Articles
I’ve written several technical articles since 1997 for various blogs, websites, and magazines, both in English and in Italian. Here you can find a list of the most recent ones:
Is Policy-Based Access Control (PBAC) an Authorization Model?
What is the difference between RBAC, ABAC, ReBAC, and PBAC? Is PBAC an authorization model or just a way to implement authorization models?
2025-10-28 
MS Agent Framework and Python: Use the Auth0 Token Vault to Call Third-Party APIs
Build a secure Python AI Agent with Microsoft Agent Framework and FastAPI and learn to use Auth0 Token Vault to securely connect to the Gmail API.
2025-10-27
Demystifying JOSE, the JWT Family: JWS, JWE, JWA, and JWK Explained
Break down the differences and relationships between JOSE, JWT, JWS, JWE, JWA, and JWK with clear explanations and examples.
2025-10-07
What a Developer Advocate Is Not
Let's define what a developer advocate is not by comparing this role to a few common assumptions.
2025-10-03
Secure a .NET RAG System with Auth0 FGA
This in-depth guide shows you how to secure your AI chatbot built with .NET Blazor using the RAG pattern, ensuring users can only access information from documents they have permission to view.
2025-10-01
Does Artificial Intelligence Threaten Critical Thinking?
What if AI could paradoxically turn out to be not the death of critical thinking but rather its unexpected training ground?
2025-09-22
Implementing DPoP with Auth0
Learn to implement DPoP with Auth0 to secure your SPA and API. This guide shows how to protect your tokens and prevent token replay attacks with Auth0's SDKs.
2025-09-18
Dealing With Non-Human Identities
Dive into the world of Non-Human Identities (NHIs). Learn how they differ from traditional machine identities, their role in AI, the top security challenges, and the best practices for securing your machine-to-machine interactions.
2025-09-09
Fine-Grained Authorization in ASP.NET Core with Auth0 FGA
Learn how to implement fine-grained, relationship-based authorization in an ASP.NET Core minimal API using Auth0 FGA.
2025-09-05