1
00:00:00,000 --> 00:00:02,240
Before we jump into the source material today

2
00:00:02,240 --> 00:00:06,910
We really need to address this fundamental problem that honestly almost every

3
00:00:06,910 --> 00:00:09,220
organization rustles with at some point

4
00:00:09,220 --> 00:00:14,420
Yeah, the sheer cost and well the incredible complexity of secure logins, right?

5
00:00:14,420 --> 00:00:15,040
Exactly

6
00:00:15,040 --> 00:00:19,660
And that brings us to the supporter of today's deep dive safe server

7
00:00:19,660 --> 00:00:24,130
Yeah, if you're building an app or you know managing an organization's digital

8
00:00:24,130 --> 00:00:25,200
infrastructure right now

9
00:00:25,260 --> 00:00:29,790
You are probably looking at these incredibly expensive proprietary authentication

10
00:00:29,790 --> 00:00:32,440
tools. Oh, yeah things like author or

11
00:00:32,440 --> 00:00:37,820
Microsoft entra Google Cloud identity is another big one, right and safe server

12
00:00:37,820 --> 00:00:40,900
basically helps you implement really powerful open source

13
00:00:40,900 --> 00:00:45,760
Alternatives to those massive, you know proprietary systems and why make the switch?

14
00:00:45,760 --> 00:00:48,620
I mean beyond the massive cost savings, which is huge

15
00:00:48,620 --> 00:00:52,300
It really comes down to data sovereignty, which is so critical these days

16
00:00:52,300 --> 00:00:55,940
Exactly when you are dealing with legal and compliance requirements like strict

17
00:00:55,940 --> 00:00:57,540
data protection email retention

18
00:00:57,540 --> 00:01:02,550
Financial records and audit trails you really cannot afford to have your users

19
00:01:02,550 --> 00:01:03,340
identity data

20
00:01:03,340 --> 00:01:08,420
Just locked away in a vendor's black box. You need to own it, right and safe server

21
00:01:08,420 --> 00:01:10,840
guys organizations through that entire process

22
00:01:10,840 --> 00:01:14,430
Yeah from you know that initial consulting phase to figure out exactly what

23
00:01:14,430 --> 00:01:16,420
architecture you actually need all the way to

24
00:01:16,800 --> 00:01:21,270
Operating the open source software on highly secure servers located right within

25
00:01:21,270 --> 00:01:24,140
the EU which solves a ton of headaches for compliance

26
00:01:24,140 --> 00:01:28,610
Huge headaches you keep control you stay compliant and you stop paying that

27
00:01:28,610 --> 00:01:30,180
ridiculous enterprise markup

28
00:01:30,180 --> 00:01:33,740
You can find more information and get started at

29
00:01:33,740 --> 00:01:36,140
www.safeserver.de

30
00:01:36,140 --> 00:01:38,060
Because honestly

31
00:01:38,060 --> 00:01:42,360
Outsourcing your core identity infrastructure to those proprietary giants

32
00:01:42,360 --> 00:01:46,920
It's just a massive strategic risk and we are seeing a really significant industry

33
00:01:46,920 --> 00:01:48,840
pivot toward reclaiming that control

34
00:01:48,840 --> 00:01:51,520
Yeah, and speaking of risks if you're building an app today

35
00:01:51,520 --> 00:01:56,260
You might have this like massive blind spot as you're probably focusing entirely on

36
00:01:56,260 --> 00:01:57,860
human users, right?

37
00:01:57,860 --> 00:02:01,880
People clicking buttons exactly but looking at the trajectory of modern networks

38
00:02:01,880 --> 00:02:07,290
Non-human AI agents are well, they're likely going to outnumber human users in the

39
00:02:07,290 --> 00:02:08,540
very near future

40
00:02:08,540 --> 00:02:11,420
It's not even a question of if but when so true

41
00:02:11,780 --> 00:02:16,600
So today we're diving into this whole stack of github repositories security white

42
00:02:16,600 --> 00:02:18,100
papers and developer docs

43
00:02:18,100 --> 00:02:21,440
centered around an open source authentication and

44
00:02:21,440 --> 00:02:26,860
Authorization infrastructure called log toe log toe and our goal today is to really

45
00:02:26,860 --> 00:02:29,340
analyze how modern applications are

46
00:02:29,340 --> 00:02:35,220
Attempting to secure themselves for both human users and these you know AI agents

47
00:02:35,220 --> 00:02:40,340
Yeah, and how they do it without forcing developers to become like full-blown cryptographers

48
00:02:40,340 --> 00:02:41,680
because authentication remains

49
00:02:42,440 --> 00:02:45,990
The absolute bane of every software developers existence. I mean, it's just a

50
00:02:45,990 --> 00:02:48,880
nightmare. It really is. Why is that though?

51
00:02:48,880 --> 00:02:53,350
Well, the friction really comes from the gap between user expectation and technical

52
00:02:53,350 --> 00:02:53,800
reality

53
00:02:53,800 --> 00:02:57,620
So a user opens an app they click a button and they just expect to be in right

54
00:02:57,620 --> 00:02:58,960
compose that right?

55
00:02:58,960 --> 00:03:03,520
But beneath that single click is this terrifying labyrinth of security protocols

56
00:03:03,520 --> 00:03:04,120
Yeah

57
00:03:04,120 --> 00:03:07,680
I want to look at the actual mechanics of that labyrinth because the documentation

58
00:03:07,680 --> 00:03:10,040
we're looking at frequently cites these protocols

59
00:03:10,400 --> 00:03:12,920
like OIDC, which is open ID connect and

60
00:03:12,920 --> 00:03:16,320
Always 2.1. It's a big ones. Yeah, right

61
00:03:16,320 --> 00:03:21,030
But why are these so painfully difficult for a standard product developer to just

62
00:03:21,030 --> 00:03:22,480
implement from scratch?

63
00:03:22,480 --> 00:03:25,960
I mean building an app and then having to build your own authentication system

64
00:03:25,960 --> 00:03:28,400
It feels like I don't know like opening a local bakery

65
00:03:28,400 --> 00:03:32,150
But then having to design and forge your own bank vault from scratch just to hold

66
00:03:32,150 --> 00:03:33,280
the cash register

67
00:03:33,280 --> 00:03:37,420
That is actually a perfect analogy because it comes down to the catastrophic cost

68
00:03:37,420 --> 00:03:38,360
of a tiny mistake

69
00:03:38,520 --> 00:03:43,450
You know OIDC handles the authentication part that basically verifying who the user

70
00:03:43,450 --> 00:03:44,080
actually is

71
00:03:44,080 --> 00:03:47,580
Okay, and then oh, I have two point one handles the authorization

72
00:03:47,580 --> 00:03:53,130
So granting permissions to access certain data but without handing over the actual

73
00:03:53,130 --> 00:03:54,040
password, right?

74
00:03:54,040 --> 00:03:56,830
You don't want to just pass passwords around exactly. So when you use these

75
00:03:56,830 --> 00:03:59,680
protocols, you aren't just sending a username back and forth

76
00:03:59,680 --> 00:04:06,860
You are generating a cryptographically signed JSON web token or a JWT

77
00:04:06,860 --> 00:04:11,000
Okay JWT and what happens if the developer, you know

78
00:04:11,000 --> 00:04:15,220
Just writes the logic for that token incorrectly like a small typo or something

79
00:04:15,220 --> 00:04:17,120
total compromise like absolute disaster

80
00:04:17,120 --> 00:04:19,120
We really just from a small error. Oh, yeah

81
00:04:19,120 --> 00:04:25,190
Let's say a developer accidentally configures their system to accept a token signed

82
00:04:25,190 --> 00:04:25,960
with the wrong

83
00:04:25,960 --> 00:04:30,280
Cryptographic algorithm like they confuse a symmetric key for an asymmetric one

84
00:04:30,280 --> 00:04:35,300
Oh, wow, right a malicious actor can then forge their own digital pass

85
00:04:35,960 --> 00:04:38,100
Rewrite the payload inside it to say hey

86
00:04:38,100 --> 00:04:42,350
I'm the administrator and the system will just let them write in that is terrifying.

87
00:04:42,350 --> 00:04:46,240
It is implementing these industry standard protocols from scratch

88
00:04:46,240 --> 00:04:51,960
Requires like a really deep understanding of token life cycles key rotation

89
00:04:51,960 --> 00:04:56,970
Cryptographic validation. It's not for beginners. So looking at the developer docs

90
00:04:56,970 --> 00:05:00,100
here log toes primary value proposition seems to be just

91
00:05:00,100 --> 00:05:04,480
You know removing that cryptographic burden entirely going back to the analogy

92
00:05:04,480 --> 00:05:09,420
It acts as that pre-forged highly secure bank vault exactly developer just drops it

93
00:05:09,420 --> 00:05:11,160
into their back end and log toe handles

94
00:05:11,160 --> 00:05:15,060
All the OIDC and o with 2.1 token verification

95
00:05:15,060 --> 00:05:19,280
Natively that is the core utility right there the developer doesn't have to write

96
00:05:19,280 --> 00:05:21,320
the intricate logic to validate a web token

97
00:05:21,320 --> 00:05:24,270
They can just focus on building their actual product rather than you know trying to

98
00:05:24,270 --> 00:05:26,320
become an identity security expert overnight

99
00:05:26,320 --> 00:05:31,020
Which is a huge relief right and from a front-end perspective the sources really

100
00:05:31,020 --> 00:05:33,900
detail how this translates into the user experience, right?

101
00:05:33,900 --> 00:05:38,530
Yeah, the visual side of it right log to provides these pre-built sign-in flows. So

102
00:05:38,530 --> 00:05:40,640
you get passwordless entry via email or

103
00:05:40,640 --> 00:05:47,660
SMS verification codes you have traditional passwords obviously and social sign-ins

104
00:05:47,660 --> 00:05:50,720
like Google Apple or discord the ones everyone expects

105
00:05:50,720 --> 00:05:54,850
Yeah, but the feature that really stands out to me in the documentation is this

106
00:05:54,850 --> 00:05:57,240
multi app omni sign-in experience

107
00:05:57,240 --> 00:06:02,420
Oh, that is huge. That solves a major psychological friction point for users. How

108
00:06:02,420 --> 00:06:03,700
so well imagine an

109
00:06:03,900 --> 00:06:08,010
Organization that has like a web dashboard a mobile app and maybe the community

110
00:06:08,010 --> 00:06:08,280
forum

111
00:06:08,280 --> 00:06:12,600
Normally a user might navigate between those platforms and encounter three

112
00:06:12,600 --> 00:06:14,760
completely different login screens

113
00:06:14,760 --> 00:06:19,790
Oh, I hate that right because that inconsistency breeds suspicion users wonder if

114
00:06:19,790 --> 00:06:22,280
they've stumbled onto a phishing site or something

115
00:06:22,280 --> 00:06:23,800
Oh, okay. Yeah, that makes total sense

116
00:06:23,800 --> 00:06:24,000
Yeah

117
00:06:24,000 --> 00:06:28,500
So with the omni sign-in approach the login screen just looks native and consistent

118
00:06:28,500 --> 00:06:30,960
no matter where the user encounters it exactly

119
00:06:30,960 --> 00:06:35,920
It's one centralized sign-in flow for every single application in that ecosystem

120
00:06:35,920 --> 00:06:40,020
Okay, but I want to push back on this omni sign-in idea for a second just based on

121
00:06:40,020 --> 00:06:42,280
the enterprise use cases mentioned in the sources

122
00:06:42,280 --> 00:06:46,820
Okay, let's hear it having one unified login screen sounds really great for the

123
00:06:46,820 --> 00:06:48,320
software provider, right?

124
00:06:48,320 --> 00:06:53,410
Yeah, but what if that software provider grows and lands this massive corporate

125
00:06:53,410 --> 00:06:53,940
client?

126
00:06:53,940 --> 00:06:59,310
Ah the b2b scaling problem, right if I am a large corporation renting space on this

127
00:06:59,310 --> 00:06:59,960
platform

128
00:06:59,960 --> 00:07:04,970
I do not want my employees seeing a generic log to a screen. I want my own

129
00:07:04,970 --> 00:07:06,200
corporate branding

130
00:07:06,200 --> 00:07:11,000
There's a system like this force a universal look or does it you know allow for?

131
00:07:11,000 --> 00:07:15,600
Customization at the client level that is a critical distinction to make and the

132
00:07:15,600 --> 00:07:18,760
documentation actually specifically addresses this through a concept called

133
00:07:18,760 --> 00:07:23,400
Multi-tenancy multi-tenancy. Yeah log tow does not force a universal look on

134
00:07:23,400 --> 00:07:24,520
corporate clients

135
00:07:24,520 --> 00:07:29,080
It is built from the ground up to support business to business or b2b scaling

136
00:07:29,080 --> 00:07:30,880
Okay, let's unpack the mechanics of that

137
00:07:30,880 --> 00:07:35,010
How does multi-tenancy actually isolate one client from another think of the

138
00:07:35,010 --> 00:07:36,420
application as a large?

139
00:07:36,420 --> 00:07:41,930
Apartment building when you have individual consumer users. They each basically get

140
00:07:41,930 --> 00:07:43,560
a small isolated apartment

141
00:07:43,560 --> 00:07:48,120
Okay makes sense, but when you land a corporate client, let's call them business a

142
00:07:48,120 --> 00:07:50,120
they don't just want one apartment

143
00:07:50,120 --> 00:07:52,040
They want to rent an entire floor, right?

144
00:07:52,040 --> 00:07:56,150
They have a whole team exactly and they want the master keys to manage all the

145
00:07:56,150 --> 00:07:57,680
individual rooms on that floor

146
00:07:58,240 --> 00:08:03,660
So log toe allows developers to create distinct organizations or tenants within the

147
00:08:03,660 --> 00:08:03,960
app

148
00:08:03,960 --> 00:08:08,770
Business a gets its own isolated tenant environment. So they get their own branding

149
00:08:08,770 --> 00:08:09,840
their own user grouping

150
00:08:09,840 --> 00:08:14,310
Yep, and most importantly strict data isolation from business B on the floor right

151
00:08:14,310 --> 00:08:15,360
below them. Got it

152
00:08:15,360 --> 00:08:22,190
So business a is database queries cannot accidentally like bleed over and expose

153
00:08:22,190 --> 00:08:23,640
business B's user data

154
00:08:24,080 --> 00:08:28,370
Precisely, that would be a massive compliance failure and within that isolated

155
00:08:28,370 --> 00:08:31,900
floor. The corporate client also needs our BAC our BAC

156
00:08:31,900 --> 00:08:35,150
Which is role-based access control, right? Right? And this is another one of those

157
00:08:35,150 --> 00:08:36,200
enterprise grade features

158
00:08:36,200 --> 00:08:38,560
That's just native to lock toe. So under the hood

159
00:08:38,560 --> 00:08:43,250
How does our BAC actually restrict someone is it literally just a list of names on

160
00:08:43,250 --> 00:08:44,300
a server? No

161
00:08:44,300 --> 00:08:46,560
It's much more robust than that our BAC

162
00:08:46,560 --> 00:08:51,130
Attaches specific permissions to roles and then assigns those roles to users via

163
00:08:51,130 --> 00:08:53,800
claims in their actual identity token

164
00:08:53,800 --> 00:08:56,320
Okay, so like a tag on their ID badge basically

165
00:08:56,320 --> 00:09:01,330
So an intern receives a token with say a read-only claim while a manager receives a

166
00:09:01,330 --> 00:09:03,280
token with a write and delete claim

167
00:09:03,280 --> 00:09:08,040
When that intern tries to delete a database the application checks the token

168
00:09:08,040 --> 00:09:12,510
Sees the missing permission and just blocks the action at the protocol level. That's

169
00:09:12,510 --> 00:09:13,080
incredibly secure

170
00:09:13,080 --> 00:09:15,960
It is and lock toe manages all of this logic

171
00:09:15,960 --> 00:09:20,070
Allowing the corporate client to set strict rules without the software developer

172
00:09:20,070 --> 00:09:21,240
having to manually code

173
00:09:21,360 --> 00:09:25,560
You know permission checks for every single user Wow and the sources also highlight

174
00:09:25,560 --> 00:09:27,000
enterprise SSO

175
00:09:27,000 --> 00:09:31,660
So single sign-on as the sort of holy grail of b2b software. We are talking about

176
00:09:31,660 --> 00:09:32,360
integrations with

177
00:09:32,360 --> 00:09:34,080
semel

178
00:09:34,080 --> 00:09:36,080
Entra or Okta

179
00:09:36,080 --> 00:09:40,760
Why do large corporations mandate this so strictly it is entirely about?

180
00:09:40,760 --> 00:09:45,230
Compliance and the IT department's ability to maintain a single kill switch a kill

181
00:09:45,230 --> 00:09:45,400
switch

182
00:09:45,400 --> 00:09:51,640
Yeah, if a corporation has like 5,000 employees the IT department cannot manage

183
00:09:51,640 --> 00:09:56,880
5,000 separate accounts across 50 different software platforms. It's impossible.

184
00:09:56,880 --> 00:09:57,800
Yeah, that would be a nightmare

185
00:09:57,800 --> 00:10:02,810
So they want one centralized identity provider like Okta when an employee leaves

186
00:10:02,810 --> 00:10:06,200
the company IT just disables their Okta account

187
00:10:06,200 --> 00:10:10,720
Once oh and that instantly revokes their access to every single app they used

188
00:10:10,720 --> 00:10:11,440
including yours

189
00:10:11,720 --> 00:10:16,190
Exactly log toe allows developers to plug directly into these enterprise identity

190
00:10:16,190 --> 00:10:16,720
providers

191
00:10:16,720 --> 00:10:20,850
Satisfying those corporate compliance requirements right out of the box. Okay, but

192
00:10:20,850 --> 00:10:21,280
normally

193
00:10:21,280 --> 00:10:26,050
Providing features like SAML integration and multi-tenancy that requires enterprise

194
00:10:26,050 --> 00:10:26,960
level pricing

195
00:10:26,960 --> 00:10:31,730
But analyzing log toes pricing model here reveals a really interesting strategy the

196
00:10:31,730 --> 00:10:32,080
first

197
00:10:32,080 --> 00:10:36,600
50,000 monthly active users are completely free which is wild

198
00:10:36,600 --> 00:10:40,300
It functions as this massive safety net for growing startup by eliminating the

199
00:10:40,300 --> 00:10:42,480
upfront cost for those enterprise features

200
00:10:42,480 --> 00:10:47,040
Developers can architect their platform for B2B scale from day one

201
00:10:47,040 --> 00:10:51,510
Rather than you know trying to duct tape multi-tenancy onto a consumer app three

202
00:10:51,510 --> 00:10:53,840
years down the line when they finally land a big contract

203
00:10:53,840 --> 00:10:57,970
Yeah, buck taping enterprise features is never a good idea never now the

204
00:10:57,970 --> 00:10:59,920
documentation makes a really sharp pivot here

205
00:10:59,920 --> 00:11:04,800
Moving away from human users entirely and this brings us back to that blind spot

206
00:11:04,800 --> 00:11:07,640
We mentioned at the start of the show the AI agents. Yes

207
00:11:07,640 --> 00:11:12,480
How does an authentication system handle the paradigm shift of the AI era?

208
00:11:12,480 --> 00:11:18,200
I mean we're scripts microservices and AI models need to securely access data

209
00:11:18,200 --> 00:11:22,400
Because if our BAC is like giving different employees different colored key cards

210
00:11:22,400 --> 00:11:26,600
How do we give a key card to a robot assistant who needs to do tasks on our behalf?

211
00:11:26,600 --> 00:11:30,920
This is where identity infrastructure is currently undergoing a massive evolution

212
00:11:31,440 --> 00:11:35,910
historically, you know authentication required a screen a keyboard and human eyes

213
00:11:35,910 --> 00:11:37,760
to solve a KPT CHA or

214
00:11:37,760 --> 00:11:41,880
Read an SMS code right click all the squares of the crosswalk

215
00:11:41,880 --> 00:11:45,640
Exactly, but AI agents do not have eyes or smartphones

216
00:11:45,640 --> 00:11:50,190
So Logto is engineering identity for these non-human entities through machine to

217
00:11:50,190 --> 00:11:53,440
machine or M2M authentication

218
00:11:53,440 --> 00:11:55,440
And the documentation

219
00:11:55,440 --> 00:12:00,320
Mentions the model context protocol or MCP in this specific context. What role does

220
00:12:00,320 --> 00:12:00,720
that play?

221
00:12:00,720 --> 00:12:06,720
So MCP is this emerging standard designed to securely connect AI models to external

222
00:12:06,720 --> 00:12:08,840
tools and private data sources

223
00:12:08,840 --> 00:12:09,240
Right

224
00:12:09,240 --> 00:12:14,000
If you deploy an AI assistant and ask it to summarize say a highly confidential

225
00:12:14,000 --> 00:12:16,120
financial report from your private database

226
00:12:16,120 --> 00:12:20,760
That AI needs a way to cryptographically prove to the database that it actually has

227
00:12:20,760 --> 00:12:23,880
the authority to read that file and Logto handles that

228
00:12:23,880 --> 00:12:28,350
Right Logto natively supports the protocols required for those secure automated

229
00:12:28,350 --> 00:12:30,560
handshakes and the mechanism they use for this is called

230
00:12:30,720 --> 00:12:32,720
Personal access tokens or BATs

231
00:12:32,720 --> 00:12:35,640
How do these differ from a standard login token?

232
00:12:35,640 --> 00:12:39,210
Think of it this way a standard login is like presenting your passport at a border

233
00:12:39,210 --> 00:12:40,200
crossing, right?

234
00:12:40,200 --> 00:12:44,320
The guard has to look at your face to verify. It's really you a personal access

235
00:12:44,320 --> 00:12:45,800
token is more like a diplomatic pouch

236
00:12:45,800 --> 00:12:51,610
It skips the face check entirely, but it is strictly limited in scope. You generate

237
00:12:51,610 --> 00:12:54,040
a PT specifically for your automated pipeline

238
00:12:54,040 --> 00:12:59,320
It provides clean programmatic access without any messy login screens

239
00:12:59,320 --> 00:13:03,590
And I assume the major security benefit there is revocation like if the script goes

240
00:13:03,590 --> 00:13:05,360
rogue or the token is leaked somehow

241
00:13:05,360 --> 00:13:08,160
You don't have to change a master password for the whole system

242
00:13:08,160 --> 00:13:12,820
Exactly. You just instantly revoke that specific diplomatic pouch and the AI agent

243
00:13:12,820 --> 00:13:14,400
loses access immediately

244
00:13:14,400 --> 00:13:19,220
That is the exact security posture you need for modern micro services. It isolates

245
00:13:19,220 --> 00:13:20,480
the risk completely

246
00:13:20,480 --> 00:13:24,000
There is another feature detailed in the sources that sort of bridges this gap

247
00:13:24,000 --> 00:13:27,840
between human support and secure access and it's called

248
00:13:28,160 --> 00:13:29,600
impersonation the

249
00:13:29,600 --> 00:13:33,710
Documentation describes this as a way for customer support teams to log in as an

250
00:13:33,710 --> 00:13:34,440
end customer

251
00:13:34,440 --> 00:13:38,550
Yeah, this is a tricky one right because initially that sounds like a massive

252
00:13:38,550 --> 00:13:39,800
security vulnerability

253
00:13:39,800 --> 00:13:44,730
How does a system allow an employee to inhabit a user's account without you know

254
00:13:44,730 --> 00:13:46,320
exposing the users password?

255
00:13:46,320 --> 00:13:50,840
It uses an audit logged temporary session token. Okay, break that down for me

256
00:13:50,840 --> 00:13:55,310
So when a user reports a broken dashboard the support representative doesn't ask

257
00:13:55,310 --> 00:13:56,200
for their password

258
00:13:56,200 --> 00:13:58,200
They never see the password

259
00:13:58,200 --> 00:14:03,720
Instead the rep uses their own high-level admin credentials to request an impersonation

260
00:14:03,720 --> 00:14:05,360
token from Logto

261
00:14:05,360 --> 00:14:10,550
Okay, and then the system generates a temporary highly restricted session that

262
00:14:10,550 --> 00:14:13,560
basically mirrors the users view and crucially

263
00:14:13,560 --> 00:14:18,390
Every single action the support rep takes while impersonating that user is

264
00:14:18,390 --> 00:14:20,280
permanently logged in the audit trail

265
00:14:20,280 --> 00:14:24,410
Oh under the support reps name not the users exactly it provides the visibility

266
00:14:24,410 --> 00:14:25,440
needed for troubleshooting

267
00:14:25,720 --> 00:14:30,240
While maintaining perfect cryptographic accountability that is brilliant

268
00:14:30,240 --> 00:14:33,880
Okay, so we're looking at an impressive list of capabilities here multi-tenancy

269
00:14:33,880 --> 00:14:37,160
machine-to-machine tokens support impersonation

270
00:14:37,160 --> 00:14:41,970
But the practical reality for developer is you know implementation right building

271
00:14:41,970 --> 00:14:42,360
the thing

272
00:14:42,360 --> 00:14:42,600
Yeah

273
00:14:42,600 --> 00:14:44,520
if Logto is open source

274
00:14:44,520 --> 00:14:49,230
Does a developer just download a massive repository of complex code from github and

275
00:14:49,230 --> 00:14:51,800
just hope they can compile it without breaking their servers

276
00:14:51,840 --> 00:14:56,040
Well, the open-source ecosystem has thankfully evolved significantly past that

277
00:14:56,040 --> 00:14:56,360
point

278
00:14:56,360 --> 00:15:00,960
Logto has really mitigated the integration friction by providing these pre-built

279
00:15:00,960 --> 00:15:03,520
software development kits or SDKs

280
00:15:03,520 --> 00:15:07,120
For over 30 different frameworks 30 Wow

281
00:15:07,120 --> 00:15:07,800
Yeah

282
00:15:07,800 --> 00:15:12,050
So whether a team is building the front end in reactor view and the back end in

283
00:15:12,050 --> 00:15:14,900
Python go iOS Android node

284
00:15:14,900 --> 00:15:19,920
There's a native SDK designed to just handle the API calls to Logto

285
00:15:20,160 --> 00:15:23,660
Effortlessly and the developer experience detailed in the launch options is also

286
00:15:23,660 --> 00:15:24,500
really revealing

287
00:15:24,500 --> 00:15:29,520
They highlight a git pod launch option alongside a local Docker compose setup for

288
00:15:29,520 --> 00:15:30,900
someone new to this

289
00:15:30,900 --> 00:15:35,200
Why would a developer choose one over the other it really comes down to environment

290
00:15:35,200 --> 00:15:37,760
variables and speed a local Docker?

291
00:15:37,760 --> 00:15:41,390
Environment requires you to actually download the containers and run them on your

292
00:15:41,390 --> 00:15:43,520
own machine, which takes time, right?

293
00:15:43,520 --> 00:15:45,000
It is highly reproducible

294
00:15:45,000 --> 00:15:48,790
But it relies on your local hardware git pod on the other hand spins up the entire

295
00:15:48,790 --> 00:15:51,320
open source environment in the cloud instantly

296
00:15:51,320 --> 00:15:55,790
Oh, so you don't install anything locally. No a developer can click a link

297
00:15:55,790 --> 00:15:59,060
completely bypass all local configuration issues and

298
00:15:59,060 --> 00:16:03,170
Just start testing the authentication flows in their browser within seconds that

299
00:16:03,170 --> 00:16:05,160
speed of deployment is impressive, but

300
00:16:05,160 --> 00:16:11,160
We have to analyze the actual defensive architecture here if we return to that bank

301
00:16:11,160 --> 00:16:11,860
vault analogy

302
00:16:11,860 --> 00:16:16,120
We really need to know how thick the walls are absolutely because open source code

303
00:16:16,120 --> 00:16:18,060
is inherently transparent, right?

304
00:16:18,060 --> 00:16:21,100
Which means hackers can study it just as easily as developers

305
00:16:21,100 --> 00:16:24,810
Well transparency is actually a defensive advantage in cryptography because it

306
00:16:24,810 --> 00:16:25,320
allows

307
00:16:25,320 --> 00:16:30,150
Thousands of independent security researchers to audit the code. They find the bugs

308
00:16:30,150 --> 00:16:32,200
before the bad guys do that's true

309
00:16:32,200 --> 00:16:37,240
But beyond the code itself log toe undergoes rigorous institutional auditing

310
00:16:37,280 --> 00:16:42,880
They are soc2 type 2 certified. Okay. What does that certification actually entail?

311
00:16:42,880 --> 00:16:46,670
It's just like a security checklist a company fills out once a year and says we're

312
00:16:46,670 --> 00:16:46,960
good

313
00:16:46,960 --> 00:16:51,230
Not at all. So c2 type I is a checklist that proves you have security policies in

314
00:16:51,230 --> 00:16:52,240
place on a specific day

315
00:16:52,240 --> 00:16:56,080
so c2 type 2 is a grueling continuous audit an

316
00:16:56,080 --> 00:17:00,780
Independent auditor basically monitors the company's operational practices over an

317
00:17:00,780 --> 00:17:03,560
extended period often six months to a year

318
00:17:03,560 --> 00:17:07,670
Wow, just watching everything they do everything to prove that they actually follow

319
00:17:07,670 --> 00:17:12,120
their strict security privacy and data access procedures every single day

320
00:17:12,120 --> 00:17:17,300
Achieving it is incredibly difficult for a startup to do alone. Okay, that gives a

321
00:17:17,300 --> 00:17:17,880
lot of confidence

322
00:17:17,880 --> 00:17:23,010
Yeah, and delving into the actual cryptography the white papers specify that log to

323
00:17:23,010 --> 00:17:25,720
uses argon 2 for password hashing

324
00:17:25,720 --> 00:17:30,000
Yep, argon 2. How does argon 2 protect a database if it actually gets stolen?

325
00:17:30,160 --> 00:17:34,440
Well when a secure system saves a password it never saves the plain text obviously

326
00:17:34,440 --> 00:17:37,660
it runs the password through a mathematical hash function to create

327
00:17:37,660 --> 00:17:42,130
Scramble text right if a hacker steals the database. They usually deploy massive

328
00:17:42,130 --> 00:17:44,840
arrays of graphics processing units GPUs to guess

329
00:17:44,840 --> 00:17:49,120
Millions of passwords a second just hoping to find the text that matches the hash

330
00:17:49,120 --> 00:17:49,920
root force

331
00:17:49,920 --> 00:17:54,080
Exactly. Yeah, argon 2 is designed to defeat this specific hardware attack

332
00:17:54,080 --> 00:17:57,640
How does it bottle like a GPU though like GPUs are incredibly fast

333
00:17:57,680 --> 00:18:02,000
They are but argon 2 defeats them by utilizing memory hard functions

334
00:18:02,000 --> 00:18:08,060
See GPUs have thousands of processing cores allowing them to calculate incredibly

335
00:18:08,060 --> 00:18:10,740
fast, but they have very little local memory

336
00:18:10,740 --> 00:18:16,560
Right argon 2 forces the hashing process to consume a massive amount of RAM

337
00:18:16,560 --> 00:18:22,260
By demanding memory rather than just processing speed argon 2 starves the GPU

338
00:18:22,840 --> 00:18:27,880
Slowing the hackers brute-force attack to an absolute crawl. That is so clever

339
00:18:27,880 --> 00:18:31,200
It essentially turns the attackers own hardware architecture against them

340
00:18:31,200 --> 00:18:35,670
Exactly and for organizations that want to eliminate passwords entirely the

341
00:18:35,670 --> 00:18:38,240
documentation also highlights support for a web often

342
00:18:38,240 --> 00:18:41,520
Which is the underlying technology for paskies right paskies are everywhere now

343
00:18:41,520 --> 00:18:44,960
because web often represents the gold standard for multi-factor authentication

344
00:18:44,960 --> 00:18:49,430
Instead of relying on a shared secret like a password it uses public key cryptography

345
00:18:49,430 --> 00:18:52,280
tied to the biometric sensors on your actual device

346
00:18:52,280 --> 00:18:57,290
Okay, wait, so when I use my fingerprint or face ID to log in my biometric data isn't

347
00:18:57,290 --> 00:18:58,640
being sent to log toe server

348
00:18:58,640 --> 00:19:03,350
Correct. Your biometric data never ever leaves the secure on play of your phone or

349
00:19:03,350 --> 00:19:05,340
laptop. Oh, thank goodness. Yeah

350
00:19:05,340 --> 00:19:11,420
Your device uses that biometric check locally to unlock a private cryptographic key

351
00:19:11,420 --> 00:19:16,130
Which then signs a challenge sent by the server the server only holds the public

352
00:19:16,130 --> 00:19:17,840
key which is useless to a hacker

353
00:19:18,080 --> 00:19:21,730
So even if the server is compromised, they don't have your face or fingerprint

354
00:19:21,730 --> 00:19:25,660
exactly it fundamentally eliminates the risk of phishing and credential stuffing

355
00:19:25,660 --> 00:19:30,130
The final aspect of the architecture detailed in the sources really brings us back

356
00:19:30,130 --> 00:19:31,420
to the deployment models

357
00:19:31,420 --> 00:19:34,800
While log to is open source and can be self hosted

358
00:19:34,800 --> 00:19:39,390
They also offer a fully managed log to cloud version right for teams that don't

359
00:19:39,390 --> 00:19:41,800
want to manage servers and this highlights a critical

360
00:19:41,800 --> 00:19:46,420
Geographical feature regarding data isolation across distinct regions, right?

361
00:19:46,420 --> 00:19:50,550
Yes, and this is a vital component of international compliance log to cloud

362
00:19:50,550 --> 00:19:53,160
operates environments in the EU the US

363
00:19:53,160 --> 00:19:54,940
Australia and Japan

364
00:19:54,940 --> 00:19:59,070
Meaning a European company can ensure their users identity data literally never

365
00:19:59,070 --> 00:20:02,240
crosses the Atlantic never it stays in Europe

366
00:20:02,240 --> 00:20:06,350
Fully encrypted at the database level with TLS encryption securing the data while

367
00:20:06,350 --> 00:20:07,160
it is in transit

368
00:20:07,160 --> 00:20:12,320
It allows an organization to really leverage the transparency and flexibility of an

369
00:20:12,320 --> 00:20:13,560
open source architecture

370
00:20:14,160 --> 00:20:18,290
While still meeting the rigorous data sovereignty demands of an enterprise

371
00:20:18,290 --> 00:20:19,920
environment exactly

372
00:20:19,920 --> 00:20:23,640
However, it is important to note that maintaining self-hosted identity

373
00:20:23,640 --> 00:20:25,840
infrastructure does require

374
00:20:25,840 --> 00:20:30,580
Dedicated engineering resources to manage updates and security patches right? You

375
00:20:30,580 --> 00:20:31,540
can't just set it and forget it

376
00:20:31,540 --> 00:20:36,320
No log toe removes the cryptographic complexity, but the infrastructure still

377
00:20:36,320 --> 00:20:38,040
demands operational diligence

378
00:20:38,720 --> 00:20:42,400
Synthesizing the source material here log toe presents a genuinely compelling

379
00:20:42,400 --> 00:20:44,400
approach to modern identity management

380
00:20:44,400 --> 00:20:49,040
It essentially democratizes access to enterprise-grade security tools

381
00:20:49,040 --> 00:20:53,970
It really does developers are handed this pre-built cryptographic vault that scales

382
00:20:53,970 --> 00:20:54,680
from you know

383
00:20:54,680 --> 00:20:58,950
A simple consumer app all the way to a massive multi-tenant b2b platform with

384
00:20:58,950 --> 00:21:01,320
single sign on and most importantly

385
00:21:01,320 --> 00:21:06,080
It bridges the gap into the AI frontier providing the machine to machine protocols

386
00:21:06,080 --> 00:21:08,360
necessary to secure non-human agents

387
00:21:08,360 --> 00:21:12,160
Which is huge. What's the broader implication for the industry in your view?

388
00:21:12,160 --> 00:21:15,880
I think the broader implication is that developers no longer have to compromise

389
00:21:15,880 --> 00:21:17,040
between speed-to-market

390
00:21:17,040 --> 00:21:21,680
Operational cost and deep security they can finally just rely on vetted

391
00:21:21,680 --> 00:21:24,400
infrastructure as we conclude this analysis

392
00:21:24,400 --> 00:21:28,200
I want to leave you with a provocative thought regarding that AI frontier

393
00:21:28,200 --> 00:21:32,860
We established that autonomous scripts AI models and micro services will soon

394
00:21:32,860 --> 00:21:35,600
completely dominate network traffic

395
00:21:35,600 --> 00:21:39,800
No doubt about it. So when a network is populated almost entirely by non-human

396
00:21:39,800 --> 00:21:42,340
agents performing automated tasks

397
00:21:42,340 --> 00:21:46,440
How will our foundational definition of digital identity have to evolve?

398
00:21:46,440 --> 00:21:50,910
Will the security frameworks of tomorrow have to assess not just the cryptographic

399
00:21:50,910 --> 00:21:52,000
signature of an AI?

400
00:21:52,000 --> 00:21:54,600
But the behavioral intent of its actions

401
00:21:54,600 --> 00:21:58,110
Honestly, that is the defining security question for the next decade of

402
00:21:58,110 --> 00:22:02,420
decentralized computing as you navigate that rapidly changing landscape

403
00:22:02,480 --> 00:22:06,320
You really don't have to be tethered to the expensive proprietary giants of the

404
00:22:06,320 --> 00:22:09,600
past and that brings us back to our sponsor safe server

405
00:22:09,600 --> 00:22:13,960
by transitioning to a robust open-source solution like log tow

406
00:22:13,960 --> 00:22:18,550
Organizations businesses and associations gain incredible cost savings while

407
00:22:18,550 --> 00:22:22,220
permanently escaping vendor lock-in, which is the dream, right?

408
00:22:22,220 --> 00:22:24,520
Whether your priority is strict data protection

409
00:22:24,520 --> 00:22:29,530
establishing immutable audit trails or simply retaining absolute sovereignty over

410
00:22:29,530 --> 00:22:30,280
your user data

411
00:22:30,680 --> 00:22:34,020
Safe server is equipped to facilitate that entire transition

412
00:22:34,020 --> 00:22:38,770
You can commission them for specialized consulting to determine if log tow or you

413
00:22:38,770 --> 00:22:39,160
know

414
00:22:39,160 --> 00:22:43,290
Another open-source alternative is the exact right architectural fit for your

415
00:22:43,290 --> 00:22:44,860
organization's specific needs

416
00:22:44,860 --> 00:22:48,990
From that very first strategy conversation the full-scale operation on highly

417
00:22:48,990 --> 00:22:50,720
secure servers right within the EU

418
00:22:50,720 --> 00:22:54,980
They manage the complexity so you can just focus on your core product visit

419
00:22:55,360 --> 00:23:01,130
www.safeserver.de to explore your options the next time you seamlessly log into an

420
00:23:01,130 --> 00:23:03,600
application take a moment to appreciate the immense invisible

421
00:23:03,600 --> 00:23:07,000
Cryptographic machinery verifying your identity and be really glad you didn't have

422
00:23:07,000 --> 00:23:09,960
to build it yourself. Thanks for joining us on this deep dive