified auth solution from Auth0. It enables granular RBAC and centralized auth models that are flexible, scalable, and easy to manage. Today, developers input their new products into their authorization model and Auth0 automatically handles the mapping between data owners as directed. As a result, what used to take developers months of manual effort now takes just weeks. And because developers can set up authorization for new products 80% faster, they have more time to spend on innovation.\n\n## How Alma Media Builds and Maintains Identity Security with Less Effort\n\nMedia and service company [Alma Media](https://www.okta.com/customers/alma-media/) was struggling with siloed auth solutions. The organization operates more than 100 websites and brands used by millions of customers, and every site had its own login method. This meant customers couldn’t navigate between corporate brand sites without having to log in again. Cumbersome user experiences cut Alma Media's conversions in half. Additionally, developers had to create, manage, and scale each site’s standalone authentication solutions, leaving them little time to work on impactful projects.\n\nTo achieve their goals, Alma Media adopted a unified auth solution from Auth0 that has dramatically simplified development. As a result, Alma Media improved their user experience, security, and innovation potential. Customers now have SSO, so they no longer have to manage multiple IDs and passwords across sites. They can also opt to log in to sites using their social media accounts.\n\nAdditionally, in-house developers and IT teams now use the same flexible solution for managing auth across sites. This straightforward approach reduces risk, boosts efficiency, and delivers measurable savings. Alma Media has decreased their total cost of ownership by 30% and license expenses by 10%.\n\n## Ignite Innovation at Your Organization\n\nMaximizing the time your developers have to create differentiating solutions that improve security, experience, and innovation is easier with a unified strategy. Auth0 equips organizations with intelligent, integrated authentication and authorization tools that reduce complexity so developers can turn ideas into impactful solutions faster.\n\nNo-code, low-code, and pro-code tools accelerate the development of automated flows that teams can quickly adapt to meet current and future use cases. Built-in capabilities also simplify governance and compliance, including certification and regulatory support, data sovereignty, and centralized controls.\n\nFree your devs and simplify auth management! Learn More about [Customer Identity and Access Management (CIAM)](https://www.okta.com/customer-identity/)\n\n## Resources\n\n- [Check out our Developer Center](https://developer.auth0.com/)\n- [Unlock SaaS app growth: Download the Why Customer Identity White Paper](https://www.okta.com/resources/whitepaper-why-ciam/)\n- [Learn about Fine-Grained Authorization (FGA)](https://auth0.com/resources/whitepapers/fine-grained-authorization-technical-primer)\n- [Discover how Okta secures your Generative AI implementation](https://www.okta.com/blog/2024/10/unlocking-the-power-of-generative-ai-with-identity/) \n- [Explore the Build versus buy question for CIAM](https://www.okta.com/resources/whitepaper-build-vs-buy/)\n","dateCreated":"2025-02-12T22:56","dateLastUpdated":null,"readTime":6,"formattedDate":"Feb 12, 2025"},{"title":"Identity Security 101: How to Drive Trust and Loyalty across the User Journey","path":"identity-security-101-how-to-drive-trust-and-loyalty","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/6fjXeiKm0cnBhKSstu382A/6e93da722d4f0bca241ff54b6f3f93bb/auth0-hero-announcement.jpg","size":{"width":1176,"height":1156}},"description":"If you’re curious about how to stay ahead of increasingly sophisticated attacks without putting your business goals at risk with excessive friction, this resource is for you.","category":["Business","Industry","Identity"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"5Cxo7BkkpLSAVnUALpZPZj","type":"Entry","createdAt":"2025-01-14T09:09:35.013Z","updatedAt":"2025-01-14T09:09:35.013Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":21,"revision":1,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"samantha-murphy","name":"Samantha Murphy","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"2oMV11FnSFARDSPLUf7u5Z","type":"Asset","createdAt":"2025-01-14T09:08:21.118Z","updatedAt":"2025-01-14T09:08:21.118Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"samantha-murphy","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/2oMV11FnSFARDSPLUf7u5Z/5855d45c57b8fab5122b6017545e6f3f/samantha-murphy.jpg","details":{"size":50351,"image":{"width":560,"height":560}},"fileName":"samantha-murphy.jpg","contentType":"image/jpeg"}}},"lastUpdatedBy":"Andrea Chiarelli","email":null,"twitter":null,"github":null,"linkedin":"https://www.linkedin.com/in/samantha-murphy","isPopular":false,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Principal Product Marketing Manager, Customer Identity","description":"Samantha Murphy is a Principal Product Marketing Manager for Okta. She leads the Customer Identity Security portfolio, driving go-to-market strategy, messaging, launches, and strategic growth initiatives. Before Okta, Sam spent over six years in product management roles in Identity and Access Management.\n\nShe holds a Bachelor of Commerce degree from Queen’s Smith School of Business and is from Ottawa, Canada.\n\nIn her free time, Sam makes the most of winter by playing an awesome ice skating sport called ringette."}}],"tags":["identity","security","auth0","solutions","hri"],"postContent":"Identity is the connective tissue between every person and technology in your ecosystem. This connective role also places Identity at the center of your risk profile. It’s no surprise that Identity remains the No. 1 attack vector in today’s threat landscape — over 80% of data breaches involve some form of compromised Identity.\n\nProperly addressing this fact means taking a serious and expansive look at your organization’s approach to Identity — because here’s the thing: Identity is more than just a login box. A rigorous, modern approach to Identity mitigates threats before, at, and after authentication.\n\nAccordingly, technology leaders can’t limit themselves exclusively to Identity-related threats. They must also consider the impact their Identity solution has on core business priorities such as revenue, customer satisfaction, and growth goals.\n\nThis blog dives into how technology leaders can deliver Identity security solutions that also drive growth. If you’re curious about how to stay ahead of increasingly sophisticated attacks without putting your business goals at risk with excessive friction, this resource is for you.\n\n## It’s Time to Ditch Dated Identity and Excessive Friction\n\nProtecting customers from account takeover and other malicious actions is crucial. But when that protection creates frustrating stumbling blocks for customers, like passwords, frequent CAPTCHAs, and multi-factor authentication (MFA) fatigue, your business is at risk. By introducing excessive friction into customer journeys, good-faith security efforts built on legacy Identity methods can lead to abandoned customer journeys, lower conversion rates, and lost business.\n\nIt’s a raw deal, and the worst part is that Identity security that burdens your customers doesn’t necessarily translate to better security. For example, traditional usernames and passwords with SMS as a second factor are vulnerable to social engineering and SIM-swapping attacks.\n\nThe clock has run out on legacy Identity. It’s time to embrace a modern approach that leverages Identity as more than a login box and, instead, drives better security and better business.\n\n## Protect Every Stage of the Customer Journey\n\nIf the stats on pervasive Identity-related breaches teach us anything, it’s that legacy Identity simply isn’t enough in today’s threat landscape. Technology leaders need Identity security that can discover weaknesses, protect against vulnerabilities, and limit access if an adversary gets in.\n\nIn order to modernize security, you must modernize Identity. Auth0’s layered defense strategy improves security before, at, and after the login box alongside a SecOps dashboard, tools, and integrations. Here’s how our Auth0 Identity platform drives stronger security, privacy, and user experience (UX) across the customer journey.\n\n### Before login\n\nBots make up 42% of all internet traffic today and 65% of these are bad bots.A versatile, scalable method for bad actors to carry out automated attacks, bots are also a major drain on your marketing budget. Whenever bots sign up for new accounts, they eat into your sign-up bonuses and block new connections with real customers.\n\nGenerative AI is poised to add gas to the bot fire: Between 2023 and 2030, AI adoption in cybercrime is expected to rise by 37%. Soon, businesses will be dealing with an even higher number of sophisticated bots capable of outsmarting simple bot-detection CAPTCHAs.\n\nModern Identity should stop bad bots in their tracks while maintaining customer-friendly experiences that protect revenue. Auth0 Bot Detection continuously monitors Identity threats across hundreds of millions of users, enabling us to detect bad bots and respond in real time with user-friendly challenges like the time-based authentication challenge. In addition, our Bot Detection solution now features a machine-learning model designed for signup attacks. Tailored models greatly improve detection and prevention of bots across the user journey, while reducing bot challenges presented to real customers.\n\nAuth0 SOLUTIONS TO EXPLORE FURTHER:\n\n* [Bot Detection](https://auth0.com/docs/secure/attack-protection/bot-detection)\n\n### At login\n\nUltimately, driving your business forward comes down to providing customers with a simple and seamless user experience without compromising on security. Customers want on-demand convenience — fast, easy access with flexible login options — which means digital teams need to design phishing-resistant authentication experiences that also deliver a quick and easy customer journey.\n\nModern Identity can provide that perfect balance with flexible, secure passwordless login options. Passkeys allow users to log in quickly and securely, similar to how they unlock their mobile devices. They are also a phishing-resistant alternative to less user-friendly login options like the commonly used username and password plus MFA combination. Adaptive MFA can also reduce MFA fatigue by assessing risk signals such as a new device, network, or location, impossible travel, and untrusted IP, only triggering a second challenge for higher-risk authentication attempts.\n\nIn addition to login options, Auth0 offers layered security features for login. Auth0 Breached Password Detection and Credential Guard screen for and block compromised credentials. Auth0’s Brute-Force Protection and Suspicious IP Throttling help prevent account takeover attacks that target single and multiple user accounts, respectively.\n\nAuth0 SOLUTIONS TO EXPLORE FURTHER:\n\n* [Single Sign-On](https://auth0.com/docs/authenticate/single-sign-on) \n* [Passwordless](https://auth0.com/docs/authenticate/passwordless),[ Passkeys](https://auth0.com/docs/authenticate/database-connections/passkeys) \n* [Multi-Factor Authentication](https://auth0.com/docs/secure/multi-factor-authentication)\n* [Adaptive MFA](https://auth0.com/docs/secure/multi-factor-authentication/adaptive-mfa)\n* [Suspicious IP Throttling](https://auth0.com/docs/secure/attack-protection/suspicious-ip-throttling)\n* [Breached Password Detection and Credential Guard](https://auth0.com/docs/secure/attack-protection/breached-password-detection)\n* [Brute Force Protection](https://auth0.com/docs/secure/attack-protection/brute-force-protection)\n\n### After login\n\nThe ongoing rise in post-login threats also necessitates a defense-in-depth, layered security approach at every step of the user journey. The stakes are high, and the pain caused by breaches has the potential for extensive reach. Breaches not only incur painful financial losses but also lead to substantial brand and compliance-related effects that threaten the core business. Modern Identity can help avoid these outcomes.\n\nModern Identity elevates security, privacy, and experience post-login to protect sensitive customer interactions and user sessions. For example, with Auth0 Highly Regulated Identity, configure your organization to send financial-grade contextual approval requests to customers’ devices for sensitive interactions like account updates or money transfers. With Auth0 Continuous Session Protection, your organization can also continuously monitor user sessions to detect and prevent hijacking attempts, revoke suspicious sessions, and set custom timeouts.\n\nAuth0 SOLUTIONS TO EXPLORE FURTHER:\n\n* [Highly Regulated Identity](https://auth0.com/docs/secure/highly-regulated-identity)\n* [Continuous Session Protection](https://auth0.com/docs/secure/continuous-session-protection)\n\n## SecOps\n\nSecurity is a team sport, which is why Auth0 enables better collaboration between security, product teams, and developers with real-time insights and ready-made integrations that connect Auth0 functionality to a broader security apparatus.\n\nFor example, Auth0’s Security Center helps organizations detect and respond to attacks faster and fine-tune their security posture with intelligent insights and custom threshold alerting for Identity-related events, anomalies, and general efficacy. Security Log Streaming further supports faster event response by allowing the streaming of relevant Customer Identity Cloud activity to third-party SIEM tooling.\n\nAuth0 SOLUTIONS TO EXPLORE FURTHER\n\n* [Security Center](https://auth0.com/docs/secure/security-center)\n* [Security Log Streaming](https://auth0.com/docs/secure/security-center/prioritized-log-streams)\n\n## The Perfect Blend of Security and Usability\n\nIt’s tempting to think of Identity as a box to be checked. Equip your customer-facing applications with SSO and MFA–check. It's time to dust off your hands and declare victory, right? If only it was that easy.\n\nTo adapt to the ever-shifting risks of the business landscape with equal attention to security and revenue, technology leaders need an approach to Identity-based security that also functions as a business driver. That means integrating secure, seamless Identity functions into your security and revenue strategies at each customer touchpoint.\n\nLegacy approaches to Identity fall far short of this goal. But, by entrusting your organization’s Identity with a leader in modern Identity, you can position your business to lead the pack in customer Identity security and core business KPIs.\n\n## It All Starts with Auth0\n\n[Thousands of customers](https://www.okta.com/customers/) worldwide trust Auth0 to strike the perfect balance of robust security and seamless customer experience across more than 10 billion monthly authentications.\n\nWe’ve invested in a layered defense strategy to improve security before, during, and after the login box — plus a dashboard and tools for SecOps that improve visibility and enable faster responses to potential and emerging threats.\n\nCurious about how the Auth0 can help you build trust with your customers, secure your applications, and protect revenue?[ Reach out to our team](https://auth0.com/contact-us?place=header\u0026type=button\u0026text=contact%20sales) to schedule a demo.\n","dateCreated":"2025-02-12T22:23","dateLastUpdated":null,"readTime":7,"formattedDate":"Feb 12, 2025"},{"title":"Building a Secure RAG with Python, LangChain, and OpenFGA","path":"building-a-secure-rag-with-python-langchain-and-openfga","heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/26C3LpFeTjPcRa8J0dUW8D/ae8fb9148b63d11479440074e2be960d/langchain-blog-hero.jpg","size":{"width":3540,"height":3180}},"description":"Learn how to use Okta FGA to secure your LangChain RAG agent in Python.","category":["Developers","Deep Dive","AI"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"7qC8LJD80VSx1qYcSdQ1Zh","type":"Entry","createdAt":"2021-08-23T12:59:46.069Z","updatedAt":"2025-01-08T14:00:38.100Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":42,"revision":6,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"juan-cruz-martinez","name":"Juan Cruz Martinez","avatar":{"metadata":{"tags":[{"sys":{"type":"Link","linkType":"Tag","id":"user"}}],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"5b3YvfAb53h2I5U6uanww4","type":"Asset","createdAt":"2022-07-07T09:23:40.589Z","updatedAt":"2022-07-07T09:23:56.422Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":10,"revision":5,"locale":"en-US"},"fields":{"title":"jcm","description":"Juan Cruz Martinez","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/5b3YvfAb53h2I5U6uanww4/f1dfa0e19f15f5df8eacd53f78a813f6/jcm.jpeg","details":{"size":29371,"image":{"width":400,"height":400}},"fileName":"jcm.jpeg","contentType":"image/jpeg"}}},"lastUpdatedBy":"Juan Cruz Martinez","email":"juan.martinez@okta.com","twitter":"https://twitter.com/bajcmartinez","github":"https://github.com/bajcmartinez","linkedin":"https://www.linkedin.com/in/bajcmartinez/","isPopular":true,"personalWebsite":"https://jcmartinez.dev/","type":"Auth0 Employee","jobTitle":"Staff Developer Advocate","description":"I stream, blog, and make youtube videos about tech stuff. I love coding, I love AI, and I love building stuff!"}}],"tags":["rag","ai","fga","langchain","authorization"],"postContent":"Retrieval-Augmented Generation (RAG) is a great way to create AI-driven applications that deliver more accurate, context-rich answers. Instead of relying purely on pre-trained knowledge, a RAG system retrieves domain-specific data (like PDFs, knowledge bases, or markdown files) and passes it into a language model. This is *awesome* when your data is public or freely shareable. But what happens if some of that data is *restricted* or *confidential*? That’s where fine-grained authorization comes in!\n\nIn this post, we’ll walk through:\n\n1. **Why** authorization is crucial in RAG\n2. **What** OpenFGA is, and how it helps you enforce fine-grained permissions\n3. **How** to build a secure pipeline that filters out unauthorized documents **before** they reach your language model\n\n## The Challenge of Authorization in RAG Systems\n\nRAG systems retrieve relevant information from large datasets and use that information to enhance the AI model responses. While this functionality is powerful, it raises a significant challenge: **ensuring that each user only accesses the information they are authorized to see**. Authorization must be:\n\n* **Accurate**: Only correct data gets through.\n* **Performant**: Works quickly, even with large datasets.\n* **Adaptive**: Updates with dynamic organizational changes, role updates, or any changes in the relationship between the information and the users.\n\nA secure RAG system needs to enforce fine-grained access control without sacrificing speed or scalability. Roles might change, projects can be reassigned, and permissions could evolve over time. Handling all this efficiently is key to building a truly secure and robust RAG application.\n\n## Proposed Solution: Secure Retrieval with LangChain, OpenAI, and OpenFGA\n\nThe solution employs a workflow that integrates document retrieval, user-specific authorization filtering, and Large Language Model (LLM) response generation.\n\nWe’ll build a pipeline that uses:\n\n* **LangChain**: A helpful toolkit for chaining the steps of a RAG pipeline (loading data, embeddings, retrieval, prompting).\n* **LLMs** (OpenAI or any other): For both embeddings (similarity search) and text generation.\n* **OpenFGA**: A fine-grained authorization service that checks, for each document, if a user has the “can_view” relationship.\n\n### LangChain\n\nLangChain is a library that streamlines building LLM applications by assembling different components—like loading documents, vector stores, and prompt templates. This structure makes it easier to read, maintain, and modify your RAG pipeline.\n\n### LLMs\n\nAlthough we’ll demonstrate OpenAI’s embeddings and Chat APIs, you can easily replace them with other providers (e.g., Anthropic, LLaMA, or Azure OpenAI). The main tasks here are:\n\n1. **Embedding** documents so you can do similarity searches.\n2. **Generating** text from the retrieved documents to answer the user’s query.\n\n### FGA and Okta FGA\n\n**FGA (Fine-Grained Authorization)** is about controlling _who can do what_ with _which resources_, down to an individual level. In a typical role-based system, you might say, “Admins can see everything, and Regular Users can see some subset.” But in a real-world app—especially one that deals with many documents—this might not be flexible enough.\n\n**OpenFGA (and Okta FGA)** addresses this by letting you define authorization _relationships_. The relationships defined in the authorization model can be either direct or indirect. Simply put, direct relationships are directly assigned between a consumer and a resource (we call them user and object) and stored in the database. Indirect relationships are the relationships we can infer based on the data and the authorization model.\n\nIf you would like to learn the basics of using FGA for RAG, check out this blog post on [RAG and Access Control: Where Do You Start?](https://auth0.com/blog/rag-and-access-control-where-do-you-start/).\n\n\u003cinclude\n src=\"LinkCard\"\n title=\"RAG and Access Control: Where Do You Start?\"\n link=\"https://auth0.com/blog/rag-and-access-control-where-do-you-start/\"\n description=\"Learn how to get started with Okta FGA for a RAG application.\"\n img=\"https://images.ctfassets.net/23aumh6u8s0i/79NCborGcFIrAMeaV7G8oi/f9c588c2d05f0828d447e72e1fe825cc/Latam01.jpg\"\n/\u003e\n\n## Implementation: Step-by-Step\n\nBelow is a sample setup in Python. We’ll keep it simple so you can see the big picture. Feel free to adapt for your chosen LLM or a more robust data store.\n\n### Set Up Prerequisites\n\nTo follow this tutorial and secure your application, you’ll need the following:\n\n* Python 3.8.1 or newer.\n* An Okta FGA account. If you don’t have one, you can [create one for free](https://dashboard.fga.dev/).\n* An [OpenAI account and API key](https://platform.openai.com/).\n\n### Download and install the sample code\n\nTo get started, clone the[ auth0-ai-samples](https://a0.to/auth0-ai-samples) repository from GitHub:\n\n```\ngit clone https://github.com/auth0-samples/auth0-ai-samples.git\ncd auth0-ai-samples/authorization-for-rag/langchain-python\n# Create a virtual env\npython -m venv venv\n# Activate the virtual env\nsource ./venv/bin/activate\n# Install dependencies\npip install -r requirements.txt\n```\n\nThe application is written in Python and is structured as follows:\n\n* `main.py` \u0026mdash; The main entry point of the application, and it is where we define the RAG pipeline\n* `docs/*.md` \u0026mdash; Sample markdown files to be used as context for the LLM. There are two types of docs, public and private. Private documents are only accessible to certain individuals.\n* `helpers/memory_store.py` \u0026mdash; Creates an in-memory vector store that acts as the base retriever in the chain.\n* `helpers/read_documents.py` \u0026mdash; Utility to read the markdown files from the `docs` folder.\n* `scripts/fga_init.py` \u0026mdash; Utility to initialize the OktaFGA authorization model and sample data.\n\n### RAG Pipeline\n\nThe `main.py` file defines the RAG pipeline using `Langchain` to interact with the underlying LLM model and retrieve data from our context. In your project, your data may be sourced from different platforms and systems, make sure you check the proper documentation about [loaders in the Langchain ecosystem](https://python.langchain.com/v0.1/docs/modules/data_connection/).\n\nThe following diagram represents the RAG architecture we are defining:\n\n\n\nNow let’s talk Python:\n\n```python\nclass RAG:\n def __init__(self):\n documents = read_documents()\n self.vector_store = MemoryStore.from_documents(documents)\n self.prompt = ChatPromptTemplate.from_template(\n \"\"\"You are an assistant for question-answering tasks. Use the following pieces of retrieved context to answer the question. If you don't know the answer, just say that you don't know. Use three sentences maximum and keep the answer concise.\\\\nQuestion: {question}\\\\nContext: {context}\\\\nAnswer:\"\"\"\n )\n\n self.llm = ChatOpenAI(model=\"gpt-4o-mini\")\n\n def query(self, user_id: str, question: str):\n chain = (\n {\n \"context\": FGARetriever(\n retriever=self.vector_store.as_retriever(),\n build_query=lambda doc: ClientBatchCheckItem(\n user=f\"user:{user_id}\",\n object=f\"doc:{doc.metadata.get('id')}\",\n relation=\"viewer\",\n ),\n ),\n \"question\": RunnablePassthrough(),\n }\n | self.prompt\n | self.llm\n | StrOutputParser()\n )\n\n return chain.invoke(question)\n```\n\nLet’s break that down.\n\nThe `RAG` class first initializes a vector store and reads the documents using the helper functions. It also defines a system prompt for our use case and the LLM model in use, in our case, `gpt-40-mini`.\n\nThe class also defines a method query that builds the chain by piping the `FGARetriever` instance with the prompt and the LLM model. `FGARetriever` is provided by the [Auth0 AI SDK for Python](https://github.com/auth0-lab/auth0-ai-python).\n\nThe `FGARetriever` is designed to abstract the base retriever from the FGA query logic. The `build_query` argument lets us specify how to query our FGA model, in this case, by asking if the user is a viewer of the document.\n\n```python\nbuild_query=lambda doc: ClientBatchCheckItem(\n user=f\"user:{user_id}\",\n object=f\"doc:{doc.metadata.get('id')}\",\n relation=\"viewer\",\n),\n```\n\nWith this design, you can plug any Langchain retriever, combined with checks for any FGA model query.\n\n### Create an OktaFGA Account\n\nIf you already have an [Auth0 account](https://auth0.com/), you can use the same credentials to log in to the Okta FGA dashboard at [https://dashboard.fga.dev](https://dashboard.fga.dev/). If you don't have an Auth0 account, hop over to [https://dashboard.fga.dev](https://dashboard.fga.dev/) and create a free account.\n\nOnce you are logged in, you should see a dashboard similar to the one below.\n\n\n\n\u003e When you log into the Okta FGA dashboard for the first time, you may be asked to create a new store. This store will serve as the home for your authorization model and all the data the engine requires to make authorization decisions. Simply pick a name and create your store to get started.\n\n### Create an OktaFGA Client\n\nOnce you are in the dashboard, you’ll need a client to make API calls to OktaFGA. To create a client, navigate to **Settings**, and in the **Authorized Clients** section, click **Create Client**. Give your client a name, mark all three client permissions, and then click **Create**.\n\n\n\nWhen you create the client, OktaFGA will provide you with some data like a Store ID, a Client ID and a Client Secret. Don’t close that yet, you’ll need those values next.\n\nAt the root of the project, there’s a `.env.example` file. Copy the file and paste it as `.env`. Then, open the file and edit the three FGA-related variables with the values provided by OktaFGA. When you are ready, click continue, and the modal will display the values for the missing variables (`FGA_API_URL` and `FGA_API_AUDIENCE`).\n\nAt this step, you can also add your [OpenAI API Key](https://help.openai.com/en/articles/4936850-where-do-i-find-my-openai-api-key), which you’ll need to run the demo.\n\n### Configure the OktaFGA model\n\nNow that the application is set up, you can run the provided script to initialize the model and some sample data. To set things up, run:\n\n```\npython ./scripts/fga_init.py\n```\n\nYou can verify that the script worked by navigating to the model explorer page in OktaFGA. The following model should now have been created:\n\n```\nmodel\n schema 1.1\n\ntype user\n\ntype doc\n relations\n define owner: [user]\n define viewer: [user, user:*]\n```\n\n\u003e You can visit the OktaFGA documentation to learn more about [modeling OktaFGA and creating an authorization model](https://docs.fga.dev/modeling).\n\nOn top of the model, the script also created two tuples. Tuples in OktaFGA define the relationships between the types.\n\nFirst, it defined a tuple to give all users access to the public doc:\n\n- **User** :` user:*`\n- **Object** : `public-doc`\n- **Relation** : `viewer`\n\nThen, it created a second tuple to give the admin user access to the private doc:\n\n- **User** :` user:admin`\n- **Object** : `private-doc`\n- **Relation** : `viewer`\n\n\u003e You can visit the OktaFGA documentation to learn more about [tuples and how to create them](https://docs.fga.dev/content/getting-started/new-getting-started#add-tuples).\n\n### Query the Chain\n\nInvoke the chain to process a query and generate a response.\n\n```python\nrag = RAG()\n\nquestion = \"What is the forecast for ZEKO?\"\n\n# Juan only has access to public docs\nresponse = rag.query(\"juan\", question)\nprint(\"Response to Juan:\", response)\n\n# Admin has access to all docs\nresponse = rag.query(\"admin\", question)\nprint(\"Response to Admin:\", response)\n```\n\nFantastic! You now know how to build and scale a secure RAG with Python and LangChain. It’s time to test things out.\n\nTo run the chain, simply call the `main.py` file:\n\n```\npython main.py\n```\n\nIf you follow the steps, you’ll see a response like the following:\n\n```\nResponse to Juan: The retrieved context does not provide any specific forecast or predictions for ZEKO (Zeko Advanced Systems Inc.). It mainly outlines the company's mission, technologies, and products without detailing any financial or market forecasts. Therefore, I don't know the forecast for ZEKO.\n\nResponse to Admin: The forecast for Zeko Advanced Systems Inc. (ZEKO) for fiscal year 2025 is generally bearish. Projected revenue growth is expected to remain subdued at 2-3%, with net income growth projected at 1-2%, primarily due to margin pressures and competitive challenges. Investors should be cautious, given the potential headwinds the company faces.\n```\n\nAs you can see, `Juan` couldn’t retrieve any “protected” data, while the user `admin` got an accurate response to the prompt.\n\n## Conclusion\n\nYou’ve seen how to build a **secure** RAG system that respects user permissions at the **document level** using **OpenFGA**. This approach prevents data leaks, meets security and compliance requirements, and stays flexible—perfect for businesses dealing with a large pool of sensitive information.\n\nFeel free to adapt this flow for other vector stores, different LLM providers, or your own organizational rules. By coupling RAG’s retrieval power with fine-grained authorization, you’ll build AI-driven apps that are both insightful and safe.\n\nBefore you go, we have some great news to share: we are working on more content and sample apps in collaboration with amazing GenAI frameworks like [LlamaIndex](https://www.llamaindex.ai/), [LangChain](https://www.langchain.com/),[ CrewAI](https://www.crewai.com/), [Vercel AI](https://sdk.vercel.ai/), and others. \n\n[Auth for GenAI](https://a0.to/ai-content) is our upcoming product to help you protect your user's information in GenAI-powered applications.\n\nMake sure to join the [Auth0 Lab Discord server](http://a0.to/auth0-lab-discord) to hear more and ask questions.\n\nHappy coding!","dateCreated":"2025-02-12T16:19","dateLastUpdated":"2025-03-12","readTime":10,"formattedDate":"Mar 12, 2025"}],"featuredData":[{"path":"auth-for-genai","title":"Auth0 Announces Auth for GenAI","category":["Announcements","Company News","GenAI"],"heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/5o60LaB7RltcyovB7KeYEz/b25c100c9d5d40e8c2341ec7abcc4d28/Auth_for_GenAI_hero.jpg","size":{"width":1176,"height":1056}},"tags":["auth","genai","ai"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"3uaDldQ6zgRfE431oqNEEU","type":"Entry","createdAt":"2021-03-22T08:21:31.988Z","updatedAt":"2024-09-25T15:19:45.106Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":32,"revision":6,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"shiven-ramji","name":"Shiven Ramji","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"50RKuBnk9M61me6D5SQtya","type":"Asset","createdAt":"2021-03-22T08:41:44.139Z","updatedAt":"2021-03-22T08:41:44.139Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"shiven_ramji","description":"shiven_ramji avatar","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/50RKuBnk9M61me6D5SQtya/4549e3c66c49218997ced2412e20b38a/shiven_ramji","details":{"size":16343,"image":{"width":150,"height":150}},"fileName":"shiven_ramji","contentType":"image/jpeg"}}},"lastUpdatedBy":"Robertino Calcaterra","email":"shiven.ramji@auth0.com","twitter":"https://twitter.com/thinkshiv","linkedin":"https://www.linkedin.com/in/shivenramji","type":"Auth0 Employee","jobTitle":"President, Customer Identity Cloud","description":"Shiv is an experienced product executive and builder obsessed with creating beautiful products. He is the President of Customer Identity at Okta, managing a $1B ARR business and overseeing the company’s product, data, security, and technology strategy and execution. Before Auth0 and Okta, Shiv was the SVP of Product at DigitalOcean, leading DigitalOcean’s products, pricing, and partnerships. Additionally, Shiv has held product leadership positions at global brands, including Amazon, NBCUniversal, LiveIntent, and The Nielsen Company. Shiv was the recipient of the 2023 Top Global CPO Award by the Products That Count community. \n\nBeyond his current corporate focus, Shiv is deeply committed to fostering entrepreneurship and innovation, particularly in Africa. He is an active angel investor and startup advisor and also serves on the boards of [Products That Count](https://productsthatcount.com/) and [Aiven.io](http://Aiven.io)."}}],"dateCreated":"2025-01-08T16:08","postContent":"## The Future is Generative AI\n\nGenerative AI has exploded over the past year with the experimentation and adoption of LLMs. The Generative AI industry will continue to grow exponentially, with citing the 2022 market size of $40 billion could grow to $1.3 trillion over the next 10 years. ([Bloomberg Intelligence](https://www.bloomberg.com/company/press/generative-ai-to-become-a-1-3-trillion-market-by-2032-research-finds/), 2023).\n\nThis accelerated growth can also be seen in open source. Github reported that between 2023 and 2024, there were over 137,000 new public Generative AI projects on their platform—a 98% growth increase in just one year. ([Github, 2024)](https://github.blog/news-insights/octoverse/octoverse-2024/) The signs clearly show increased developer interest and understanding of Generative AI's positive impact on application features and on helping developers build applications.\n\n\n\u003ccenter\u003e[Github, 2024](https://auth0.com/resources/whitepapers/broken-auth-checklist)\u003c/center\u003e\n\n\u003e This increased interest and understanding is rapidly materializing into an explosion of [an ecosystem of agents](https://x.com/JayaGup10/status/1852148821389934921), proving that enterprises and start-ups across industries are betting on agents to drive efficiency, innovation, and growth.\n\n\n\u003ccenter\u003e[Jaya Gupta](https://x.com/JayaGup10) on X post (10/31/24)\u003c/center\u003e\n\n\nFor some time, LLMs have proven valuable in assisting developers by automating repetitive coding tasks, improving productivity, and saving time. However, the growth of Generative AI extends far beyond LLMs. We’re starting to see the emergence of interconnected AI programs that integrate into our applications and act autonomously on our behalf to optimize how we work and reduce time to value. For example, Salesforce has announced [Agentforce](https://www.salesforce.com/in/agentforce/), an AI agent solution providing customers and employees with specialized, always-on customer success capabilities. (Salesforce, 2024) Also, [crew.ai](https://www.crewai.com/) is a wholly dedicated platform for implementing and managing multi-agent workflows, and frameworks like [Langchain](https://www.langchain.com/agents) are bringing agents to the forefront. (CrewAI, 2024; Langchain, 2024) These are just a few examples of this bet on agents coming to fruition. \n\n## Introducing Auth for GenAI\n\nWe are excited to announce **Auth for GenAI**, an upcoming Auth0 product for developers building applications with Generative AI, like chatbots and AI agents. This capability will enable developers to confidently work alongside these chatbots and AI agents to build easily and securely.\u003cbr\u003e\u003cbr\u003e\nWe have been working with experts, experimenting, and watching the industry closely to identify four requirements for successfully and securely building GenAI into your applications where identity is crucial. Auth for GenAI aims to solve all four requirements, helping development teams make their Generative AI apps production ready.\n\n* **Authenticate Users:** User Authentication remains essential because Generative AI agents or applications still need to know who the user is.\n* **Call APIs on Users’ Behalf:** AI agents connect to far more apps than a typical web application. However, agents don't need user interfaces; they only need APIs. As Generative AI apps integrate with more products, calling APIs on behalf of those users will become critical.\n* **Authorization for Retrieval Augmented Segmentation (RAG):** Almost all Generative AI applications use RAG and feed information to AI models from multiple systems. To avoid sensitive information disclosure, all data fed to AI models must be data the user has permission to access.\n* **Async Interactions:** AI agents may take hours or days to complete tasks or wait for complex conditions to be met. In those cases, humans will not wait for the AI agent to respond in front of a chat window.\n\nAuth for GenAI will address those challenges through the following features:\n\n\n\nHead to [Oktane on Demand](https://www.okta.com/oktane/2024/sessions/keynote-secure-engaging-developer-friendly-customer-identity-its-possible/) to watch the Keynote from Oktane this year- “Secure, Engaging, Developer-Friendly Customer Identity,” where we announced Auth for GenAI and showed a demo.\n\n## Join the** [Waitlist](http://auth0.ai/) Now!\n\nHead to [demo.auth0.ai](http://demo.auth0.ai/) to try the demo. If you want to be the first to know when Auth for GenAI is available for Early Access, join the waitlist at [auth0.ai](http://auth0.ai/). The code is also open source and is available on [Github](https://github.com/auth0-lab/market0) for immediate access.\n\nWe look forward to seeing what you will build with Auth for GenAI.","readTime":4},{"path":"new-auth0-extension-for-netlify-available-now","title":"New Auth0 Extension for Netlify: Available Now","category":["Announcements","Company News","Extension"],"heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/1mUMR0A8KINhJK2yxzPTMI/efff7a59b80db46882bc1d9649bc7851/Co-Branded_Template_-_Image___Gradient_melon_-_600x456.png","size":{"width":600,"height":456}},"tags":["netlify","auth0","iam"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"6KmKkQ19xLww04sIfagYsz","type":"Entry","createdAt":"2023-04-10T16:28:26.328Z","updatedAt":"2024-07-24T16:56:13.319Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":10,"revision":2,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"calah-vargas","name":"Calah Vargas","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"6DYRVjtEDr45vRaSLHccqm","type":"Asset","createdAt":"2023-04-10T16:28:07.632Z","updatedAt":"2023-04-10T16:28:07.632Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"Calah Vargas","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/6DYRVjtEDr45vRaSLHccqm/97a28a4455d1600d65119516aa31ac02/Calah_Vargas.jpeg","details":{"size":21950,"image":{"width":512,"height":512}},"fileName":"Calah Vargas.jpeg","contentType":"image/jpeg"}}},"lastUpdatedBy":"Flor Caputti","email":"calah.vargas@okta.com","twitter":null,"github":null,"linkedin":null,"isPopular":false,"personalWebsite":null,"type":"Auth0 Employee","jobTitle":"Associate Manager, PLG","description":"Calah Vargas is the Associate Manager of Product Led Growth, focusing on nonprofits, startups, and partnerships. She works on product marketing and customer marketing initiatives. Outside work, you can find her cooking, trying new restaurants, and traveling with friends and family."}}],"dateCreated":"2025-03-11","postContent":"**TL;DR:** [New Auth0 Extension](https://www.netlify.com/integrations/auth0/) for Netlify: Available Now. We’ll go over why we partnered with Netlify and share resources to help you build and deploy an app.\n\n## Why Should I Choose Auth0?\n\nA secure login experience and access management are at the core of any application with users. Auth0 is a comprehensive auth solution built for developers with evolving needs. With Auth0, you can get your app to market fast by quickly turning on core features, enabling a secure experience for your users, and customizing experiences when your app’s needs change. \n\n## What is Netlify, and Why Did We Choose to Partner Together? \n\n[Netlify’s](https://www.netlify.com/) platform allows you to build highly performant and dynamic websites, e-commerce stores, and web applications. It also unites an extensive ecosystem of technologies, services, and APIs into one workflow to unlock team productivity. Integrating with a third-party platform like Auth0 allows Netlify users to deploy any modern frontend stack safely and securely. \n\nWe both share a commitment to an excellent developer experience, so this partnership is a great fit. This extension allows you to leverage Netlify to innovate, scale, and ship while relying on Auth0 to enhance security and a great user experience. \n\n## Let’s Start Building with Auth0 and Netlify\n\nChallenge: You’re looking to add authentication to your Netlify site easily.\n\nSolution: Use this new extension to add authentication to your Netlify site and connect your Auth0 tenants to your Netlify account dashboard. \n\nThis [guide](https://developers.netlify.com/guides/getting-started-with-the-new-auth0-extension-on-netlify/) will include instructions on how to set up the following while using the web framework Astro:\n\n* Authentication flows for login/logout\n* An Auth0-protected serverless function for serving user information\n\n\u003e [Let’s dive in here](https://developers.netlify.com/guides/getting-started-with-the-new-auth0-extension-on-netlify/).\n\nOnce complete, you will have built a static site and enabled the Auth0 extension. Congrats on successfully authenticating your new website! 🎉\n\n## Have Questions?\n\nIf you want to learn more, check out the new [Netlify documentation](https://docs.netlify.com/integrations/auth0/). Share your thoughts on the guide [here](https://developers.netlify.com/guides/getting-started-with-the-new-auth0-extension-on-netlify/#guide-feedback-form).\n\n\nHappy building!\n\n_This blog may contain hyperlinks to non-Okta websites that are created and maintained by third parties who are solely responsible for the content on such websites._","readTime":2},{"path":"auth0-plans-got-an-upgrade","title":"Level Up: Auth0 Plans Just Got an Upgrade","category":["Announcements","Company News","Plans"],"heroImage":{"url":"https://images.ctfassets.net/23aumh6u8s0i/6fjXeiKm0cnBhKSstu382A/6e93da722d4f0bca241ff54b6f3f93bb/auth0-hero-announcement.jpg","size":{"width":1176,"height":1156}},"tags":["auth0","plans","free","enterprise"],"authors":[{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"3uaDldQ6zgRfE431oqNEEU","type":"Entry","createdAt":"2021-03-22T08:21:31.988Z","updatedAt":"2024-09-25T15:19:45.106Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":32,"revision":6,"contentType":{"sys":{"type":"Link","linkType":"ContentType","id":"author"}},"locale":"en-US"},"fields":{"path":"shiven-ramji","name":"Shiven Ramji","avatar":{"metadata":{"tags":[],"concepts":[]},"sys":{"space":{"sys":{"type":"Link","linkType":"Space","id":"23aumh6u8s0i"}},"id":"50RKuBnk9M61me6D5SQtya","type":"Asset","createdAt":"2021-03-22T08:41:44.139Z","updatedAt":"2021-03-22T08:41:44.139Z","environment":{"sys":{"id":"master","type":"Link","linkType":"Environment"}},"publishedVersion":2,"revision":1,"locale":"en-US"},"fields":{"title":"shiven_ramji","description":"shiven_ramji avatar","file":{"url":"//images.ctfassets.net/23aumh6u8s0i/50RKuBnk9M61me6D5SQtya/4549e3c66c49218997ced2412e20b38a/shiven_ramji","details":{"size":16343,"image":{"width":150,"height":150}},"fileName":"shiven_ramji","contentType":"image/jpeg"}}},"lastUpdatedBy":"Robertino Calcaterra","email":"shiven.ramji@auth0.com","twitter":"https://twitter.com/thinkshiv","linkedin":"https://www.linkedin.com/in/shivenramji","type":"Auth0 Employee","jobTitle":"President, Customer Identity Cloud","description":"Shiv is an experienced product executive and builder obsessed with creating beautiful products. He is the President of Customer Identity at Okta, managing a $1B ARR business and overseeing the company’s product, data, security, and technology strategy and execution. Before Auth0 and Okta, Shiv was the SVP of Product at DigitalOcean, leading DigitalOcean’s products, pricing, and partnerships. Additionally, Shiv has held product leadership positions at global brands, including Amazon, NBCUniversal, LiveIntent, and The Nielsen Company. Shiv was the recipient of the 2023 Top Global CPO Award by the Products That Count community. \n\nBeyond his current corporate focus, Shiv is deeply committed to fostering entrepreneurship and innovation, particularly in Africa. He is an active angel investor and startup advisor and also serves on the boards of [Products That Count](https://productsthatcount.com/) and [Aiven.io](http://Aiven.io)."}}],"dateCreated":"2024-09-24T09:00","postContent":"Auth0’s vision is to free any consumer or SaaS application user to safely use any technology. This means giving developers the products that make building, deploying, and scaling applications easy. In the last few years, we’ve added more capabilities that allow developers to battle malicious attacks and attackers. \n\nToday, we’re excited to announce the expansion of the [Auth0 free tier and pricing plans](https://auth0.com/pricing). This makes it even easier for developers to defend against increasingly sophisticated attacks on their customers’ identities and build the next generation of applications securely and reliably.\n\n**TL;DR:**\n\n* Our free plan now includes:\n\n * 25,000 MAUs so you can scale.\n * Unlimited[^1] Okta Connections \u0026 Unlimited[^1] Social Connections so users can easily access your app. \n * A [custom domain](https://auth0.com/docs/customize/custom-domains) so you can fully brand your authentication.\n * [And more](#Here-s-All-the-Changes-on-Our-New-Free-Plan)...\n\u003cbr\u003e\u003cbr\u003e\n* Our paid plans now include:\n\n * 10 [Organizations](https://auth0.com/docs/manage-users/organizations) on B2C Plans and Unlimited[^1] on B2B Plans so you can better manage your customers and partners.\n * Increased MFA offerings so you can mitigate the growing threat of AI-based attacks.\n * The ability to get up to 15 Enterprise Connections in B2B Pro via add-ons, so you get more seamless integration across apps.\n * [And more](#We-ve-Also-Got-You-Covered-as-You-Grow-Your-Applications-and-Customers)...\n\n## Here’s All the Changes on Our New Free Plan\n\nOn the new Free Plan, we’ve increased the number of MAUs from 7,500 to 25,000. In addition, you now have unlimited[^1] social and Okta connections. You are also now able to add Organizations and Passwordless authentication to your apps, alongside configuring your own domain. With these updates, you can now scale your app to a larger audience with higher MAUs, enhance your brand identity with your own custom domain, and implement even more social features for your users, all while enabling your users' data to remain secure.\n\n\n\n## We’ve Also Got You Covered as You Grow Your Applications and Customers\n\nOur new Essentials and Professional Plans have also expanded to help you scale and embed security in your app. Organizations are now included in every plan. Unlimited[^1] Okta connections are now included in all B2C and B2B plans. B2B Pro plans include 5 Enterprise Connections, plus you can add up to a total of 15. Both B2B and B2C Essential plans include custom signup/login. We’ve also increased MFA offerings: both Essentials plans now include Pro MFA, and our Pro plans now include [Enterprise MFA](https://auth0.com/docs/secure/multi-factor-authentication). These updates enable you to have robust security, easily integrate applications with the Okta Workforce Identity Cloud, and better manage your users.\n\nBelow are the changes to our paid plans:\n\n\n\n\n\n## Bringing It All Back to You\n\nWe hope that these changes make it easier to build, deploy, and scale your app at your pace with the tools you need. If you’re an early-stage company, check your eligibility for our [Auth0 for Startups program](https://auth0.com/startups). We are also proud to offer [preferential pricing for nonprofits](https://auth0.com/nonprofits)—making the leading Identity service even more accessible.\n\nHappy building.\n\nAuth0 now; thank yourself later.\n\n## FAQ:\n\n* **When will the new self-service plans be available?** \n * All plan updates listed here are available as of September 24th, 2024! Start your free trial [here](https://auth0.com/signup) today.\n\n* **Where can I learn more about this?** \n * Please visit our [pricing page](https://auth0.com/pricing) to learn more about our plan offerings. Our updated Terms of Service can be found [here](https://www.okta.com/auth0-pss-self-service/).\n\n* **As an existing customer, how do I get access to the new features?** \n * If you're on a free plan, your entitlements will be automatically applied. If you're on an Enterprise contract, please reach out to your Auth0 account team and they will walk you through your changes.\n\n* **What if I have multiple tenants on separate plans?** \n * Tenants will need to be grouped via [Auth0 Teams](https://auth0.com/docs/get-started/tenant-settings/auth0-teams#access-the-teams-dashboard).\n\n* **What kind of support is available with these plans?**\u003cbr\u003e\nDon't worry, we've got your back in the same places you've come to expect.\n * Free plan: please reach out for support on the [Auth0 Community](https://community.auth0.com/).\n * Paid plans: please submit a ticket via the [Auth0 Support Center](https://support.auth0.com/).\n\n* **Why do I need to add my credit card details when adding a custom domain on the free plan?**\n * While a credit card is not required to use the free plan, you will have to add one in order to add a custom domain, purely for validation purposes to prove you are human. If you do enter your credit card information to add a custom domain, rest assured you will never be charged.\n\n* **I’m an existing customer, but not on a B2C or B2B plan. How can I take advantage of the new plans?**\n * You will need to change to a new plan under subscriptions settings in your dashboard, whether you choose to move to the Free Plan or one of our Paid Plans. \n\n[^1]: _subject to system limitations_","readTime":5}],"authorsData":[{"path":"andrea-chiarelli","name":"Andrea Chiarelli","jobTitle":"Principal Developer Advocate","avatar":{"url":"https://images.ctfassets.net/23aumh6u8s0i/20yAvTcosk60ReBcBSlaOJ/be0d3d390368edf9cdf3d50e76207164/andrea-chiarelli","size":{"width":400,"height":400}}},{"path":"carla-stabile","name":"Carla Urrea Stabile","jobTitle":"Senior Developer Advocate","avatar":{"url":"https://images.ctfassets.net/23aumh6u8s0i/6oI6DnEu4CJzuVTSALAOAt/e03a3bab4b7630cb586241beffac84b8/carla_urrea.jpg","size":{"width":300,"height":300}}},{"path":"dan-arias","name":"Dan Arias","jobTitle":"Staff Developer Advocate","avatar":{"url":"https://images.ctfassets.net/23aumh6u8s0i/6WmRCtZz0eDp6KE7pw8cJ3/7329ebb6302316cab8f55705100abab5/37590801_s_460_v_4","size":{"width":298,"height":298}}},{"path":"deepu-sasidharan","name":"Deepu K Sasidharan","jobTitle":"Staff Developer Advocate","avatar":{"url":"https://images.ctfassets.net/23aumh6u8s0i/1fApVZwDd5MqC86klNgqxA/8723248ab3b90d30b32f55cc7287f87c/deepu-sasidharan.jpg","size":{"width":750,"height":750}}},{"path":"jessica-temporal","name":"Jessica Temporal","jobTitle":"Sr. Developer Advocate","avatar":{"url":"https://images.ctfassets.net/23aumh6u8s0i/6Htsovalw75dpOr4QKy5pa/4c44590856dcbde17d839c5608129ee7/jess-author.png","size":{"width":460,"height":460}}},{"path":"juan-cruz-martinez","name":"Juan Cruz Martinez","jobTitle":"Staff Developer Advocate","avatar":{"url":"https://images.ctfassets.net/23aumh6u8s0i/5b3YvfAb53h2I5U6uanww4/f1dfa0e19f15f5df8eacd53f78a813f6/jcm.jpeg","size":{"width":400,"height":400}}}],"tags":["auth0","dashboard","docs","japan","organization","openfga","fga","ai","security","product","netlify","iam","rag","langchain","langgraph","user-experience","authorization","ciba","agent","identity","aaa","authentication","okta","learning","developer experience","idaas","aws","api","agents","organizations","dotnet","blazor","b2b","saas","auth0-organizations","multitenancy","tool-calling","token-exchange","ai-agents","ciam","innovation","Identity","solutions","hri","llamaindex","logout","ruby","rails","decoupled-authentication","rebac","rbac","flask","python","mindfuel","actions","datadog","auth","genai","stigg","integration","billing","passkeys","android","otp","password","cypress","test","login","automation","pap","protocol","oauth2","csrf","google","single-tenant","multi-tenant","access-control","highly-regulated-identity","byok","cyok","sso","single-sign-on","terraform","native-login","multi-tenancy","architecture","oidc","par","pushed-authorization-requests","oauth","m2m","startups","scim","abac","gke","java","microservices","aspnet-core","aspnet","proxy","load-balancer","container","releases","form","provider","idp","identity-provider","oktane","session","access","access-token","bearer-token","token","developer","authtoberfest","plans","free","enterprise","rest","amazon","forms","fido-credentials","verification","kubernetes","jhipster","artificial-intelligence","llm","devday","nodejs","attacks","species360","vercel","private-jwt-authentication","jwt","developer-day","early access","ea","access token","rfc9068","sca","strong-customer-authentication","okta-fga","okta fga","universal-login","saastart","mfa","spring-boot","auth0-templates","templates","session-management-api","management-api","plan","swift","mobile","native","refresh-token","refresh","bff","backend-for-frontend","ansible","devops","action","cli","nextjs","javascript","verifiable","credentials","spring","openid-connect","pkce","blazor-server","blazor-wasm","biometrics","marketplace","passkey","migration","risks","productivity","template","post-quantum","cryptography","hashing","nist","apple","vision","react","sdk","experience","teams","tenants","signup","engineering","woman","tech","webauthn","fido","passwordless","passwords","maui","earlyaccess","startup","blazor-webassembly","management","community","rules","hooks","tools","fido2","dpop","honeytokens","screenly","auth0-cli","release","announcement","next.js","aspnet-core-identity","cookie","id","partner","api-key","developers","fingerprint","keycloak","liquid","html","ab-test","performance",".net","customizations","vittorio","browse-ai","brand","spring-cloud","spring-cloud-config","auth0-community","ama-series","ask-me-anything","features","catalysts-program","pricing","bonfida","solana","public-cloud","private-cloud","react-native","typescript","ios","idme","json-web-token","laravel","no-code","kotlin","chatgpt","role","control","scopes","node","node18","developerday","metadata","customer-identity","demos","springboot","single-logout","customer-data","recidiviz","safebase","angular","crud","technology","azure","azure-swa","azure-static-web-apps","catalyst","jetty","date","time","akto","itl","thread","cloud-native","history","hypotenuse","uk","cloud","accesibility","owasp","quality","sinatra","tls","blockchain","web3","jakartaee","dotnet-maui","id-token","secure-storage","blazor-maui","blazor-hybrid","library","nfts","ens","ethereum","ageware","captcha","bot","bot-protection","vue","pangea","social-connection","mastodon","social","twitter","social-media","security-keys","yubikey","integrations","darkmode","design","job","market","dotnet-7","web-api","sealed-secrets","devsecops","Iuncta","mongodb","nocode","healthcare","program","digitalocean","vault","unstoppable","domains","js","scripts","encryption","desktop","anonomatic","ecommerce","retail","schematics","pulumi","infrastructure","microfrontends","code","repository","report","log-streaming","flutter","post-login","value","public-sector","applications","saml","web","errors","http","express","streamlit","partners","https","ssl","research","cdp","deduce","platform","haventec","multi-cloud","privacy","cla","contributor","license","agreement","public","sector","xss","csp","ebook","replatforming","detection","asp.net","razor","razor-pages","risk","data-protection","business","ionic","barcelona","office","ngxs","url","uri","urn","self-service","ttl","impact","auth0-actions","auth0-hooks","nft","cryptocurrency","spa","framework","components","dotnet-core",".net-core","web-development","wasm","webassembly","ncbi","ecosystem","roles","virtual-reallity","vr","social-impact","americorps","development","localhost","encoding","digital-transformation","govtech","modernization","data-location","customization","org","customer","ankita","tutorial","breaches","breach","commitment","services","php","lumen","kafka","restapi","module-federation","country","geolocation","geoblocking","id-tokens","auth0-rules","ably","silent-authentication","remote","work","trial","openid","webhooks","slack","skyscanner","KuppingerCole","Index","event","user-login","node-js","user-registration","fauna","db","status-code","401-status-code","403-status-code","forbidden","unauthorized","vulnerability","incidents","plivo","fine-grained","mvc","clojure","pedestal","guide","permissions","privileges","minimal-web-api","ngrx","rgnx","dotnet6","whats-new","csharp","supabase","latam","symfony","apache","tdd","testing","singpass","qr","hackathon","standard","rfc","reactjs","gartner","webapi","awards","bestplaces","employee","team","education","outages","protection","ransomware","phishing","smishing","cybersecurity","ncsam","registration","predictions","showcase","microsoft","database","postgresql","fastapi","svp","netcore","api-gateway","ocelot","microservice","zanzibar","academy","dart","refresh-tokens","ctf","game","boot","elk","lambda","public-key","private-key","koin","Injection","monorepo","nx","ux","design-pattern","smart","heathcare","iot","chalice","hr","hire","careers","pattern","golang","tinygo","async","await","async-programming","asynchronous-programming","email","github","lgpd","compliance","brazil","scc","europe","standards","svelte","state","netid","tactics","strategy","conferences","deployment","ktor","growth","lombok","solution","hacker","ethical-hacking","tweet","tweepy","databreach","attack","2fa","django","zappa","spraying","transactions","software","pyjwt","jwt tutorial","caching","clm","threats","type","low-code","agile","Insights","access-management","quarkus","secrets","managed-identities","azure-key-vault","specification","mattr","verificable-credentials","trusted-types","visualization","coding","rsocket","new","typing","crypto","regulation","best-places","redux","context","soc2","hipaa","hitech","vuejs","vuex","Survey","realtime","nanoservices","diversity","equity","inclusion","dei","Diversity","animations","cache","optimization","puppeteer-sharp","state-management","os","login-box","auth0-integrations","maturity","credential-stuffing","stuffing-attacks","identity-unlocked","podcast","india","acquisition","scalability","dev-rel","benefits","quantum","qubit","brick-and-mortar","state management","ecmascript","data","statistics","racism","values","health","covid","pandemic","command-line","terminal","assian","partnership","hiring","vp","playwright","secret","gpu","processing","guest-authors","blogging","inclusive","language","meetings","people","leadership","exif","images-process","mapstruct","ide","collisions","react-sdk","auth0-react-sdk","raspberry-pi","arduino","amido","availability","jameeka-green-aaron","ciso","cracking","vuepress","talent","award","ranking","g2","workforce","culture","csa","certification",".net-framework","cross-site-scripting","damage","project-template","company","iso27018","vertex","biometric","nest","full-stack","frontend","backend","prediction","best-companies","workplace","iso","data-breach","server","web-services","brexit","customers","directors","product-management","leader","cosmos-db","serverless","functional-programming","lisp","advent-of-code","code-puzzle","coding-contest","phpunit","fraud","data-breaches","communication","mfa-adaptive","spa-authentication","evolution","resilience","settings","https-downgrade","identity-management","ccpa","cpra","emea","refactoring","third-party-assets","third-party-dependency","gnap","validation","deloitte","custom-databases","sumo-logic","salesforce","subaru","client-credentials-grant","access-tokens","composition-api","c#","pci","signals","clickjacking","graphql","injection","bcp","crowdsource","application","believe","emphasize","enviroment","username","signify","component","facebook","agility","slice","multifactor-authentication","authenticator-apps","identity-access-management","security-access","cross-site-request-forgery","appi","data-privacy","laws","carolyn-moore","auth0-marketplace","identity-proofing","caisson","iddataweb","onfido","vouched","build","identity-services","auth0-org","pledge","tides-foundation","consent-management","onetrust","mylife-digital","digital-operations","retailers","stores","identity-platform","extensibility","social-login","corporate-network","network-security","express-openid-connect","vittorio-bertocci","identity-thought","vittorio-bertocci-identity","Identity-unlocked","identity-unlocked-podcast","unlocked","ping-identity","sender-constraint","bearer-tokens","tokens","key","keys","pop","proof-of-possession","mutual","mtls","detailed-proof-of-possession","laravel-8","laravel-jetstream","laravel-livewire","laravel-inertia","forbes","cloud-100","salesforce-ventures","forbes-cloud","2020-forbes","forbes-cloud-100","2020-forbes-cloud","100-private-cloud","2020-forbes-cloud-100","top-100-private-cloud","100-private-cloud-companies","private-cloud-companies-world","splunk","auth0-splunk","splunk-enterprise","splunk-phantom","omnichannel","multichannel","omnichannel strategy","customer service","customer experience","identity-podcast","learn-identity","identity-specs","rearchitecting","rehosting","cloud-migration","replatforming-cloud","replatforming-choose-cloud","cloud-migration-strategy","replatforming-choose-cloud-migration","choose-cloud-migration-strategy","cloud-migration-strategy-based","ciam-solution","privacy-laws","modern-ciam-solution","data-privacy-laws-gdpr","privacy-laws-gdpr-ccpa","idaas-providers","iam-systems","identity-access","multi-factor-authentication","user-management-access","boss","manager","people-issues","api-first","api-first-architecture","api-architecture","api-development","competitive-advantage","customer-experience","user","financial","banking","bank","fintech-companies","financial-services","online-banking","strong-security","online-banking-security","high-security-standards","customer-identity-access","customer-identity-access-management","access-management-strategy","malamteam","tase","auth0-malamteam","tel-aviv","stock-exchange","long-lived-sessions","best-practice","digital","transformation","business-goals","meaning-digital","transformation-myths","true-digital-transformation","digital-transformation-myths","digital-transformation-defining-business","transformation-defining-business-concepts","bot-detection","credential-stuffing-attacks","credential-stuffing-attack","work-at-auth0","engineer","recruiting-process","technical-position","hiring-process","vulnerabilities","attack-surfaces","brute-force-attack","covid-19","critical-young-startups","identity-solution-implement","events","auth0-hackathon","high-standards","sales-people","sales-guy","high-performing","careful-people-manager","people-manager-work","manager-work-tech","security-competency","aws-security","aws-security-competency","leaders","team-mission","people-product","leaders-responsibility","people-build-products","structure-empower-team","event-grid","sales","logs","streams","partner-program","auth0-identity-platform","profile","twitter-hacked","twitter-attack","schrems-2","personal-data","privacy-shield","lawfulness-transfers-countries-ecj","auth0-signals","ip-signals","email-signals","email-verification","broken-authentication","series-f","funding","unicorn","siwa","wwdc","native-apps","oss","custom","back-office","safety-employees","procedures","data breach","multi factor authentication","credential stuffing","sensitive data","email addresses","hackers","data-security","privacy-policy","hashicorp","cloud-infrastructure","infrastructure-as-code","iac","ruby-on-rails","secure-api","threat-coalition","cyber-threat","phishing-emails","internal-phishing","credential-theft","phishing-attacks","happening-in-this-country","racism-wrong","racism-respect","ahmaud-arbery","breonna-taylor","george-floyd","respect","us","screencloud","sms-mfa","sms-providers","coronavirus","biometric-authentication","facial-recognition","biometric-data","privacy-concerns","fingerprint-scanner","azure-event-grid","azure-event","auth0-log-events","saas-services","development-teams","development-survey","distributed","outsourced-to-cloud-services","cloud-services","es2020","atlassian","login-experience","productivity-software","security-platform","cloud-security","security-team","product-security","security-program","announcements","c-suite","real-time","version","update","streaming-services","streaming-media","netflix","quarantine","apac","asia-pacific","avocado","content","telemedicine","security-concerns","shift-left","lifecycle","gaming","challenges","exploits","mitigation","refresh-token-rotation","rust","product-design","business-continuity-plan","critical-functions","on-premises","automatic-migration","bulk-migration","password-migration","iam-solution","iam-platform","unit-test","integration-test","xunit","cross-team-collaboration","design-driven","zoom","virtual-background","equifax","children-privacy","services-online","telcos","2fa-requirement","authentication-free","free-tools-for-startups","merger-acquisition","user-migrations","startup-relief","auth0-startup","vue3","options-api","reactivity","remote-work","trust","jamstack","gatsby","deploy","instagram-api","facebook-api","user-account-linking","threat-intelligence","cyberattacks","ip-reputation","nfl","career","nfl-player","employers","best-startup","compiler","ivy","angular9","identity-solution","reduce-risk","aws-lambda","white-label","cognizant","managment","grpc","data-integration","remote-working","process-improvement","ftc","oracle","vscode","upgrade","dependency-injection","inversion-of-control","ioc","malam-team","rsa","cybersecurity-workforce","siemens","xamarin","executive","excellence","nest-js","identity platform","rxjs","promises","observables","mobx","store","seatle","best places to work","remote friendly","built in","sqli","hacking","conference","application-builders","assemble","application builders","australia","web-components","custom-elements","ic-consult-group","identity-managment","google vision api","guest author","gdpr","data protection","server-side","kenya","login experience","mongoose","passportjs","authentication architecture","modeling tool","auth0 explorer","risk-management","tooling","response","aws-services","eventbridge","singapore","client","r","session-tags","browser","cookies","upcoming changes","paywalls","media","infosec","sign in with apple","auth0 rules","handbook","identity-layer","spam","b2c","regulations","universal login","embedded","electron","vue.js","node.js","npm","leak","data-leak","id4me","press","germany","utilities","net","dotnetconf","web-app","ssr","server-side-rendering","national-cybersecurity-awareness-month","security-101","personal-security","auth0-flows","flows","channel","developer-experience","modalities","blog","women-who-code","bug-bounty","bugcrowd","sign-in-with-apple","open-id-connect","apple-id","multi-brand","cx","devices","long-lived sessions","asp-net","data-liability","data-design","e-commerce","accounts","restful","api-design","cfo","cpo","reactive","express.js","revenue","showroom","code-review","software-development","pull-request","software-engineering","mentor","mentorship","digital-business","kuppingercole","kuppinger-cole","leadership-compass","web-authentication","prevention","magic-quadrant","kiva","nonprofit","crowdfunding","b2b2c","progressive-profiling","line","obfuscation","confidentiality","integrity","authenticity","single-page-apps","mobile-app","b2e","crn","vendor","yld","streaming","tokyo","olympics","faceapp","set-up-authentication","gymshark","knowledge","industry","next","front-end","zeit","device-flow","seo","website","marketing","interview","experts","houston","account","pug","css","identity-cloud","roi","federated-identity","federation","management api","administrative","threat-detection","wordpress","material","material-design","music","ember","identicons","course","onboarding","input-constrained","input-constrained-devices","smart-devices","smart-tv","angularjs","identiverse","continuous-integration","ci","pipeline","jenkins","dev-ops","new-zealand","series-e","consumer","social graph","customer-success","progressive-profilling","alma-media","hasura","collaboration","apollo","heroku","ambassador","digital-ocean","cluster"],"totalAmountOfPosts":1803},"__N_SSG":true},"page":"/blog","query":{},"buildId":"fqTJ5IMwwhr2DeM4g1WmL","assetPrefix":"/blog","isFallback":false,"gsp":true,"customServer":true,"scriptLoader":[]}</script></body></html>