Software engineer with twenty years across cloud platforms, distributed systems, and mobile apps. Writing on engineering decisions that matter in production. 2026-05-05T00:00:00.000Z https://mdpellegrin.com/ Michael Pellegrin 2026-05-05T00:00:00.000Z https://mdpellegrin.com/blog/2026-05-05-azure-key-vault-reference-trailing-slash/

An Azure App Service Key Vault reference without a trailing slash silently returned an older version of my secret after I rotated it. Token validation failed because the issuer URL no longer matched. Here's what happened, what the documentation actually says, and why the slash matters.

2026-04-06T00:00:00.000Z https://mdpellegrin.com/blog/2026-04-06-attrakto-launch/

Attrakto started as a fidget with two bottle caps and became a calm daily puzzle game. Here is how it got here.

2026-03-25T00:00:00.000Z https://mdpellegrin.com/blog/2026-03-25-auth0-custom-domain/

Auth0 Universal Login puts all your users on a shared auth0.com subdomain. That breaks password manager autofill and credential association on iOS and Android. A custom domain fixes it, and it's easier to configure than you'd expect.

2026-03-02T00:00:00.000Z https://mdpellegrin.com/blog/2026-03-02-ai-development-everyday-kit/

Everyday kit is not just for gear people. Here's my current AI development workflow, an honest account of what it replaced, and why I'm already working on the next version.

2026-02-23T00:00:00.000Z https://mdpellegrin.com/blog/2026-02-23-rfc9457-problem-details-aspnet/

HTTP already has error semantics. RFC 9457 Problem Details gives your error payloads a standard structure to match. Here's why it matters and how to implement it in ASP.NET Web API using middleware.

2026-02-16T00:00:00.000Z https://mdpellegrin.com/blog/2026-02-16-auth0-custom-claims/

How to enrich JWT tokens with user data during login, eliminating per-request database lookups while keeping your domain logic decoupled from your identity provider.