About me

I am VP R&D at Auth0, leading the Auth0Lab team, which does research of future Auth0 products and/or features. Some things we've incubated:

• Auth for GenAI
• Auth0 FGA and OpenFGA
• Verifiable Credentials with Auth0

Some talks

I have spoken at events over the past few years, both about technical topics and building teams.

TEDx talk -El trabajo remoto es el presente y su base es la confianza (spanish)

Path to SRE

You've heard all the buzz about SRE, but what does it take to do it if you are not Google? In this talk, learn about Auth0's experience in creating SRE and rolling it out.

Auth0: Multi-Region High-Availability Architecture that Scales to 1.5B+ Logins a Month

How Auth0 built a highly-available identity-as-a-service platform that is spread across multiple AWS Regions. Auth0 handles billions of logins every month, so our architecture is built for extremely high availability. You'll learn what pitfalls to avoid when deploying across multiple regions, and how they use Route53, VPC Peering plus other services and techniques to achieve high-availability with rock-solid replica set elections.

Real-Life Node.js Troubleshooting

When building a large enough set of services using node.js, there will be a point when you find that your application is suffering from performance or memory issues. When this happens, you have to roll up your sleeves, get your tools and start digging. This talk explains how you can use tools such as ab, flame graphs, heap snapshots and Chrome's memory inspector to find the cause of these. We will go over two real-life issues, a CPU bottleneck and a memory leak, we found while building our services at Auth0, and also explain how we fixed them.

The dirty secrets of building large, highly available, scalable HTTP APIs

When you first start building an API for a new product you mostly focus on getting an MVP ready, with the goal of shipping as soon as possible so you can get feedback from customers. If you are lucky enough, your product will be successful and you will have to start worrying about things like authentication, authorization, documentation, validation, rate limiting, geo-redundancy, and no downtime deployments. In this talk, I go over some real-life examples of our experience evolving our APIs at Auth0 and some of the tools we use for that.

Getting over Moore's Law: Parallelization using JavaScript in the browser

Modern computers and devices continue the trend of having a larger number of CPU cores instead of cores with more computing power. That means that the days of waiting for Moore's Law to take effect so our apps run faster are over, and we, developers, need to start adventuring into the land of parallelism.

This talk goes over some of the currently available approaches (and ongoing efforts) that make it possible to take advantage of parallelism in the browser using JavaScript. This includes not only the widely spread concept of Web Workers but also Single Instruction Multiple Data (SIMD) and the downfall of ParallelJS and rise of SharedArrayBuffers.