Toby Allen

Solutions Engineer at Okta. I write about identity, access management, and security. This site archives my published articles, talks, and presentations.

All articles →About me →

Latest

Acting on behalf of: separating the actor from the account in modern identity

June 16, 2026 · Auth0, Customer Identity Products, Auth0 FGA

Identity systems are very good at answering one question: who are you? What they are less good at is the follow-up: and who are you acting for? In this post I will look at why separating the authenticated user from the account or person they are acting within is important, what it enables across a range of industries, and how Auth0 and Auth0 FGA address the two complementary sides of the problem.

Home Tenant Discovery: The Edge Lookup Layer with Cloudflare Workers and KV

June 15, 2026 · Auth0, Customer Identity Products, Extensibility (Workflows and Development)

In part one we built the Auth0 ACUL screens for multi-tenant routing with a hardcoded lookup. In this post I will replace that with a real Cloudflare Worker backed by Workers KV, move to full email-address routing, handle users who exist across multiple tenants, and add Cloudflare Turnstile bot protection to the login screens.

Multi-Tenant Home Realm Discovery with Auth0 Advanced Custom Universal Login

June 13, 2026 · Auth0, Customer Identity Products, Extensibility (Workflows and Development)

Home Realm Discovery is a well-understood pattern at the network layer, but moving that routing logic inside Auth0's login flow using Advanced Custom Universal Login opens up some interesting possibilities — and a few unexpected challenges.

Using Auth0 CLI with Private Cloud

August 19, 2025 · Auth0, auth0 CLI

The Auth0 CLI is a handy tool to help with designing and building your Auth0 experience. It lets you do a number of things including: The Auth0 CLI has a simple interactive logging flow that lets you login as a user and it is powered by the device authorization flow. Unfortunatel

Sending Feedback to Twilio Verify Fraud Guard in Auth0

June 18, 2025 · Auth0

Auth0 supports Twilio out of the box as a phone provider however in many instances Twilio Verify provides a better experience. The out of the box Twilio integration requires the sender to manage all of the phone numbers and Sender IDs that they need. This can be simple if you onl