Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

2019 | Auth0 Masterclass: Identity and the Yellow Brick Road - The Last Few Steps Are Always the Hardest | Identiverse | Day 4, June 28

146 views

Published on

Wouldn’t it be nice to live in a world where every identity project is a perfect fit for out-of-the-box features? It would be ideal to simply stay on the yellow brick road of prescribed solutions and guarantee success.

Developers and practitioners, however, know better. They know that apart from few blessed cases, most real life projects are messy business – where modern protocols need to integrate with legacy solutions, security best practices must coexist with the unique requirements of existing business practices, and common sense expectations are blatantly subverted.

Solving those unpredictable challenges without compromising security and efficiency requires stepping off the beaten track, carving a new path that adapts to conditions that no rigid, off the shelf product could have predicted.

Join Vittorio Bertocci, Architect at Auth0, as he leads attendees through various real-world scenarios where extensibility and the ability to inject last-mile customization were essential for solving hard identity challenges

Published in: Technology
  • Be the first to comment

  • Be the first to like this

2019 | Auth0 Masterclass: Identity and the Yellow Brick Road - The Last Few Steps Are Always the Hardest | Identiverse | Day 4, June 28

  1. 1. ® IDENTITY AND THE YELLOW BRICK ROAD THE LAST FEW STEPS ARE ALWAYS THE HARDEST VITTORIO BERTOCCI PRINCIPAL ARCHITECT, AUTH0 VITTORIO@AUTH0.COM @VIBRONET WWW.CLOUDIDENTITY.COM
  2. 2. ® Agenda • The mythical Ideal Conditions™ - and why they are mythical • Things that are hard to tame with OOB features
  3. 3. ® The Ideal Conditions™
  4. 4. ® Implicit prerequisites for the IC™ • Identity sources • Must be among the explicitly supported • Must support one of the protocols understood by your IDaaS • Must be migratable • Authentication logic • Can be replaced by a standard solution • E.g.: does not implement any other function but authN • Can be implemented with the OOB features • Uses “classic” credentials/identifiers • Authorization • Can be expressed in WYSIATI
  5. 5. ® Easy to implementHard to implement Complete control No customization Identinomics: ease of use vs expressive power deployment barrier coding barrier
  6. 6. ® Best of both worlds: extensible IDaaS • OOB features take care of the essential • Extensibility points available to handle the last mile
  7. 7. ® Concrete example of extensible IDaaS
  8. 8. ® Concrete example of extensible IDaaS
  9. 9. ® Challenging Identity Sources • No OOB support => use protocol integration • Nonstandard protocol => tweak messages • Example: Sign in with Apple • Unmoveable DB => …don’t move it, façade it! • Example: custom DB feature in Auth0 • Bonus: lazy migration
  10. 10. ® Challenging Identity Sources
  11. 11. ® UX customization • Layout • HDR mechanisms
  12. 12. ® Challenging Identity Sources
  13. 13. ® Challenging Authentication Mechanics • 3 elements example • Custom MFA
  14. 14. ® Challenging Authentication Mechanisms
  15. 15. ® Challenging User Lifecycle • Aggregate from multiple sources • Normalize attributes
  16. 16. ® Challenging User Lifecycle
  17. 17. ® Functionality bundled with Authentication • Typical: • Subscription management • Payments • “super-consent”: NDA signing, etc
  18. 18. ® Functionality bundled with Authentication
  19. 19. ® Functionality bundled with Authentication +UX
  20. 20. ® Dig deeper • Auth0.com • team@auth0.com • vittorio@auth0.com • @auth0 • @vibronet
  21. 21. ® Key takeaways • Perfect ideal conditions are rarely encountered in the wild • You don’t need to give up the convenience of IDaaS altogether • Evaluate what kind of challenges are most frequent for you • Choose the right extensibility mechanism/stage
  22. 22. ®

×