301 Photos and videos
I’ve created an overview of my past and future talks. If you run an event and want me to come and talk, shout! talks.sambego.be/
2
6
36
I'll be doing what I do best at @vercel Ship, talking about identity, auth, and how to secure your agents 🚢
See you there!
London, we're on our way 🇬🇧⚡
@Auth0 is proud to be a Platinum Sponsor at @vercel Ship London. Catch @JasSagoo and @sambego talking about building AI experiences without making security an afterthought.
See you there 👋 vercel.com/ship/london
1
52
Auth emails don’t need to be painful.
@resend @auth0 lets you build and ship them like real components ✉️
Read the blog. bit.ly/3P7Mpcs
4
12
1,829
Sambego retweeted
Apr 27
PKCE and BFF aren't alternatives. They solve different problems.
If you've been assuming PKCE is enough for SPA security, this is worth reading: auth0.com/blog/things-develo…
1
104
The @Auth0 plugin is now available on the @cursor_ai Marketplace. Access 22 AI skills for quickstarts, migration, and MFA with SDK support for all major frameworks, and more.
Add it now 👇 bit.ly/4mQMLAM.
4
72
2,121,918
Most AI benchmarks test reasoning. Almost none test whether the agent can wire up authentication securely. 🧐
We built the @auth0 Agent Experience Score to actually measure it. Check it out! auth0.com/agent-experience
1
4
5
465
Sambego retweeted
Apr 2
Fine-grained authorization for RAG is one of the most underestimated problems in production AI.
If your agent can retrieve documents, it needs to enforce who's allowed to see them, not just at the role level. With @auth0 FGA and LlamaIndex Workflows, authorization is structural: baked into the retrieval step, not bolted on at the API layer.
Great collaboration with @jerryjliu0 and the @llama_index team showing exactly how this works in production → auth0.com/blog/securing-ai-d…
Apr 2
One thing that keeps coming up when teams add AI to their stack: auth gets way more complicated than the standard "who is logged in"
You start asking questions like
⚪️ who's agent did this?
⚪️ what docs can my agent go read?
⚪️ who do i blame when things go wrong?
@itsclelia and @sambego wrote on fine-grained RAG pipelines so AI only sees what it's allowed to see
worth a read if you're working on this problem:
auth0.com/blog/securing-ai-d…
1
5
16
3,987
Sambego retweeted
Apr 2
One thing that keeps coming up when teams add AI to their stack: auth gets way more complicated than the standard "who is logged in"
You start asking questions like
⚪️ who's agent did this?
⚪️ what docs can my agent go read?
⚪️ who do i blame when things go wrong?
@itsclelia and @sambego wrote on fine-grained RAG pipelines so AI only sees what it's allowed to see
worth a read if you're working on this problem:
auth0.com/blog/securing-ai-d…
1
6
13
9,053
Sambego retweeted
Mar 31
Last month we updated our free and self-service B2B plans to help you ship at a lower cost. Today we are making our pricing more accessible to agents 🤖 → auth0.com/pricing.md
In February we updated our free and self-service B2B plans to help you ship at a lower cost.
Now our pricing is more accessible to agents 🤖 → auth0.com/pricing.md
Appreciate this push @Resend @zenorocha
1
4
300
From writing code to advocating for developers worldwide.
Carla Stabile chats with Sam Bellen about DevRel, building trust with engineers, and turning community feedback into better products.
New episode of Making Software is live. Tune in here: bit.ly/4tRywyU
2
3
5
677
Sambego retweeted
Jan 23
Broken Access Control tops 2025 OWASP lists for web apps and APIs. It persists despite modern tools.
Why is it still so hard to fix?
I have some thoughts: auth0.com/blog/why-broken-ac…
1
2
157
Sambego retweeted
29 Oct 2025
Policy-Based Access Control (#PBAC) is commonly considered an authorization model, but I disagree and explain why in this article published on the @idpro_org blog.
What's your take on this?
idpro.org/is-pbac-an-authori…
1
1
77
Sambego retweeted
17 Sep 2025
Sam Bellen (@sambego), Principal Developer Advocate for @auth0, joins us on stage to share insights. Don't miss their session "Paradigm Shift!" at #AllThingsOpen! 2025.allthingsopen.org/sessi…
3
3
716
If you’re at the London Gartner IAM summit today, let’s meet!
We'll be at the @Gartner_inc IAM Summit in London this afternoon, participating in the @openid AuthZEN Working Group Interop Drop-In Demos.
Drop on by at 02:45 PM to learn more about how we're working towards implementing AuthZEN in our product.
gartner.com/en/conferences/e…
195
Sambego retweeted
13 Feb 2025
🔐 Want to build a RAG application without risking sensitive data? This step-by-step guide by @auth0 shows you how to use Python, LangChain, and OpenFGA to keep your AI pipeline secure.
Read more 👉 auth0.com/blog/building-a-se…
5
44
219
16,483
Sambego retweeted
4 Feb 2025
CIBA is a standard that enables your application to authenticate users on a different device. Learn how it works and how to add it to an ASPNET Core app using @auth0
#ciba #dotnet #aspnetcore #authentication
auth0.com/blog/use-ciba-auth…
2
4
196
Sambego retweeted
29 Jan 2025
Pushed Authorization Requests in .NET 9: Why and How to Use Them by @andychiare dev.to/oktadev/pushed-author… #aspnetcore
6
20
1,707
Let’s go! 🏁🏁🏎️
Two legends, one vision. 🏁
We’re proud to announce our partnership with the @McLarenF1 Team. Start your engines: bit.ly/3ChqmtI
3
4
1,276
In this month's Fine-Grained newsletter, we look back at everything we accomplished with OpenFGA last year.
We could not have done this without the help of our community, so we thought it'd be the perfect opportunity to thank all contributors!
openfga.dev/blog/fine-graine…
1
2
230
For today's #ModelingMondays, we'd like to ask our community what you want us to cover in future chapters of our modeling guide.
A specific type of access, a special entity, a condition you deal with when making access control decisions, ...
3
3
283