About me

I am a Principal Architect at Auth0. I work on the Auth0Lab team researching the intersection of identity and Web 3: Verifiable Credentials, Decentralized Identity, Sign-in with Ethereum, NFTs & Token Gating, Zero-Knowledge Proofs, etc. Last year I led Auth0 FGA, a new SaaS product for Fine-Grained Authorization inspired by Google Zanzibar.

I love to solve hard problems of any type, especially those related to making software and teams scale.

Before Auth0, I spent many years working for and at Microsoft on Azure SQL, Azure Media, and patterns & practices related initiatives. I spend my spare time with family, friends, exercising, and catching up on all things NBA.

Some talks

I have sspeak at events over the past few years, both about technical topics and building teams.

TEDx talk -El trabajo remoto es el presente y su base es la confianza (spanish)

Path to SRE

You’ve heard all the buzz about SRE, but what does it take to do it if you are not Google? In this talk, learn about Auth0’s experience in creating SRE and rolling it out.

Auth0: Multi-Region High-Availability Architecture that Scales to 1.5B+ Logins a Month

How Auth0 built a highly-available identity-as-a-service platform that is spread across multiple AWS Regions. Auth0 handles billions of logins every month, so our architecture is built for extremely high availability. You’ll learn what pitfalls to avoid when deploying across multiple regions, and how they use Route53, VPC Peering plus other services and techniques to achieve high-availability with rock-solid replica set elections.

Real-Life Node.js Troubleshooting

When building a large enough set of services using node.js, there will be a point when you find that your application is suffering from performance or memory issues. When this happens, you have to roll up your sleeves, get your tools and start digging. This talk explains how you can use tools such as ab, flame graphs, heap snapshots and Chrome’s memory inspector to find the cause of these. We will go over two real-life issues, a CPU bottleneck and a memory leak, we found while building our services at Auth0, and also explain how we fixed them.

The dirty secrets of building large, highly available, scalable HTTP APIs

When you first start building an API for a new product you mostly focus on getting an MVP ready, with the goal of shipping as soon as possible so you can get feedback from customers. If you are lucky enough, your product will be successful and you will have to start worrying about things like authentication, authorization, documentation, validation, rate limiting, geo-redundancy, and no downtime deployments. In this talk, I go over some real-life examples of our experience evolving our APIs at Auth0 and some of the tools we use for that.

Getting over Moore’s Law: Parallelization using JavaScript in the browser

Modern computers and devices continue the trend of having a larger number of CPU cores instead of cores with more computing power. That means that the days of waiting for Moore’s Law to take effect so our apps run faster are over, and we, developers, need to start adventuring into the land of parallelism.

This talk goes over some of the currently available approaches (and ongoing efforts) that make it possible to take advantage of parallelism in the browser using JavaScript. This includes not only the widely spread concept of Web Workers but also Single Instruction Multiple Data (SIMD) and the downfall of ParallelJS and rise of SharedArrayBuffers.