You’ve probably heard by now that Okta and Auth0 have joined forces. As a developer advocate for Auth0, I’m really excited to see how we can combine our forces to make identity even better for the developer community.
You might not be aware that I’m a huge fan of creating events that directly address the needs of developer communities. From the first conference I ran in 2004 to the user group meetings that are still going to this day, you can imagine my excitement when I heard we (Auth0 and Okta) were going to run an online event together!
This time, members of my team are taking the lead, so I'll be in the same boat as many of you experiencing Developer Day as it happens, so I thought it might be helpful to share my thoughts on the event and what I’m looking forward to the most.
Hit up the community forum if I miss something that’s important to you — there’s so much for everyone, I’m sure you’ll help others out too.
What Is Developer Day?
Developer Day creates a space for all developers to discover how the identity space is evolving, learn best practices in privacy and security, and gain insights from developer experiences. It brings speakers from across these sectors right to your desktop, and best of all — it’s free!
Speaking of free, did you know you can also sign up for a free Auth0 account at any time? Why not try it out today?
More specifically, it’s a one-day, single-track, virtual event, and while I’m proud to see some of my colleagues’ names in the speaker list, the lineup also features the likes of Cassidy Williams (Director of Developer Experience at Netlify), Alyssa Miller (Hacker, Researcher, and Security Advocate), and Kapehe (Developer Relations at Sanity.io, and yes, you might remember she used to work at Auth0 too).
What Can I Learn?
The first place I tend to go when looking at an event is the agenda, and skimming over this one, we’re in for a breadth and depth of information.
The keynote is where the day’s journey starts, and Alyssa’s updates from the world of cyber security are sure to offer a great insight that sets the foundation for the day. I’m a huge advocate for helping all developers understand security principles and states of play. Even if you never have to deal with part of it yourself, you’ll always benefit from knowing why something is done and how you’re being protected.
From APIs to IoT: Live Demos and Security Fundamentals
From there, we meander down a path from securing Python APIs to securing your Home Automation and IoT devices. Personally, I’m a sucker for anything IoT-related, so I’ll be paying attention to this one.
Having grown up on YouTube videos (okay, I’m not that young...) about identity from both Aaron Parecki (or as I like to call him, Mr OAuth, but don’t tell him I told you) and Vittorio Bertocci (the man whose identity knowledge is dwarfed only by his magnificent hair), what better than a talk from both of them? The talk will not only cover where we’ve come from, but what the future of OAuth has in store for us.
Advanced Topics like Verifiable Credentials and Integration with Third Parties
But identity isn’t just about logging in and loading your glamour shot from Gravatar. I just recently learned about verifiable credentials, and wow - it’s such a powerful concept with so many use cases, I just can’t even! The topic deserves its own article, but one example is around payments, and Uchi Uchibeke’s talk is going to be fascinating, to be sure.
Uchi is flanked by demos on integrating Auth0 with NextJS for securing your webapps and Okta with Kong for securing continuous integration, delivery, and deployment. I think this highlights that the team who worked on the agenda really put a lot of thought into the balance between talks that can have immediate benefit to us developers, as well as enough advanced topics to keep our creative juices flowing.
Talking of immediately applicable information, if you want to learn how to validate REST API authentication and authorization, the JFrog talk is for you.
Authentication in Gaming and Extended Realities
If you thought the IoT talk was a bit out of the box, the Gaming and XR talk might just be in a whole other room! Not literally. I mean — it’s a virtual event. There aren’t any rooms. There aren’t any boxes either, for that matter. I digress.
I won’t admit to being a huge gamer. I load up Poly Bridge 2 every now and then. Does Minesweeper count? One thing I do know, though, is that the authentication experience in games can be awful, and when you get into any extended reality (XR), well. Let’s not go there.
We’ll let Okta's Nick Gamb go there instead, as he tells us about the propensity for this industry to be targeted by hackers. Follow his advice, and maybe we can all keep playing in the knowledge that our Minedimes are safe. (See — I told you I’m not a huge gamer.)
Adding Pixie Dust to Enhance Security
With two talks left for the day, I’m personally keen to catch Milecia McGregor from Mediavine talk about pixies! Stop it, autocorrect. PKCE! While most SDKs magically hide away much of the implementation, it’s still worth understanding how authentication flows work and how they can be improved. The most common OAuth flow is debatably the Authcode flow, but PKCE makes it even better! Come along to find out how. I’ll be at the front taking notes.
It’s a packed event — thank goodness there are a couple of breaks during the day — and we finish with a closing keynote from Cassidy Williams. The agenda teases us with the mere existence of this session, and perhaps we’ll find out more before the event. In any case, I’ll not be missing it.
Tell us in the community forum what you’re looking forward to the most, and I hope to see some of you in the chat room on the day!