FusionAuth

Kelsey Hightower (@kelseyhightower) is joining us next Wednesday to talk Agentic AI. No hype, just the architecture. We’re diving into the identity layer that autonomous agents actually need to run securely in production. fusionauth.link/4tMvsTM

We're also a Gold sponsor & presented at the virtual conference, get your hands on the supplemental report at fusionauth.io/tech-papers/se…

𝗛𝗮𝗽𝗽𝘆 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 𝗗𝗮𝘆 This year's theme is "Finding Identity: The Search for You, Me, and the Machines," and honestly, it couldn't come at a better moment. We spend a lot of time talking about securing human identities. Passwords, MFA, phishing resistant solutions like passkeys and OTP. All important. But here's the thing: in most organizations today, human identities are the minority. Every API key. Every service account. Every AI agent running a workflow. Every automated pipeline. These are all identities and they're multiplying faster than most teams can track them. The uncomfortable question for Identity Management Day isn't "have my users enabled MFA?" It's: → Do you know every identity in your environment? → Do your machine identities have a defined lifecycle? → When was the last time you audited what your non-human identities can actually access? Most teams are pretty confident about their human users. Far fewer have the same visibility into the machine side of the house. At FusionAuth, we work with engineering teams building identity into their products from the ground up, and those who do it well treat it as infrastructure rather than an afterthought. Because the identity layer is now the security perimeter. It's where access decisions get made, and it's where risk concentrates. This year, use Identity Management Day as a prompt to look beyond the login box. The machines are in the room too. What's the one identity hygiene task your team has been putting off? Drop it below. #IdentityManagementDay #CIAM #Cybersecurity #AuthNAndAuthZ #FusionAuth #IdentitySecurity

SOC 2 Type 2 (2026) is officially wrapped. No fluff, just the report. If you're running FusionAuth in production and your compliance team needs the latest audit for your own security review, grab it here: fusionauth.link/3OtduXh

9 years of @cassidoo is a legendary run. ⌨️ We’re helping celebrate the anniversary issue with a heavy-duty giveaway: 3 copies of "The Modern Guide to OAuth" 📖 A 1-year FusionAuth Starter license ($1,500 value) 🔐 Enter here: fusionauth.link/4t21Vpg

It's April 1st. The repo is real. The 15 million instructions are real. Don't use this in production. (You could, though. Happy April Fools!) github.com/FusionAuth/fus…

Performance note: Our JSON parser is written in a constrained dialect of C, compiled to Brainf. Native C: Milliseconds. Brainf mode: 100% of one CPU core for 28 hours to zero out 4KB of memory. We believe this is technically correct behavior.

FusionAuth now supports Brainf*. Real JWTs. Real API calls. 14.7MB of compiled output. 28 hours of CPU time to initialize a buffer. It works. Mostly. 🧵

500+ engineers at KubeCon just needed to unwind. Snacks, wine, soft drinks at the RAI's boat house — SREs and platform engineers sharing how they're keeping up with faster-than-ever cycles. Thanks @rootlyhq @upwindsecurity @baseten @checklyHQ @cloudsmith MetalBear @FusionAuth Echo @TwingateHQ @spotifyeng

Looking for more FusionAuth & Kubernetes goodness? Start here at fusionauth.io/docs/get-start…

#KubeCon EU is massive, but Hall 5 is where the #identity conversations are happening. Find FusionAuth there at Booth 1180. We’re skipping the high-level fluff to talk shop on: • 𝗔𝘂𝘁𝗵 𝗳𝗼𝗿 𝗔𝗜 𝗮𝗴𝗲𝗻𝘁𝘀 & 𝗠𝗖𝗣 𝘁𝗼𝗼𝗹𝘀 • 𝗦𝗼𝗹𝘃𝗶𝗻𝗴 𝗺𝘂𝗹𝘁𝗶-𝗰𝗹𝘂𝘀𝘁𝗲𝗿 𝗮𝘂𝘁𝗵 𝗰𝗼𝗺𝗽𝗹𝗲𝘅𝗶𝘁𝘆 • 𝗦𝗶𝗻𝗴𝗹𝗲-𝘁𝗲𝗻𝗮𝗻𝗰𝘆 𝗳𝗼𝗿 𝘀𝘁𝗿𝗶𝗰𝘁 𝗱𝗮𝘁𝗮 𝗶𝘀𝗼𝗹𝗮𝘁𝗶𝗼𝗻 Pro tip: Cut through Hall 1 to find us in Hall 5. We have the raffle and the EU swag ready. #KubeCon #CloudNativeCon

🚀 Shipped: FusionAuth Quarterly Product Update Not every user journey starts with an email address. With FusionAuth they don't have to. This Friday, Mark Robustelli demos FusionAuth capabilities live: → Phone number as a first-class identity → Pre-verified identities → Universal apps + Tenant Manager Plus a look at MFA requirement lambdas, DPoP token binding, and what's new in 1.64. 📅 3/27 | 11 AM PDT / 2 PM EDT 👉 fusionauth.link/40ScXRr #FusionAuth #Identity #Authentication #DevTools #ProductUpdate

FusionAuth v1.64 (Secret Shibe) is out with the security features you've been asking for. 🐕 • 𝗦𝗰𝗼𝗽𝗲𝗱 𝗔𝗣𝗜 𝗞𝗲𝘆𝘀: 𝗚𝗿𝗮𝗻𝘂𝗹𝗮𝗿 𝗰𝗼𝗻𝘁𝗿𝗼𝗹 𝗯𝘆 𝘁𝗲𝗻𝗮𝗻𝘁 𝗮𝗻𝗱 𝗲𝗻𝗱𝗽𝗼𝗶𝗻𝘁. • 𝗟𝗮𝗺𝗯𝗱𝗮 𝗦𝗲𝗰𝗿𝗲𝘁𝘀: 𝗨𝘀𝗲 𝘀𝗲𝗰𝗿𝗲𝘁𝘀.𝗴𝗲𝘁('𝗸𝗲𝘆') 𝗳𝗼𝗿 𝘀𝗲𝗰𝘂𝗿𝗲 𝗲𝘅𝘁𝗲𝗿𝗻𝗮𝗹 𝗔𝗣𝗜 𝗰𝗮𝗹𝗹𝘀. • 𝗝𝗪𝗘 𝗦𝘂𝗽𝗽𝗼𝗿𝘁: 𝗘𝗻𝗰𝗿𝘆𝗽𝘁 𝘆𝗼𝘂𝗿 𝗝𝗪𝗧𝘀 𝘁𝗼 𝗵𝗶𝗱𝗲 𝗣𝗜𝗜 𝗳𝗿𝗼𝗺 𝘁𝗵𝗲 𝗯𝗿𝗼𝘄𝘀𝗲𝗿/𝗰𝗹𝗶𝗲𝗻𝘁. • 𝗦𝗶𝗺𝗽𝗹𝗲 𝗧𝗵𝗲𝗺𝗲 𝗘𝗱𝗶𝘁𝗼𝗿: 𝗕𝗮𝘀𝗶𝗰 𝗨𝗜 𝗯𝗿𝗮𝗻𝗱𝗶𝗻𝗴 𝘄𝗶𝘁𝗵𝗼𝘂𝘁 𝘁𝗵𝗲 𝗙𝗿𝗲𝗲𝗠𝗮𝗿𝗸𝗲𝗿 𝗼𝘃𝗲𝗿𝗵𝗲𝗮𝗱. If you’re still using a single API key for your entire stack, it's time to rotate and refactor. Full blog details (links to release notes if you're technical) at fusionauth.link/4uII6V8

The FBI took the domains, but Handala already proved that "logged in" doesn't mean "safe." They didn't use a wiper; they used a hijacked admin session and Microsoft Intune to factory reset 80k+ devices. As FusionAuth CEO Brian Bell puts it: "Attackers didn't need to break in; they walked through the front door. The safeguard must be contextual." The fix isn't a domain seizure. It's step-up auth for high-value administrative actions. If your admin can wipe a fleet without a secondary MFA check, your auth layer isn't finished. fusionauth.link/4rIMFfa

The "readiness paradox" in cybersecurity is widening. 79% of IT leaders now cite AI-powered attacks as a significant threat. These aren't just faster scripts—they are autonomous agents that reason about your environment, chain exploits on the fly, and compress the timeline from initial access to full compromise from hours to minutes. Our CEO, Brian Bell, noted in TechNewsWorld today that many organizations are confusing compliance with resilience: "Passing an audit is not the same as stopping an autonomous agent from accessing data it shouldn't. Until organizations close the gap between how they feel about their security posture and how it actually performs under pressure, the readiness paradox will keep widening." Resilience in the AI age starts with identity. If your system can’t distinguish between a service account and a malicious autonomous agent in real-time, you aren’t defending the perimeter—you’re just watching it disappear.

Need some context before the webinar? Download our technical paper on Agentic AI and auth at fusionauth.io/tech-papers/se…

Shared service accounts are a security nightmare for agentic AI. AI agents need real identities, not hardcoded API keys. Next week, we’re diving into OAuth 2.0 flows for agents and why #NHI is the next major identity hurdle. Technical deep dive on tap. Join us: fusionauth.link/4bnxP7W

That’s a wrap on #GDC2026! 🎬🕹️ We’re officially packing up "Mom’s Basement" and heading home, but our hearts (and our lead queues) are full. This week was a massive reminder of why we do what we do: helping game developers spend less time on "auth plumbing" and more time on actual gameplay. A huge shout-out to the "Basement Crew" who made it happen: • Dayna: Our new CMO and the creative mastermind behind the "Mom's Basement" theme. Thank you for pushing us to be bold, nostalgic, and the most unique booth on the floor! • Sean: The design wizard who took Dayna’s vision and built it into reality. That wood paneling and vintage vibe were 10/10. • Shannon: The ultimate mastermind behind the scenes. None of this—from the wood paneling to the Sunny D—happens without her organization. • Brad: For his power talk on authenticating across generations. Apparently, it was so good that while 25+ people were in the seats, the GDC app is showing 100+ session scans. We’re still trying to figure out if Brad has a cloaking device or if the word just spread that fast through the halls! 🕵️‍♂️📈 • Nico: Our "Ironman" SDR. He didn't just work the floor; he lived it. If you got a demo this week, chances are Nico was the one making sure you saw the magic. • Brian Bell: Our CEO, for dropping in, rolling up his sleeves, and engaging with the community to show that FusionAuth is led by people who actually care about the dev experience. Whether you stopped by to talk about the PSN loophole, cross-platform account linking, or just to sit on the vintage couch and reminisce about the 90s, thank you for dropping by and being a part of the FusionAuth community. If we missed you in the basement, the door is always open online, get the full details at fusionauth.link/47zjHr1 #GDC2026 #FusionAuth #GameDev #MomsBasement #IdentityWithoutConstraints

Sorry, infinite loop 😛

Login can be tough, even for AI companies. Secure your app reliably AND lock down AI with FusionAuth fusionauth.link/3NsGCgV

Login can be tough, even for AI companies. Secure your app reliably AND lock down AI with FusionAuth fusionauth.link/3NsGCgV