Senior Software Engineer, Identity

In this role, you will join the Identity team as a Senior Software Engineer, owning the authentication and authorization infrastructure that secures every request across the Sanity platform.

You will work on distributed systems operating at scale - handling OAuth 2.0, OIDC, SAML/SSO, session management, and JWT flows for hundreds of thousands of developers and their projects.

Security is not an afterthought here; it is a first-class design constraint in everything we build. As AI and agentic workflows become central to how teams use Sanity, the Identity team sits at the frontier of a new and largely unsolved challenge: defining how AI agents authenticate, how their actions are attributed, and how trust is established in a world where not every API call originates from a human. You will have a direct and lasting impact on shaping that foundation.

What You Would Do

• Design and build core authentication and authorization infrastructure
• Implement and evolve our identity protocols - OAuth 2.0, OIDC, SAML/SSO, session management, and JWT - powering secure access for hundreds of thousands of developers and their projects.
• Own the reliability, correctness, and security posture of identity services across our distributed platform, from API gateway to backend services to the login UI.
• Identify architectural improvements and drive them from initial design through production, with a security-first lens at every step.
• Build the identity layer for AI and agentic workflows
• Design and implement agent attribution - establishing verifiable, auditable identity for AI agents acting on behalf of users and organizations at platform scale.
• Collaborate with platform and product teams to define the identity primitives that underpin Sanity's AI Content Operating System, including authorization models for agentic contexts.
• Collaborate across the stack and raise engineering quality
• Work end-to-end across backend services (Node.js/TypeScript), PostgreSQL, and frontend auth flows - owning features from design through delivery.
• Participate in code reviews, architectural discussions, and incident response; contribute to on-call for identity services.
• Partner closely with security, platform, and product teams on cross-cutting concerns and help set the technical direction for the Identity domain.

• Location: Remote in Europe
• Strong hands-on experience with TypeScript/Node.js and PostgreSQL in production backend systems
• Deep knowledge of identity and authentication standards: OAuth 2.0, OIDC, SAML, JWT, and session management
• Proven experience designing and operating distributed systems at scale - you understand the failure modes and trade-offs, not just the happy path
• Security-first mindset - you reason about threat models, trust boundaries, and least-privilege by default
• Self-directed and autonomous; comfortable owning problems end-to-end and collaborating effectively across a remote, distributed team
• Experience with Go, Lua, or Google Cloud Platform is a plus

• Positive, flexible, and trust-based work environment that encourages long-term professional and personal growth
• A global, multi-culturally diverse group of colleagues and customers
• Comprehensive health plans and perks
• A healthy work-life balance that accommodates individual and family needs
• Competitive stock options program and location-based salary

At Sanity.io, we're building the future of AI-powered Content Operations. Our AI Content Operating System gives teams the freedom to model, create, and automate content the way their business works, accelerating digital development and supercharging content operations efficiency. Companies like SKIMS, Figma, Riot Games, Anthropic, COMPLEX, Nordstrom, and Morningbrew are using Sanity to power and automate their content operations., Sanity.io is a modern, flexible content operating system that replaces rigid legacy content management systems. One of our big differentiators is treating content as data so that it can be stored in a single source of truth, but seamlessly adapted and personalized for any channel without extra effort. Forward-thinking companies choose Sanity because they can create tailored content authoring experiences, customized workflows, and content models that reflect their business. Sanity recently raised a $85m Series C led by GP Bullhound and is also backed by leading investors like ICONIQ Growth, Threshold Ventures, Heavybit and Shopify, as well as founders of companies like Vercel, WPEngine, Twitter, Mux, Netlify and Heroku. This funding round has put Sanity in a strong position for accelerated growth in the coming years. You can only build a great company with a great culture. Sanity is a 200+ person company with highly committed and ambitious people. We are pioneers, we exist for our customers, we are hel ved, and we love type two fun! Read more about our values here! Sanity.io pledges to be an organization that reflects the globally diverse audience that our product serves. We believe that, in addition to hiring the best talent, a diversity of perspectives, ideas, and cultures leads to the creation of better products and services. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, or gender identity.