Eliminating Database Lookups with Auth0 Custom Claims
How to enrich JWT tokens with user data during login, eliminating per-request database lookups while keeping your domain logic decoupled from your identity provider.
Writing
I write about software engineering: distributed systems, cloud platforms, mobile development, AI-augmented workflows, and the decisions that matter when you are building for production. Twenty years of building software means I have opinions, and this is where they go.
-
-
Stop Returning HTTP 200 for Failures: RFC 9457 Problem Details in ASP.NET
HTTP already has error semantics. RFC 9457 Problem Details gives your error payloads a standard structure to match. Here's why it matters and how to implement it in ASP.NET Web API using middleware.
-
My AI Development Everyday Kit
Everyday kit is not just for gear people. Here's my current AI development workflow, an honest account of what it replaced, and why I'm already working on the next version.
-
Fix the Password Manager Problem in Auth0 Universal Login with a Custom Domain
Auth0 Universal Login puts all your users on a shared auth0.com subdomain. That breaks password manager autofill and credential association on iOS and Android. A custom domain fixes it, and it's easier to configure than you'd expect.
-
What Two Bottle Caps Started
Attrakto started as a fidget with two bottle caps and became a calm daily puzzle game. Here is how it got here.
-
Add the Trailing Slash to Your Azure Key Vault References
An Azure App Service Key Vault reference without a trailing slash silently returned an older version of my secret after I rotated it. Token validation failed because the issuer URL no longer matched. Here's what happened, what the documentation actually says, and why the slash matters.