Is the conversation about AI agent security broken? We keep talking about model alignment, but we’re completely ignoring the identity layer. Giving an AI agent a shared service account or a hardcoded API key is a security nightmare. When a probabilistic system interacts with production data, it requires a strict, deterministic authorization layer to set boundaries. It needs its own identity. We are live today (5/26)! If you can't make the live session, register anyway to grab the full on-demand recording and resources as soon as it wraps up. Dan Moore is sitting down with Kate Catlin (Senior Product Manager at GitHub) to break down The Authorization Paradox. They’ll be mapping out exactly how to build a deterministic defense around probabilistic AI, featuring a live look at GitHub Copilot's security tooling (including custom guardrails via .github/copilot-instructions.md) and how isolated deployment models keep an agent's blast radius contained. We're bypassing the high-level hype to talk about actual infrastructure primitives. Save your seat for the stream or the on-demand replay below. fusionauth.link/4uyjCgV

Burner accounts are quietly bleeding AI platforms dry. They are burning through expensive tokens on the free tier before anyone notices. Liveness 1:N biometrics is how you stop it. Cameron D'Ambrosi sits down with our own Dan Moore for a fireside chat on liveness, deepfakes, and the root of trust. Tuesday, May 12 · 12 PM ET · 45 min · Register for On-Demand fusionauth.link/48SCOwZ

Today is World Password Day, which raises a question: how many more of these will we celebrate? Passkeys are now supported across every major platform. Passwordless login via magic links, SMS OTP, and biometrics is mainstream. The tools to move beyond passwords have never been more accessible. And yet passwords aren't going anywhere soon. They're baked into legacy systems, user habits, and fallback flows that will take years to unwind. So while we're in this transition period, the basics still matter more than most teams realize: • Are you checking credentials against breach databases in real time? • Are you following current NIST guidance? (Hint: mandatory complexity rules and 90-day rotations are out. Length and breach-checking are in.) • Are you offering passwordless as a genuine option and not just a roadmap item? At FusionAuth, we think about this every day. Not because passwords are the future, but because the way you handle them now determines how secure your users are during the transition to what comes next. Happy World Password Day. May there be only a few more of them. 🔐 #WorldPasswordDay #CIAM #Authentication #Passkeys #Cybersecurity #Identity

"The nice thing about authorization is that no matter how complex it gets, it's a deterministic system." FusionAuth’s Dan Moore joined @ministryoftest to talk about the "scary" side of infrastructure and why AI agents need better guardrails. 🧵 Final word: "Caring, to some extent, is the most important finite resource." Whether you're a dev or a tester, focus on the user's needs, not just shipping code faster. Full episode: fusionauth.link/3PnSnWU

When Firat Dogan founded Permify, he set out to solve the most painful part of the stack: fine-grained authorization (FGA) at scale. 🛠️ Permify crossed 1.2M downloads, 5,800 GitHub stars (surpassing OpenFGA), and 60 contributors. It reached #1 on GitHub Trending, landed on the Hacker News front page twice, and was ranked #14 on Fast Company’s Top 100 Startups in 2024. Since joining FusionAuth in Nov 2025, that vision has become the engine powering our #FGA. Learn the history of Permify at fusionauth.link/4uDpCEN

AI agents MCP = a security nightmare without an auth layer. Join @mooreds at #BSW2026 to learn how to secure the Model Context Protocol. Build an MCP server, connect to Claude, and implement a full auth flow with user consent. Hybrid event—join us in Boulder or online. 📍 Boulder Public Library Google Meet 🕐 Time: Monday, May 4 · 1:00 PM CST 🔗 fusionauth.link/4n51B6Y Hardware ready: Docker, Node, Python, and Claude Desktop required.

Feature flags without identity = spraying features into the dark. @azimman (co-author of Progressive Delivery) and @FusionAuth’s Dan Moore are going live 4/29 to show how JWT attributes power precise, cohort-based rollouts. The first 20 registrants get a free copy of the book. 📖 Register: fusionauth.link/4sUceKZ