Who We Are

Bespoke Engineering, LLC is an independent consultancy based in Boston, MA, USA specializing in internet securirty and identity.

Founder and Principal Architect Justin Richer brings two decades of industry experience in security, identity, architecture, standards, design, and collaboration. Justin is a respected contributor to a variety of standards, specifications, and software projects and routinely speaks at industry conferences around the world. In particular, Justin has contributed significantly to OAuth 2 and OpenID Connect and the ecosystem of specifications around them.

Justin's first book, OAuth 2 In Action, has been published by Manning Publications and is available in three languages around the world. OAuth 2 In Action has received overwhelmingly positive reviews and remains the go-to reference for OAuth 2. Justin was also the lead editor for the OAuth 2 extensions for Dynamic Client Registration (RFC7591 and RFC7592) and Token Introspection (RFC7662). Justin was also the lead author of Vectors of Trust (RFC8485). Justin also contributed to NIST Special Publication 800-63-3 and in particular was the lead author for SP 800-63C, Digital Identity Guidelines: Federation and Assertions. Justin also served as an editor for the User Managed Access 2 specification and the suite of healthcare security profiles known as HEART.

Justin's security blog is updated occasionally on a variety of relevant topics.

We have many years of experience working with a variety of team configurations in companies and organizations around the world. And for those times when we need to bring even more expertise, we have ongoing contacts with a variety of different engineers, designers, and specialists that we can bring to bear on different problems, providing flexibility and expertise to meet the most demanding project challenges.