The document describes Feide Connect, a new platform for advanced collaboration services in higher education. Feide Connect uses APIs and OAuth instead of SAML for authentication, making integration simpler for service providers. It provides additional services like group management, person search, activity streams, and federated widgets. Feide Connect also includes an API authorization management system to securely provide access to university data through third party applications and services. The goals of Feide Connect are to improve collaboration both within and between universities through open standards and easy integration.
Shoot Me a Token: OpenAM as an OAuth2 ProviderForgeRock
Presented by Victor Ake, OpenAM Product Manager and ForgeRock Co-Founder at ForgeRock Open Stack Identity Summit. June 2013
Learn more about ForgeRock Access Management:
https://www.forgerock.com/platform/access-management/
Learn more about ForgeRock Identity Management:
https://www.forgerock.com/platform/identity-management/
OpenAM Best Practices - Corelio Media Case Study ForgeRock
IS4U Senior Architect Robin Gorris shares OpenAM Best practices at Corelio Media, presented as part of our Case Study session with Everett and ACA, moderated by ForgeRock VP of Services Steve Ferris and Director of Support Tim Rault-Smith.
Shoot Me a Token: OpenAM as an OAuth2 ProviderForgeRock
Presented by Victor Ake, OpenAM Product Manager and ForgeRock Co-Founder at ForgeRock Open Stack Identity Summit. June 2013
Learn more about ForgeRock Access Management:
https://www.forgerock.com/platform/access-management/
Learn more about ForgeRock Identity Management:
https://www.forgerock.com/platform/identity-management/
OpenAM Best Practices - Corelio Media Case Study ForgeRock
IS4U Senior Architect Robin Gorris shares OpenAM Best practices at Corelio Media, presented as part of our Case Study session with Everett and ACA, moderated by ForgeRock VP of Services Steve Ferris and Director of Support Tim Rault-Smith.
CIS14: OAuth and OpenID Connect in ActionCloudIDSummit
Chuck Mortimore, Salesforcce.com
Setup and walk-through of live demos, demonstrating interop of various providers and showing real enterprise use-cases.
We try to describe what is a Single Sign-On, what were the reasons for it to be implemented, how did we do it at our company and what it gave us in terms of UX, Security and developer happiness.
Insecure is a perception. There are no 100% secured systems on the earth. Most of the cryptographic algorithms developed in 80s and 90s are now broken due to the advancements in computer processing power. In the computer world, most developers and operators are concerned about the correctness. The correctness is about achieving the desired behavior. The security is concerned about preventing undesirable behaviors. There are three security properties that can lead into undesirable behaviors, if those are violated: confidentiality, integrity and availability. This presentation also explains the patterns and practices in mitigating undesirable behaviors to achieve correctness.
Have you been hacking some JavaScript to enable your users to do more, directly in the Chatter feed? Hack no more! in Winter '15 you can define, invoke, and debug Action Links in Force.com. If you are familiar with our REST APIs and Chatter, join the engineers who delivered this feature for a walkthrough of tools, code samples, and resources. You'll come away ready to create your own action links.Have you been hacking some JavaScript to enable your users to do more, directly in the Chatter feed? Hack no more! in Winter '15 you can define, invoke, and debug Action Links in Force.com. If you are familiar with our REST APIs and Chatter, join the engineers who delivered this feature for a walkthrough of tools, code samples, and resources. You'll come away ready to create your own action links.
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)Jeremy Gray
This is a presentation given at DogFoodCon 2018 on running regulated financial workloads in the cloud. There were over 100 people in attendance and all were amazed at the skill of the presenter and the power of Azure, also Albert Einstein showed up for a cameo.
These slides did include video screencasts that is not visible on slideshare. The slides does not eigther include all the interesting discussions… The sessions today was mostly discussions.
CIS14: OAuth and OpenID Connect in ActionCloudIDSummit
Chuck Mortimore, Salesforcce.com
Setup and walk-through of live demos, demonstrating interop of various providers and showing real enterprise use-cases.
We try to describe what is a Single Sign-On, what were the reasons for it to be implemented, how did we do it at our company and what it gave us in terms of UX, Security and developer happiness.
Insecure is a perception. There are no 100% secured systems on the earth. Most of the cryptographic algorithms developed in 80s and 90s are now broken due to the advancements in computer processing power. In the computer world, most developers and operators are concerned about the correctness. The correctness is about achieving the desired behavior. The security is concerned about preventing undesirable behaviors. There are three security properties that can lead into undesirable behaviors, if those are violated: confidentiality, integrity and availability. This presentation also explains the patterns and practices in mitigating undesirable behaviors to achieve correctness.
Have you been hacking some JavaScript to enable your users to do more, directly in the Chatter feed? Hack no more! in Winter '15 you can define, invoke, and debug Action Links in Force.com. If you are familiar with our REST APIs and Chatter, join the engineers who delivered this feature for a walkthrough of tools, code samples, and resources. You'll come away ready to create your own action links.Have you been hacking some JavaScript to enable your users to do more, directly in the Chatter feed? Hack no more! in Winter '15 you can define, invoke, and debug Action Links in Force.com. If you are familiar with our REST APIs and Chatter, join the engineers who delivered this feature for a walkthrough of tools, code samples, and resources. You'll come away ready to create your own action links.
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)Jeremy Gray
This is a presentation given at DogFoodCon 2018 on running regulated financial workloads in the cloud. There were over 100 people in attendance and all were amazed at the skill of the presenter and the power of Azure, also Albert Einstein showed up for a cameo.
These slides did include video screencasts that is not visible on slideshare. The slides does not eigther include all the interesting discussions… The sessions today was mostly discussions.
EduID Mobile App - Use-Cases, Concepts and ImplementationChristian Glahn
This presentation describes the token-agent implementation for openID Connect for authenticating native mobile apps provided by third parties. It presents a standards-based working solution for integrating loosely coupled native apps into a trust federation using. This allows for deeper integrated authentication services on Android and iOS without violating app-store policies.
This presentation has been part of the EduID Mobile App workshop at SWITCH on 25 Apr. 2017.
Thanks to Christoph Graf (SWITCH), Riccardo Mazza (USI), Michael Hausherr (FHNW), Goran Josic (USI), and Yann Cuttaz (USI).
Securely expose protected resources as ap is with app42 api gatewayZuaib
App42 API Gateway is a comprehensive & battle-tested API Management solution that enables companies of all sizes and even individuals to launch APIs in minutes.
"APIs: the Glue of Cloud Computing"
CloudExpo Europe Keynote - June 22, 2010
The second day of the CloudExpo Europe that was taking place in Prague the 21st and 22nd of June, Steven Willmott, the CEO of 3scale, made a presentation on APIs and their importance for Cloud Computing.
The key highlights of this presentation are:
1. Cloud Computing pushes to the “hyper integration” of the Web and the enabling of key platform to emerge (e.g. the new SkypeKit)…. But not only for computing power
2. Cloud Computing and its different elements fit into an MVC “Cloud Edition” framework thanks to APIs
3. APIs enable Cloud Scale MVC
4. You need to become indispensable in the Value Chain otherwise someone may eat your lunch
5. APIs are key to become indispensable but need to be managed
Designing Usable APIs featuring Forrester Research, Inc.CA API Management
Deliver a Great Developer Experience (DX) as Part of an Effective API Strategy
Overview
Designing a great enterprise API is not easy. Exposing an interface is relatively simple but API designers have a great deal more to think about – business models, process context, transactional integrity, privacy concerns, data ownership… the list goes on.
For enterprise API designers, a clear focus on developer experience (DX) is often the best way to get things moving in the right direction. Creating an API that developers love to use will produce a wealth of benefits for any API program, such as:
Increasing API adoption rates
Reducing implementation costs
Ensuring the program is aligned with core business goals
Join this webinar with Ronnie Mitra of Layer 7 and guest speaker Randy Heffner of Forrester Research, Inc. to get practical tips on building APIs that will provide a great DX and truly contribute to your organization’s business success.
You Will Learn
What the term “well-designed API” means, in practical terms
Why developer experience matters and how it aligns with business goals
How to make rational design choices that will improve DX
Presented By
Ronnie Mitra
Principal API Architect, Layer 7
Guest Speaker
Randy Heffner
VP, Principal Analyst, Forrester Research, Inc.
SharePoint 2013 Apps and the App ModelJames Tramel
SharePoint 2013 Apps - deep dive. We'll look at they work, what they look like, what they do and how to us apps. Its all about the apps. Apps are good, very good.
Enterprise API : Best practice for World class API ecosystem is an attempt on my part to explain the best practice in deploying API infrastructure in the organization.
This whitepaper, highlights the pros and cons of using two different aspects of SharePoint Add-ins which would enable enterprises to contextualize the use of SharePoint Add-ins...
Often business stakeholders are confused about choosing the right Open source Portal and CMS. Not only that the confusion prevails on the actual understanding of a Portal and CMS. Liferay and Drupal are one of the most popular Portal and CMS platforms. This presentation helps business stakeholders choose the right Portal and CMS platform.
PowerApps, the Developer Story: Build an API to Integrate Corporate DataBram de Jager
Microsoft released PowerApps to a selective audience as a private preview in November 2015. It’s a service for enterprises to connect data across clouds to create intelligent business apps faster than ever before and share them to any device. Besides addressing the business developer and power user, it also provides opportunities for developers. This enables enterprises to expose corporate internal sources to be used within PowerApps and unleash the power of PowerApps combined with internal data sources. This session goes into the details of the possibilities for developers to leverage the Azure App Services and build APIs to use within your PowerApps. Live demos cover building and managing the API which exposes the internal data within a PowerApp on your device.
The SCIM standard was created to simplify user management in the cloud by defining a schema for representing users and groups and a REST API for all the necessary CRUD operations.
VOOT is a layer on top of SCIM to exchange information about groups in federated environments.
A cloud service platform for providing Web Application for the higher education sector.
This is a short presentation of some of the results of the work with the prototype. Stay tuned for updates...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
1. «Feide Connect»
Next generation service platform for advanced services
and collaboration services for higher education.
Andreas Åkre Solberg
andreas.solberg@uninett.no
2. Once upon a time
Web Single Sign-On with Feide was sufficient to provide
a seamless user experience across services.
!2
3. Collaboration on Internet
✤
A dynamic working groups spanning multiple organizations, work
together using digital collaboration tools:
✤
A wiki
✤
Document sharing tool
✤
Meeting planner and calendar
✤
A Web meeting tool
✤
A web forum or mailinglist
!3
4.
5. Authentication
Feide based upon SAML 2.0
Rather complex results in relatively high integration cost for Service Providers.
Limited opportunities to the «login request -> response»-flow.
!
Trends in consumer markets (Facebook, Google, Twitter, Linkedin, Salesforce)
From enterprise protocols towards APIs / REST and OAuth
Providers needs to offer APIs and third party integration anyway; OAuth
Easy to establish a simple authentication protocol (userinfo) on top of that
OpenID Connect
Built-in support for cross-federation (eduGAIN, Kalmar) and guest users.
oktober 23, 2013
5
6. Feide Connect
New architecture
Feide
tjeneste
Mobil app
Web app
Tredjepartsklient /
integrasjon
API-based instead of SSO-flow
OAuth + authentication
Makes use of Feide (without changes)
Feide
Feide Connect
grupper
personsøk
lagring
aktivitetstr
API authz
Offers additional services
Better support for mobile, desktop etc.
API Authorization Management
Tjeneste
backend
API
Extremely simple integration for Service
Providers
Low-bar of entry
(for students, non-commercial, etc)
oktober 23, 2013
!6
8. Groups and roles
API Service
Base layer: builds groups
from Feide attributes
Feide
tjeneste
Mobil app
Web app
Tredjepartsklient /
integrasjon
Connector to FS:
emner, studieretning med mer.
Feide Connect
Support for Ad-Hoc groups
Feide
Anyone can create groups for their
collaboration needs. Cross-organizational
groups.
Support for custom external connectors
to an institutions authoritative source of
group data.
Groups
FS
personsøk
lagring
aktivitetstr
API authz
Ext Connectors
AdHoc
!8
10. People Search
Separate People Search API
Authenticated API
Also available as a JS library
And as a Federated Widget
Relies on already public information
Better user experience to search for real
user names, than to add userids.
!10
12. ma
Ar
ha
zs
WebApp frontend
Widgets
dr
wi eas
l l a co
tte nfi
nd rm
me ed
eti an
ng d
df»
!
sc
he
du
led
an
ew
me
eti
ng
Generic information model
A
n
ad ew u
de se
dt rT
o t ho
he rle
gr if i
ou s
p
Si
mo
n
re
«w as c
elc rea
om ted
e!» a
at wiki
Ag pa
or ge
a
User interfaces
An
d
Acitivites posted to one or more groups
An
re
.p
Mobile app frontend
da
at file
Cl «a
o u rc
ds hi
tor tec
tu
API
re
Activity Streams
One activity stream per group.
!12
17. Widgets adopts context
Widgets in a separate security domain
Communicates with the surroundings
Harmonized references; activities, users
and groups. As well as time and location.
!17
19. Feed Widget"
Shows an aggregated feed of activities for the current
selected group across all collaboration tools.
Share widget"
Can be easily integrated anywhere. Will share a link to the current web page
!1
to the activity stream for the current user in a selected group context. 9
21. Open Data
Universities increasing interest to share their data using APIs.
Motivates growth of new innovative, and better services for the employees and
students.
!
Privacy very important!
Complex to provide authentication model for delegated access to personal data.
!21
30. Feide Connect established a trusted channel with your API
› Adds information in HTTP headers, with
› User info
› Groups
› Client info and scopes
!30
32. Self-Service and Scalability
Priority #1
Everything is self-service
Well-designed authorization work-flows. Focus on «one-click» grant,
when moderation is needed at all.
Will run on HA infrastructure
!32
34. International Collaboration
Any student or employee in Europe should be able to login with their local credentials on the
through the platform.
Established cross-federation connections through eduGAIN and Kalmar.
!
Collaboration on harmonizing group definitions and exchange protocols with other countries.
Collaboration through GÉANT, Terena and NordForum.
!
Standardization
OAuth, OpenID Connect, SCIM, OpenSocial, ActivityStreams, Misc W3C
!34
36. Piloting with Institutions
Allow access to login through Feide
Setup access for Person Search. Directory access
Register a set of test users with additional privileges
Integration with FS for groups and roles
Integration with external connectors
Testing of API authorization
Real users testing of collaboration tools
!36