Securing APIs with JWTs
By Mark Rudolph • February 24, 2026
As mentioned in my [previous post](/2026/02/19/open-apps-with-pocket-id), I'm planning to roll out some demo web
applications leveraging a self-hosted "third party" Open ID Connect identity server (Pocket ID). I've set up a short url
to host these at: `altx10.dev`, with the idea being that each one will be deployed to `{app}.altx10.dev`. These
applications will be independent of each other, but with a centralized login. In order to secure parts of the apps, we
will use JSON Web Tokens.
Open Apps with Pocket ID
Setting up Pocket ID for passwordless authentication across self-hosted apps
By Mark Rudolph • February 19, 2026
I've decided to take some time off of work recently, and thought it would be fun to put a spin on "how to" blog posts.
In addition to writing about a particular topic, I thought it could be cool to actually deploy it somewhere and allow it
to be publicly used. I've had this idea before, but I'd still like to have user authentication that I can streamline
across various applications at different subdomains. There are plenty of auth solutions out there, but I recently came
across one that is simple to deploy called [Pocket ID](https://pocket-id.org), which exclusively
uses [passkeys](https://www.passkeys.io).