AAAfshin Aminiinmnafshin.info·20h ago · 5 min readThe OAuth Mental ModelFour roles (memorize these) OAuth names four actors. Everything else hangs off them. flowchart TB RO["Resource Owner<br/>(the user)"] AS["Authorization Server<br/>(Keycloak, Okta, Google, Auth00
AAAfshin Aminiinmnafshin.info·20h ago · 4 min readWhy OAuth ExistsThe scenario everyone recognizes Your application wants to access a user's data on another service — their Google Calendar, GitHub repositories, or company files in SharePoint. The naive approach: ask00
AAAfshin Aminiinmnafshin.info·1d ago · 10 min readStop Inventing Error JSON: A Practical Guide to RFC 7807 Problem DetailsEvery HTTP API eventually returns an error. The hard part is not the status code — it is the body. One service returns { "error": "not found" }, another returns { "message": "User does not exist" }, a00
AAAfshin Aminiinmnafshin.info·May 9 · 11 min readIdempotency Patterns — Create Orders Exactly Once (With Retries)Git Repo: https://github.com/mnafshin/idempotency Why This Matters Retries are a fact of life in distributed systems. A mobile client times out, a load balancer gives up, a service restarts — and the 00
AAAfshin Aminiinmnafshin.info·May 9 · 4 min readMulti-Tenancy Architecture in Spring Boot This guide explains the four most common multi-tenancy approaches, when to use each, and how to set each one up in a Spring Boot + PostgreSQL system. Git link: https://github.com/mnafshin/multi-tenanc00