How are agents authenticated?

I searched the docs for authentication and mcp (one of the protocols which, among other things, handles some pieces of authentication/authorization) but didn't see any results.

What did I miss?

What does KLTO mean?

To add to the other posters, keep-the-lights-on usually means a product has no active feature development. It’s just supported with on-call and maybe some bug fixes depending on capacity.

No clue if Cognito actually was KTLO though.

Probably meant KTLO: Keep The Lights On

"Keep Lights To On." It's the post-it on the light switch wired to the Cognito server.

I work for a Cognito competitor, but I am glad to see them investing in improving the lives of folks using this native AWS service.

It felt like Cognito was abandoned for a while.

That's fair. The companies do care about building a sustainable business. But so do the companies that sell lawnmowers.

I'm not sure that make either thing being sold (LLMs or machines to cut grass) able to care.

Not yet. Wait ‘til lawnmowers have LLMs installed.

I have seen the same thing in a local slack I frequent. Not weekly, but once a month or so.

It doesn't last long, but it sure is annoying. Sometimes they even join and then spam DM rather than post in a public channel.

It must pay off often enough to make it it worth it, but I can't imagine hiring someone I found through a spam message.

There's no way this pays off. It's probably some enterprising scammer that's selling his bots to individuals (aka suckers) to spam with.

I mean, the device code grant was codified by the IETF in 2019[0]. That is no guarantee that it is 100% secure, but folks have spent time working to make it as safe as possible. There's also a Best Current Practice (BCP) doc[1] and if you have suggestions to improve the flow, they'd be welcomed.

0: https://datatracker.ietf.org/doc/html/rfc8628

1: https://datatracker.ietf.org/doc/draft-ietf-oauth-cross-devi...

FYI, all the roles listed show SF as the location (London isn't mentioned).

FusionAuth | Principal Software Engineer, Senior Java Engineer - Cloud, Account Executive, Solutions Engineer | Varies between REMOTE (in USA, also in Europe but only for the account exec/solutions engineer positions) and ONSITE in Denver, CO, USA, details in each job desc | Salary ranges for the Principal Software Engineer it is 225k-270k, but the Euro positions don't have them :(

At FusionAuth, our mission is to make authentication and authorization simple and secure for every developer building web and mobile applications. We want devs to stop worrying about auth and focus on building something awesome.

There are a lot of companies in the auth space, but we feel like we have something special:

* a relatively unique deployment model (self-host on-prem, run in your cloud or let us operate it for you in ours)

* A well designed API first approach; one customer compared our APIs to petrichor

* a mature product (the code base is nine+ years old and we've found and fixed a lot of the sharp edges around core login use cases; but don't worry, there are plenty more features to add)

* a full featured free-as-in-beer version which makes the sales cycle easier; prospects often come in having prototyped an integration

Our core software is commercial. We open source much of our supporting infrastructure. Technologies and standards that you will work with: modern Java, PostgreSQL, Docker, Kubernetes, MySQL, OAuth, SAML, OIDC.

Learn more, including benefits and salaries, and apply here: https://fusionauth.io/careers/ ( Click/tap the 'View open positions' orange button. )

> Agents are really nice to quickly craft utilities to speed up planning.

Reminds me of a conversation I had with Kelsey Hightower where he suggested that using agents to build utilities and software was a smarter way to proceed than using agents to do the work. It is almost like the software artifacts are a cached version of your understanding of the problem and can be used over and over again until the problem (or your understanding of it) changes.