RNRaj Nagulapalleinfetchsandbox.hashnode.dev·Jun 25 · 4 min readOur partners kept breaking on staging. So we gave them production access. (Don't do this.)We whitelisted partners on production with read-only test accounts. That was attempt four — after docs-only onboarding, shared UAT, and IP-whitelisted staging all failed in different ways. I work on a00
RNRaj Nagulapalleinfetchsandbox.hashnode.dev·Jun 16 · 4 min readTest AgentMail multi-tenant webhooks before they leak across tenantsThe dangerous AgentMail webhook bug starts with a response that looks completely fine. POST /v0/webhooks -> 200 OK The response body contains the webhook object. It includes your URL, event types, an00
RNRaj Nagulapalleinfetchsandbox.hashnode.dev·Jun 15 · 3 min readClerk webhook replay can create duplicate users unless your sync is idempotentThe login worked. The webhook worked. Then the same event arrived again. Clerk webhooks are easy to treat like a notification: user.created arrived create a local user done That works until the event00
RNRaj Nagulapalleinfetchsandbox.hashnode.dev·Jun 12 · 4 min readWorkOS directory sync webhooks need reconciliation after Okta group renamesThe bug shows up two minutes after the customer says, "we only renamed the group." In Okta, the admin changed Enterprise Admins to Platform Admins. WorkOS sent dsync.group.updated. Your webhook handle00
RNRaj Nagulapalleinfetchsandbox.hashnode.dev·Jun 9 · 2 min readClerk JWT 401 on the server? Check these 3 env vars firstA Clerk login can look fine in the browser and still fail on your server with a 401. The frontend has a user. getToken() returns something. The request includes: Authorization: Bearer <token> Then Fa00