Photo

What the @#!? is Auth

Warren Parad

from Authress (Switzerland)

About speaker

CTO and Security Specialist @ Authress

Warren focuses on technology that helps teams automate security implementations. He has journeyed through many different locations, technologies, and industries from Health Care IT in Wisconsin to E-Commerce in Switzerland.

About speakers company

Authress provides the complete authentication and authorization solution to easily drop into the software you're building. It enables login integration, fine grained control over permissions, api keys as a service, secure identities, and everything else to solve identity for your application control plane. We've been building Authress for over 6 years in Switzerland, and have a very dedicated team focused on security and convenience.

Abstracts

specific

Authentication remains a complicated yet critical aspect of application security. In this talk, I'll demystify the core concepts, diving into access tokens, refresh tokens, and browser security mechanisms like WebAuthn for hardware-based authentication.
Additionally, I'll explore techniques such as session handling, revocation strategies, silent authentication for improved security UX, and the usage scopes for controlling access granularity, and common pitfalls associated with each.

Finally, I'll delve into JSON Web Tokens (JWTs), the use of EdDSA signatures for enhanced security and performance, as well as the common pitfalls that seasoned pro and newcomer alike struggle with when it comes to auth. Here I hope to equip everyone with some additional knowledge to navigate its complexities and build secure, user-friendly systems.

The talk was accepted to the conference program

other talks of this topic

Photo
How we elevated tracking data accuracy from ~60% to ~80%

Alina Krasavina

Delivery hero

broad
Photo
An Efficient Git Workflow For High-Stakes Projects

Vladislav Shpilevoy

VirtualMinds

specific
Photo
AI-driven unstructured data extraction using Apache Camel and LangChain4J

Alexandre Gallice

Red Hat

broad
Photo
Best Practices for Cloud Native End-User Authentication & Authorization in Kubernetes

Federico Fregosi

OpsGuru

broad
Photo
From null to applications on Kubernetes

Roberth Strand

Sopra Steria

specific
Photo
Empowering AI with AgenticRAG: Enhancing Knowledge Graph-Based Agents for Intelligent Decision-Makin

Siddhant Agarwal

Neo4j

broad
Photo
Collaborative applications and how to make them fast

Bartosz Sypytkowski

appflowy.io

specific
Photo
Sustainable IT in Startups: Applying Green Coding Principles for a Greener Future

Katharina Fetzer

hylane GmbH

broad
Photo
Algorithm Of Massively Parallel Networking In C++

Vladislav Shpilevoy

VirtualMinds

specific
Photo
Dynamic and programmable configuration for NGINX

Nick Shadrin

NGINX

specific
Photo
JavaScript is weird. MythBusters special.

Małgorzata Janeczek

Sector Alarm Tech

broad
Photo
How Unit Testing Saved My Career

Annelore Egger

OpenValue Switzerland

broad
Photo
Building My First Useful AI RAG App in Java and React in Just 3 Days

Vadzim Prudnikau

Trainitek

specific
Photo
The simple way to build a scalable and distributed storage system

Chris Lu

Roblox

broad
Photo
Sculpting Data for Machine Learning: Generative AI edition

Rishabh Misra

Attentive Mobile Inc

broad
Photo
Live-Coding: Master Anti-Ban & Web Scraping Techniques with Scrapoxy

Fabien Vauchelles

Scrapoxy

specific
Photo
Optimizing Performance with the Next.js Image Component: Beyond the Basics

Opemipo Disu

Latitude

specific
Photo
From React to Angular and Back: Cross-Framework Testing in Microfrontends

Shelly Goldblit

Dell Technologies

broad
Photo
Shared Code, Shared Success: Building Libraries Used by Multiple Projects

Vadzim Prudnikau

Trainitek

broad
Photo
Deep dive into the postgres index types

Jesús Espino

Mattermost Inc.

specific
Photo
UX at the centre of system development and design

Anesu Makwasha

Tose Technologies

specific
Photo
100 APIs, 1000 Headaches: Overcoming Data Transformation Challenges in API Integration

Pradeep Sharma

Independent

broad
Photo
Three Flavors of Pokémon - Framework Agnostic UI Testing

Shelly Goldblit

Dell Technologies

broad
Photo
Go performance profiling in theory and practice

Alexey Palazhchenko

FerretDB Inc.

broad
Photo
Beyond the Click: Exploring the Potential of Graph Neural Networks to Transform Recommendations

Mariia Bulycheva

Zalando

specific
Photo
From Hackathon to Production: Building an AI-Powered Security Development Platform

Lara Mossler

Airbnb

specific
Photo
Pros and Cons of Jetpack Compose Toolkit

Stevan Milovanovic

InterVenture

specific
Photo
Bridging the SQL Skills Gap: How LLM-Based Text-to-SQL Boosts Team Productivity

Sivan Biham

Healthy.io

specific
Photo
Beyond the Hype: Facing Micro Frontend Challenges in Large-Scale

Roei Berkovich

AppsFlyer

broad
Photo
Become a Gen AI Bot Master in Just 50 Minutes – No Kidding!!

Ambesh Singh

Visionet Systems Deutschland

broad
Photo
Throw exceptions... out of your codebase

Guillaume Faas

Vonage

specific
Photo
Achieving scalability with custom locks

Ivan Savu

VeloxDB

specific
Photo
QA Myths Busting: A Practical Guide to Higher Quality

Vitaly Sharovatov

Qase

broad
Photo
Why You Ignore Best Practices and How You Can Fix It

Annelore Egger

OpenValue Switzerland

broad
Photo
Quality Over Quantity - Active Learning Behind the Scenes

Sivan Biham

Healthy.io

specific
Photo
Optimizing Email Management with Azure AI: A No-Code Case Study

Dieter Gobeyn

Sdworx

specific
Photo
What information are package & container registries hiding from you?

Avi Press

Scarf

broad
Photo
Taking Shortcuts Beyond Your IDE

Annelore Egger

OpenValue Switzerland

broad
Photo
You don't need to implement GraphQL

Sefi Ninio

Tikal Knowledge

specific
Photo
Putting the asm in Wasm: from bytecode to native

Edoardo Vacchi

Tetrate

specific
Photo
Workshop: Master Anti-Ban & Web Scraping Techniques (2h)

Fabien Vauchelles

Scrapoxy

specific
Photo
C# 13 Unleashed: Live Demos of my Top 10 Cutting-Edge Features!

Ambesh Singh

Visionet Systems Deutschland

broad
Photo
Simple and stable UI tests with Ultron

Aleksei Tiurin

Exness

specific
Photo
C++ Under the Hood: (Internal Class Mechanisms)

Chris Ryan

-

specific
Photo
Killing the Hydra: a hero's journey to trunk based development

Emanuele Giarlini

MOIA

specific
Photo
Technical Debt Demystified: Efficient Solutions for Software Teams

Yusuf Aytas

Workday

broad
Photo
Path to Golden Path

Daniel Drack

FullStackS GmbH

broad
Photo
Feature Flags at Scale: Managing Complexity in High-Load Systems

Gloria Wang

Adobe

broad
Photo
What doesn't the 100% Code Coverage metric tell us?

Mateusz Wojczal

Escola

broad
Photo
Crafting the Ultimate Docker Image for Spring Applications

Pasha Finkelshteyn

BellSoft

specific
Photo
From Server to Serverless - A story of saving Cost

Yoav Nordmann

Tikal Knowledge

specific

Tech Internals Conf

is the largest conference for developers of complex
and highly loaded systems

Participation options

The price is soaring —> the closer the conference is, the more it costs.

The current price of a ticket is —> 410 EUR before March 1st

what I`ll get?

  • Participation in Q&A sessions
  • Videos and slides after the conference
  • Hearty coffee breaks and lunches
  • Access to the exhibition area
  • Afterparty with speakers and participants
for individuals for legal entities

Unlock up to 50%
off your ticket!

Enter your email to see your personalised discount — no commitment to purchase required

Changed your mind?

Please tell us why.

Thank you
for your reply!

Become partner

of the largest conference for developers of complex
and highly loaded systems