Articles
I’ve written several technical articles since 1997 for various blogs, websites, and magazines, both in English and in Italian. Here you can find a list of the most recent ones:
Want AI Agents That Don't Spill Secrets? Don't Give Them Secrets
Learn why putting secrets in tool schemas, system prompts, or skill prompts exposes them to the LLM and how to keep credentials in the deterministic layer instead.
2026-06-26
Implementing the Device Authorization Flow in a C# Console App
Learn how to implement the OAuth 2.0 Device Authorization flow to authorize a .NET console application built with C#.
2026-06-12
The Many Faces of OAuth 2.0 Token Exchange
Explore OAuth 2.0 Token Exchange patterns: impersonation, delegation, protocol transition, and cross-app access for modern architectures.
2026-06-03
What AI Tools, MCP Servers, and Skills Actually Do
Learn the critical differences between AI tools, MCP servers, and skills to build more capable, secure, and standardized AI agents.
2026-05-19
AI Agents Have Two Souls. You Only Control One.
Why the code around your LLM matters more than the LLM itself: the architectural insight that changed how I think about AI agent security.
2026-05-08
Backend For Frontend Authentication Pattern with Auth0 and ASP.NET Core
The Backend For Frontend (BFF) authentication pattern is a powerful architectural pattern that allows to improve the security of Single-Page Applications (SPAs) using OAuth and OpenID Connect.
2026-04-29
Things Developers Get Wrong About the Backend for Frontend Pattern
Let’s address the most common pitfalls and misconceptions developers encounter when implementing the Backend for Frontend (BFF) pattern.
2026-04-24
Generative AI and Non-Determinism
We often hear that generative AI is non-deterministic because it responds differently each time to the same prompt. But is it really non-deterministic? Let's explore the concept of non-determinism and how it applies to generative AI.
2026-03-30
Common FAPI Misconceptions
Let's clear up some misunderstandings about FAPI, the OAuth 2.0 secure profile.
2026-03-19