{R}R Dev Notes
Found total of 15 articles.
Azure Front Door: a practical introduction
What Azure Front Door is, who it's for, what it costs, how it compares to Cloudflare and CloudFront, and a walkthrough of the settings that matter when putting it in front of an Azure App Service.
2026-05-11
The Engineering of Intent, Chapter 17: The Flow Loop
Chapter 17 of The Engineering of Intent blog series. Flow with an agent in the loop is different from classical flow, but just as performance-defining. A teaser on the two-minute rule, the three-strike rule, the flow killers, and the checkout refactor that shipped in one afternoon instead of two days.
2026-05-03
Chapter 18: Claims Design and Privacy — Identity Data Without Overshare
Chapter 18 of the OpenID: Modern Identity series — designing custom claims with namespacing and size discipline, attribute mapping across providers into a single internal schema, and privacy by design through minimization, selective disclosure, pairwise identifiers, and GDPR-ready retention.
2026-03-24
Chapter 14: Hardening Your Identity Stack — Setting the Defaults That Keep You Safe
Chapter 14 of the OpenID: Modern Identity series — hardening defaults that neutralize common attacks: strict redirect URI matching, audience validation to solve the confused deputy problem, token lifetime tuning, and refresh token binding, rotation, and revocation.
2026-03-20
Chapter 13: Threat Modeling OpenID Systems — Thinking Like the Adversary
Chapter 13 of the OpenID: Modern Identity series — threat modeling for OIDC systems: token theft vectors and defenses, replay attacks and nonce validation, CSRF and state parameter mismanagement, redirect abuse and mix-up attacks.
2026-03-19
Chapter 12: User Lifecycle Management — Provisioning, SCIM, and the De-Provisioning Problem
Chapter 12 of the OpenID: Modern Identity series — user lifecycle management: JIT and bulk provisioning, SCIM for cross-system sync, de-provisioning done right, role mapping from IdP claims, and identity architecture for multi-tenant SaaS.
2026-03-18
OpenClaw Engineering, Chapter 3: Deployment and Environment Setup
From local development to production: installing Node.js 22+, setting up Docker containers, and deploying OpenClaw to the cloud via AWS Lightsail or VPS providers.
2026-03-18
Chapter 11: MFA and Conditional Access — Dispersing Authentication Risk
Chapter 11 of the OpenID: Modern Identity series — MFA fundamentals across the three factor categories, risk-based adaptive authentication, and step-up authentication using the OIDC acr and amr claims to match assurance to operation sensitivity.
2026-03-17
Chapter 9: SPA and Mobile Patterns — Auth in Hostile Environments
Chapter 9 of the OpenID: Modern Identity series — SPAs and mobile apps in hostile environments: XSS and CSRF defense, PKCE in the browser, the Backend-for-Frontend pattern, native app patterns, and refresh token rotation with reuse detection.
2026-03-15
Chapter 7: Your First OpenID Application — The Handshake, End to End
Chapter 7 of the OpenID: Modern Identity series — building a real OIDC login end to end: the minimal flow, state and nonce, strict redirect URI matching, sessions from tokens, and the three flavors of logout.
2026-03-13
Chapter 6: Discovery and Metadata — How Clients and Providers Find Each Other
Chapter 6 of the OpenID: Modern Identity series — how OIDC discovery, .well-known/openid-configuration, JWKS, and Dynamic Client Registration allow clients and providers to find each other without hand-crafted configuration.
2026-03-12
Chapter 2: From OpenID to OpenID Connect — How the Industry Got This One Right
Chapter 2 of the OpenID: Modern Identity series — tracing how the industry moved from the original OpenID and SAML through OAuth 2.0 to OpenID Connect, and when to reach for each standard.
2026-03-08
Chapter 1: Why Identity Is Hard — The Trust Problem Behind Every Login
Chapter 1 of the OpenID: Modern Identity book series — why identity is a trust problem first and a technology problem second, and why authentication and authorization must never be conflated.
2026-03-07
OpenID: Modern Identity for Developers and Architects — A 22-Part Blog Series
Introduction and index for the 22-part blog series based on OpenID: Modern Identity for Developers and Architects by Sho Shimoda — with links to every chapter from Why Identity Is Hard through Identity in AI Systems.
2026-03-06
Art of Coding, Part IV: Patterns, Anti-Patterns, and Architecture
Part IV explores design patterns as language, anti-patterns as warning signs, and architecture as the invisible skeleton enabling system growth.
2026-01-03
Categories
Tags
Search Logs
Hello World bot 1194
Deploy Teams bot to Azure 1155
IT assistant bot 1151
Microsoft Bot Framework 1064
Teams bot development 1037
Teams production bot 1016
bot for sprint updates 1010
Teams app zip 995
Zendesk Teams integration 993
Microsoft Teams Task Modules 986
Bot Framework Adaptive Card 982
Bot Framework example 975
Task Modules 968
Teams chatbot 968
C 959
Teams bot tutorial 959
Azure CLI webapp deploy 958
Teams bot packaging 955
Bot Framework proactive messaging 948
Graph API token 947
Bot Framework CLI 941
Adaptive Card Action.Submit 936
Bot Framework prompts 924
Azure App Service bot 916
Microsoft Graph 915
Azure Bot Services 896
Adaptive Cards 886
Azure bot registration 883
ServiceNow bot 871
proactive messages 829
Development & Technical Consulting
Working on a new product or exploring a technical idea? We help teams with system design, architecture reviews, requirements definition, proof-of-concept development, and full implementation. Whether you need a quick technical assessment or end-to-end support, feel free to reach out.
Contact Us