Serhii Halchenko is an engineering manager based in Stockholm with 12 years of experience building authentication and login platforms, currently leading Klarna's global OpenID Connect solution. He combines hands-on full-stack expertise (JS/TypeScript, React, Node.js) and cross-platform C++ experience with proven SRE and cloud infrastructure skills (AWS, EKS, Terraform, GitOps). At Klarna he scaled customer login and app authentication for millions of users and hired and grew teams to deliver an OpenID-compliant platform integrated across customer flows. Serhii is also an active open-source contributor to the widely used ory/hydra project, adding session management, refresh-token improvements, and back-channel logout support to strengthen OAuth2/OpenID workflows. Comfortable switching between product-facing frontends and security-critical backends, he favors pragmatic, auditable engineering practices like CI/CD, infrastructure-as-code, and robust testing. His background in technical cybernetics and AI gives him a systems-oriented perspective that surfaces non-obvious tradeoffs in authentication and session design.
11 years of coding experience
13 years of employment as a software developer
Engineer's degree, Technical Cybernetics, AI, Software Development, Engineer's degree, Technical Cybernetics, AI, Software Development at Dnipropetrovsk State Technical University of Railway Transport
The most scalable and customizable OpenID Certified™ OpenID Connect and OAuth Provider on the market. Become an OpenID Connect and OAuth2 Provider over night. Broad support for related RFCs. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.
Role in this project:
Back-end Developer
Contributions:35 reviews, 1 commit, 6 PRs in 1 day
Contributions summary:Serhii contributed significantly to the `ory/hydra` project, focusing on backend features related to OpenID Connect and OAuth2. Their work included adding session management capabilities, specifically integrating session IDs into refresh token webhooks. They also implemented the ability to revoke login sessions via SessionID, including back-channel logout functionalities. Furthermore, the user enhanced the session management, allowing session lifespans to be extended when accepting login challenges and added an index to the `requested_at` field in refresh tokens.
Contributions:46 commits, 2 PRs, 35 pushes in 3 years 6 months
cssresponsiveresponsive-website
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.