This last week I've had to implement invisible single-sign-on in a heterogeneous mixed-tenancy environment. And since we already had #JWT-based auth, I was able to customize the payload to pave over the mixed-tenancy problem and turn a single-auth token into a multi-service token. Prior to the start of the week, I barely knew what 'JWT' stood for.

Five-years-ago-me is a little annoyed at how easy this has become, since back then it was all #Oauth and #SAML and #OpenID...