Session Clustering for OAuth 2.0 Applications

Learn how sessions are used with OAuth 2.0 and build an example with HAproxy, Redis, and Spring Boot.


A common OAuth 2.0 question we get: “How do I deal with OAuth in a load-balanced application?” The short answer: There’s nothing specific about session clustering for OAuth. The longer answer is—you likely still need to worry about cluster session management. This post will discuss how an OAuth login relates to your application’s session. And we’ll build a simple, secure, load-balanced application to demonstrate.

Developers Guide to GPG and YubiKey

Tutorial: API clients have different capabilities and needs! Learn how to make your server select the correct languages, media types, and compression!


Content negotiation allows for an HTTP server to respond to different types of clients. Many modern clients expect a JSON response, but there may be a need to format responses differently, maybe XML for older clients or a binary format for newer ones. Content negotiation is the mechanism used to solve that problem and others, such as dealing with multiple languages and even compressing HTTP requests.