SlideShare a Scribd company logo

Identity and Client Management using OpenID Connect and SAML

Download as PPTX, PDF
P
pqrs1234

Introduction To API Security Security Threats and Vulnerabilities Identity Management – SAML and OpenID Connect Client Management – Dynamic Client Registration

Education
1 of 20
[8th May 2021] [Coimbatore] MuleSoft Meetup Group Identity and Client Management With MuleSoft
Organizers 2
3 Speakers Jitendra Bafna Senior Solution Architect Capgemini About the speaker:  Working as Senior Solution Architect at Capgemini.  MuleSoft Ambassador  Surat MuleSoft Meetup Leader.  12.5+ Years of Experience in Integrations and API Technologies.  Certified MuleSoft Integration Architect and platform Architect.
CHEERS..!! We have prizes to give away! 3 Winners a special prize is ready 4 A SHOW OF HANDS: New Members With Us.!!
5 Agenda Introduction To API Security Security Threats and Vulnerabilities Identity Management – SAML and OpenID Connect Client Management – Dynamic Client Registration Live Demonstration Trivia Quiz
What is API Security?
7 API Security is an essentials elements of the applications, especially in regards to APIs where you have hundreds or thousands of calls on daily basis. Everyday new threats and vulnerabilities are created and in such case it is very important to secure the APIs. MuleSoft provided the API manager which can minimize the risks from attacks like DDoS, DoS or any security vulnerabilities. API manager provides option for creating the API proxy for the backend API running on Anypoint platform and thereby secures requests coming into the platform again the API. What is API Security?
8 Different Types of API Attacks API Threats Denial Of Service Distributed Denial Of Service Parameter Tampering CORS/XSS Injection Attacks Sensitive Data Exposure
9 ⮚ Digital Signatures. ⮚ Cryptography like PGP, JCE and XML. ⮚ JWT OAuth or Token Based Authentication ⮚ API Manager Policies like Rate Limiting, XML Threat Protection, JWT Validation etc. ⮚ Anypoint Security and Web Application Firewall in case of Runtime Fabric. ⮚ Identity Management and Client Management Ways to achieve API Security API Security OAuth Rate Limiting Digital Signatures Cryptography Policies like XML Threat Protection, Rate Limiting, CORS etc. Anypoint Security Anypoint API Policies (Security) JWT Validation Policies Basic Authentication – Simple and LDAP XML/JSON Threat Protection Policies IP Whitelisting/Blacklisting Tokenization/Detokenization
10 OAuth Providers Grant Types OAuth Providers & Grant Types OKTA PING OPEN AM Keycloak AWS Cognito Azure IdP Auth0 Google Box GitHub Authorization Code Client Credentials Refresh Token Password Implicit Code
11 OAuth JWT – Authorization Code
12 OAuth JWT – Implicit Code
13 OAuth JWT – Client Credentials
SAML 2.0 Identity Management SAML is stand for Security Assertion Mark-up Language and it is mainly designed to authenticate the users and provide identity data for access control and communication method for user identity. SAML is XML-based open standards for transferring data between two parties, Identity Provider (IP) and Service Provider (SP). ● Identity Provider is basically performs the authentication and transfer user identity to the Service Provider. ● Service Provide one who trusts the Identity Provider and authorized the user to access requested resources. 14
SAML 2.0 Identity Management 15
16 OpenID Connect extends OAuth 2.0. The OAuth 2.0 protocol provides API security via scoped access tokens, and OpenID Connect provides user authentication and single sign-on (SSO) functionality. As the Anypoint Platform organization administrator, you can configure identity management in Anypoint Platform to set up users for single sign-on (SSO). Configure identity management using one of the following single sign-on standards: ● OpenID Connect: End user identity verification by an authorization server including SSO. ● SAML 2.0: Web-based authorization including cross-domain SSO. OpenID Connect Identity Management
17 SAML (SAML 1.0 and 2.0) and OpenID Connect (OIDC) are identity protocols, designed to authenticate users, and provide identity data for access control and as a communication method for a user’s identity. Mainly used for Enterprise and Government applications, SAML 2.0 is a mature technology dating from 2005 and supports a wide range of identity functionality. SAML uses XML for its identity data format and simple HTTP or SOAP for data transport mechanisms. A relatively new protocol, continuously evolving, OIDC was designed with web and mobile applications in mind. Designed to be easy to adopt and use, OIDC is an extension of OAuth2, with data structures in JSON format (JWT), and simple HTTPS flows for transport. SAML V/S OpenID Connect
18 Dynamic Client Registration allows you to register third party applications dynamically. This feature is based on the OpenID Connect Dynamic Client Registration specification. The OKTA Dynamic Client Registration API provides operations to register and manage client applications for use with Okta's OAuth 2.0 and OpenID Connect endpoints. Client Management – Dynamic Client Registration
Demonstration 1. Identity Management With OpenID Connect 2. Client Management With OpenID Connect – Dynamic Client Registration 3. Identity Management With SAML
Thank you!

Recommended

Keycloak SSO basics
Keycloak SSO basicsKeycloak SSO basics
Keycloak SSO basics
Juan Vicente Herrera Ruiz de Alejo
 
Introduction to MuleSoft
Introduction to MuleSoftIntroduction to MuleSoft
Introduction to MuleSoft
Alexandra N. Martinez
 
MuleSoft Sizing Guidelines - VirtualMuleys
MuleSoft Sizing Guidelines - VirtualMuleysMuleSoft Sizing Guidelines - VirtualMuleys
MuleSoft Sizing Guidelines - VirtualMuleys
Angel Alberici
 
Introduction à la plateforme Anypoint de MuleSoft
Introduction à la plateforme Anypoint de MuleSoftIntroduction à la plateforme Anypoint de MuleSoft
Introduction à la plateforme Anypoint de MuleSoft
Paris Salesforce Developer Group
 
SIngle Sign On with Keycloak
SIngle Sign On with KeycloakSIngle Sign On with Keycloak
SIngle Sign On with Keycloak
Julien Pivotto
 
Virtual meetup - Exploring the Runtime Fabric deployment model
Virtual meetup - Exploring the Runtime Fabric deployment modelVirtual meetup - Exploring the Runtime Fabric deployment model
Virtual meetup - Exploring the Runtime Fabric deployment model
Jimmy Attia
 
MuleSoft Surat Meetup#45 - Anypoint Flex Gateway as a Kubernetes Ingress Cont...
MuleSoft Surat Meetup#45 - Anypoint Flex Gateway as a Kubernetes Ingress Cont...MuleSoft Surat Meetup#45 - Anypoint Flex Gateway as a Kubernetes Ingress Cont...
MuleSoft Surat Meetup#45 - Anypoint Flex Gateway as a Kubernetes Ingress Cont...
Jitendra Bafna
 
Introduction to CloudHub 2.0
Introduction to CloudHub 2.0Introduction to CloudHub 2.0
Introduction to CloudHub 2.0
NeerajKumar1965
 

Recommended

Keycloak SSO basics
Keycloak SSO basicsKeycloak SSO basics
Keycloak SSO basics
Juan Vicente Herrera Ruiz de Alejo
 
Introduction to MuleSoft
Introduction to MuleSoftIntroduction to MuleSoft
Introduction to MuleSoft
Alexandra N. Martinez
 
MuleSoft Sizing Guidelines - VirtualMuleys
MuleSoft Sizing Guidelines - VirtualMuleysMuleSoft Sizing Guidelines - VirtualMuleys
MuleSoft Sizing Guidelines - VirtualMuleys
Angel Alberici
 
Introduction à la plateforme Anypoint de MuleSoft
Introduction à la plateforme Anypoint de MuleSoftIntroduction à la plateforme Anypoint de MuleSoft
Introduction à la plateforme Anypoint de MuleSoft
Paris Salesforce Developer Group
 
SIngle Sign On with Keycloak
SIngle Sign On with KeycloakSIngle Sign On with Keycloak
SIngle Sign On with Keycloak
Julien Pivotto
 
Virtual meetup - Exploring the Runtime Fabric deployment model
Virtual meetup - Exploring the Runtime Fabric deployment modelVirtual meetup - Exploring the Runtime Fabric deployment model
Virtual meetup - Exploring the Runtime Fabric deployment model
Jimmy Attia
 
MuleSoft Surat Meetup#45 - Anypoint Flex Gateway as a Kubernetes Ingress Cont...
MuleSoft Surat Meetup#45 - Anypoint Flex Gateway as a Kubernetes Ingress Cont...MuleSoft Surat Meetup#45 - Anypoint Flex Gateway as a Kubernetes Ingress Cont...
MuleSoft Surat Meetup#45 - Anypoint Flex Gateway as a Kubernetes Ingress Cont...
Jitendra Bafna
 
Introduction to CloudHub 2.0
Introduction to CloudHub 2.0Introduction to CloudHub 2.0
Introduction to CloudHub 2.0
NeerajKumar1965
 
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Akshata Sawant
 
MuleSoft JWT Demystified
MuleSoft JWT DemystifiedMuleSoft JWT Demystified
MuleSoft JWT Demystified
Patryk Bandurski
 
Patna MuleSoft Meetup Anypoint Cloudhub 2.0
Patna MuleSoft Meetup Anypoint Cloudhub 2.0Patna MuleSoft Meetup Anypoint Cloudhub 2.0
Patna MuleSoft Meetup Anypoint Cloudhub 2.0
shyamraj55
 
Okta-Certified-Professional-Hands-on-Configuration-Exam-Preparation-Guide-Jun...
Okta-Certified-Professional-Hands-on-Configuration-Exam-Preparation-Guide-Jun...Okta-Certified-Professional-Hands-on-Configuration-Exam-Preparation-Guide-Jun...
Okta-Certified-Professional-Hands-on-Configuration-Exam-Preparation-Guide-Jun...
Kapil Goel
 
MuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier ArchitectureMuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier Architecture
Harish Kumar
 
Demystifying Prisma Access
Demystifying Prisma AccessDemystifying Prisma Access
Demystifying Prisma Access
Haris Chughtai
 
DevSecCon London 2019: Workshop: Cloud Agnostic Security Testing with Scout S...
DevSecCon London 2019: Workshop: Cloud Agnostic Security Testing with Scout S...DevSecCon London 2019: Workshop: Cloud Agnostic Security Testing with Scout S...
DevSecCon London 2019: Workshop: Cloud Agnostic Security Testing with Scout S...
DevSecCon
 
[OpenStack Days Korea 2016] Track2 - 아리스타 OpenStack 연동 및 CloudVision 솔루션 소개
[OpenStack Days Korea 2016] Track2 - 아리스타 OpenStack 연동 및 CloudVision 솔루션 소개[OpenStack Days Korea 2016] Track2 - 아리스타 OpenStack 연동 및 CloudVision 솔루션 소개
[OpenStack Days Korea 2016] Track2 - 아리스타 OpenStack 연동 및 CloudVision 솔루션 소개
OpenStack Korea Community
 
Best Practices for API Security
Best Practices for API SecurityBest Practices for API Security
Best Practices for API Security
MuleSoft
 
Singapore MuleSoft Meetup - 24 Aug 2022
Singapore MuleSoft Meetup - 24 Aug 2022Singapore MuleSoft Meetup - 24 Aug 2022
Singapore MuleSoft Meetup - 24 Aug 2022
Royston Lobo
 
DataPower API Gateway Performance Benchmarks
DataPower API Gateway Performance BenchmarksDataPower API Gateway Performance Benchmarks
DataPower API Gateway Performance Benchmarks
IBM DataPower Gateway
 
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Manish Kumar Yadav
 
MuleSoft Meetup Singapore June 2021
MuleSoft Meetup Singapore June 2021MuleSoft Meetup Singapore June 2021
MuleSoft Meetup Singapore June 2021
Julian Douch
 
Anypoint platform architecture and components
Anypoint platform architecture and componentsAnypoint platform architecture and components
Anypoint platform architecture and components
D.Rajesh Kumar
 
Secure Spring Boot Microservices with Keycloak
Secure Spring Boot Microservices with KeycloakSecure Spring Boot Microservices with Keycloak
Secure Spring Boot Microservices with Keycloak
Red Hat Developers
 
IBM DataPower Gateways - What's new in 2016 v7.5.2
IBM DataPower Gateways - What's new in 2016 v7.5.2IBM DataPower Gateways - What's new in 2016 v7.5.2
IBM DataPower Gateways - What's new in 2016 v7.5.2
IBM DataPower Gateway
 
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
Angel Alberici
 
Secure your app with keycloak
Secure your app with keycloakSecure your app with keycloak
Secure your app with keycloak
Guy Marom
 
MuleSoft Surat Meetup#54 - MuleSoft Automation
MuleSoft Surat Meetup#54 - MuleSoft AutomationMuleSoft Surat Meetup#54 - MuleSoft Automation
MuleSoft Surat Meetup#54 - MuleSoft Automation
Jitendra Bafna
 
Rtf v2 ingress muleSoft meetup self managed kubernetes
Rtf v2 ingress muleSoft meetup self managed kubernetesRtf v2 ingress muleSoft meetup self managed kubernetes
Rtf v2 ingress muleSoft meetup self managed kubernetes
Sandeep Deshmukh
 
MuleSoft Surat Virtual Meetup#19 - Identity and Client Management With MuleSoft
MuleSoft Surat Virtual Meetup#19 - Identity and Client Management With MuleSoftMuleSoft Surat Virtual Meetup#19 - Identity and Client Management With MuleSoft
MuleSoft Surat Virtual Meetup#19 - Identity and Client Management With MuleSoft
Jitendra Bafna
 
Webinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform AwakensWebinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform Awakens
ForgeRock
 

More Related Content

What's hot

Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Akshata Sawant
 
MuleSoft JWT Demystified
MuleSoft JWT DemystifiedMuleSoft JWT Demystified
MuleSoft JWT Demystified
Patryk Bandurski
 
Patna MuleSoft Meetup Anypoint Cloudhub 2.0
Patna MuleSoft Meetup Anypoint Cloudhub 2.0Patna MuleSoft Meetup Anypoint Cloudhub 2.0
Patna MuleSoft Meetup Anypoint Cloudhub 2.0
shyamraj55
 
Okta-Certified-Professional-Hands-on-Configuration-Exam-Preparation-Guide-Jun...
Okta-Certified-Professional-Hands-on-Configuration-Exam-Preparation-Guide-Jun...Okta-Certified-Professional-Hands-on-Configuration-Exam-Preparation-Guide-Jun...
Okta-Certified-Professional-Hands-on-Configuration-Exam-Preparation-Guide-Jun...
Kapil Goel
 
MuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier ArchitectureMuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier Architecture
Harish Kumar
 
Demystifying Prisma Access
Demystifying Prisma AccessDemystifying Prisma Access
Demystifying Prisma Access
Haris Chughtai
 
DevSecCon London 2019: Workshop: Cloud Agnostic Security Testing with Scout S...
DevSecCon London 2019: Workshop: Cloud Agnostic Security Testing with Scout S...DevSecCon London 2019: Workshop: Cloud Agnostic Security Testing with Scout S...
DevSecCon London 2019: Workshop: Cloud Agnostic Security Testing with Scout S...
DevSecCon
 
[OpenStack Days Korea 2016] Track2 - 아리스타 OpenStack 연동 및 CloudVision 솔루션 소개
[OpenStack Days Korea 2016] Track2 - 아리스타 OpenStack 연동 및 CloudVision 솔루션 소개[OpenStack Days Korea 2016] Track2 - 아리스타 OpenStack 연동 및 CloudVision 솔루션 소개
[OpenStack Days Korea 2016] Track2 - 아리스타 OpenStack 연동 및 CloudVision 솔루션 소개
OpenStack Korea Community
 
Best Practices for API Security
Best Practices for API SecurityBest Practices for API Security
Best Practices for API Security
MuleSoft
 
Singapore MuleSoft Meetup - 24 Aug 2022
Singapore MuleSoft Meetup - 24 Aug 2022Singapore MuleSoft Meetup - 24 Aug 2022
Singapore MuleSoft Meetup - 24 Aug 2022
Royston Lobo
 
DataPower API Gateway Performance Benchmarks
DataPower API Gateway Performance BenchmarksDataPower API Gateway Performance Benchmarks
DataPower API Gateway Performance Benchmarks
IBM DataPower Gateway
 
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Manish Kumar Yadav
 
MuleSoft Meetup Singapore June 2021
MuleSoft Meetup Singapore June 2021MuleSoft Meetup Singapore June 2021
MuleSoft Meetup Singapore June 2021
Julian Douch
 
Anypoint platform architecture and components
Anypoint platform architecture and componentsAnypoint platform architecture and components
Anypoint platform architecture and components
D.Rajesh Kumar
 
Secure Spring Boot Microservices with Keycloak
Secure Spring Boot Microservices with KeycloakSecure Spring Boot Microservices with Keycloak
Secure Spring Boot Microservices with Keycloak
Red Hat Developers
 
IBM DataPower Gateways - What's new in 2016 v7.5.2
IBM DataPower Gateways - What's new in 2016 v7.5.2IBM DataPower Gateways - What's new in 2016 v7.5.2
IBM DataPower Gateways - What's new in 2016 v7.5.2
IBM DataPower Gateway
 
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
Angel Alberici
 
Secure your app with keycloak
Secure your app with keycloakSecure your app with keycloak
Secure your app with keycloak
Guy Marom
 
MuleSoft Surat Meetup#54 - MuleSoft Automation
MuleSoft Surat Meetup#54 - MuleSoft AutomationMuleSoft Surat Meetup#54 - MuleSoft Automation
MuleSoft Surat Meetup#54 - MuleSoft Automation
Jitendra Bafna
 
Rtf v2 ingress muleSoft meetup self managed kubernetes
Rtf v2 ingress muleSoft meetup self managed kubernetesRtf v2 ingress muleSoft meetup self managed kubernetes
Rtf v2 ingress muleSoft meetup self managed kubernetes
Sandeep Deshmukh
 

What's hot (20)

Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
Manchester MuleSoft Meetup #6 - Runtime Fabric with Mulesoft
 
MuleSoft JWT Demystified
MuleSoft JWT DemystifiedMuleSoft JWT Demystified
MuleSoft JWT Demystified
 
Patna MuleSoft Meetup Anypoint Cloudhub 2.0
Patna MuleSoft Meetup Anypoint Cloudhub 2.0Patna MuleSoft Meetup Anypoint Cloudhub 2.0
Patna MuleSoft Meetup Anypoint Cloudhub 2.0
 
Okta-Certified-Professional-Hands-on-Configuration-Exam-Preparation-Guide-Jun...
Okta-Certified-Professional-Hands-on-Configuration-Exam-Preparation-Guide-Jun...Okta-Certified-Professional-Hands-on-Configuration-Exam-Preparation-Guide-Jun...
Okta-Certified-Professional-Hands-on-Configuration-Exam-Preparation-Guide-Jun...
 
MuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier ArchitectureMuleSoft Anypoint Platform and Three Tier Architecture
MuleSoft Anypoint Platform and Three Tier Architecture
 
Demystifying Prisma Access
Demystifying Prisma AccessDemystifying Prisma Access
Demystifying Prisma Access
 
DevSecCon London 2019: Workshop: Cloud Agnostic Security Testing with Scout S...
DevSecCon London 2019: Workshop: Cloud Agnostic Security Testing with Scout S...DevSecCon London 2019: Workshop: Cloud Agnostic Security Testing with Scout S...
DevSecCon London 2019: Workshop: Cloud Agnostic Security Testing with Scout S...
 
[OpenStack Days Korea 2016] Track2 - 아리스타 OpenStack 연동 및 CloudVision 솔루션 소개
[OpenStack Days Korea 2016] Track2 - 아리스타 OpenStack 연동 및 CloudVision 솔루션 소개[OpenStack Days Korea 2016] Track2 - 아리스타 OpenStack 연동 및 CloudVision 솔루션 소개
[OpenStack Days Korea 2016] Track2 - 아리스타 OpenStack 연동 및 CloudVision 솔루션 소개
 
Best Practices for API Security
Best Practices for API SecurityBest Practices for API Security
Best Practices for API Security
 
Singapore MuleSoft Meetup - 24 Aug 2022
Singapore MuleSoft Meetup - 24 Aug 2022Singapore MuleSoft Meetup - 24 Aug 2022
Singapore MuleSoft Meetup - 24 Aug 2022
 
DataPower API Gateway Performance Benchmarks
DataPower API Gateway Performance BenchmarksDataPower API Gateway Performance Benchmarks
DataPower API Gateway Performance Benchmarks
 
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
 
MuleSoft Meetup Singapore June 2021
MuleSoft Meetup Singapore June 2021MuleSoft Meetup Singapore June 2021
MuleSoft Meetup Singapore June 2021
 
Anypoint platform architecture and components
Anypoint platform architecture and componentsAnypoint platform architecture and components
Anypoint platform architecture and components
 
Secure Spring Boot Microservices with Keycloak
Secure Spring Boot Microservices with KeycloakSecure Spring Boot Microservices with Keycloak
Secure Spring Boot Microservices with Keycloak
 
IBM DataPower Gateways - What's new in 2016 v7.5.2
IBM DataPower Gateways - What's new in 2016 v7.5.2IBM DataPower Gateways - What's new in 2016 v7.5.2
IBM DataPower Gateways - What's new in 2016 v7.5.2
 
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
MuleSoft Event Driven Architecture (EDA Patterns in MuleSoft) - VirtualMuleys63
 
Secure your app with keycloak
Secure your app with keycloakSecure your app with keycloak
Secure your app with keycloak
 
MuleSoft Surat Meetup#54 - MuleSoft Automation
MuleSoft Surat Meetup#54 - MuleSoft AutomationMuleSoft Surat Meetup#54 - MuleSoft Automation
MuleSoft Surat Meetup#54 - MuleSoft Automation
 
Rtf v2 ingress muleSoft meetup self managed kubernetes
Rtf v2 ingress muleSoft meetup self managed kubernetesRtf v2 ingress muleSoft meetup self managed kubernetes
Rtf v2 ingress muleSoft meetup self managed kubernetes
 

Similar to Identity and Client Management using OpenID Connect and SAML

MuleSoft Surat Virtual Meetup#19 - Identity and Client Management With MuleSoft
MuleSoft Surat Virtual Meetup#19 - Identity and Client Management With MuleSoftMuleSoft Surat Virtual Meetup#19 - Identity and Client Management With MuleSoft
MuleSoft Surat Virtual Meetup#19 - Identity and Client Management With MuleSoft
Jitendra Bafna
 
Webinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform AwakensWebinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform Awakens
ForgeRock
 
Open source wso2 identity server sso with drupal 8
Open source wso2 identity server sso with drupal 8Open source wso2 identity server sso with drupal 8
Open source wso2 identity server sso with drupal 8
Iwantha Lekamge
 
How Secure is Your API?
How Secure is Your API?How Secure is Your API?
How Secure is Your API?
Mary Joy Sabal
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web Application
Sylvain Maret
 
Con8823 access management for the internet of things-final
Con8823 access management for the internet of things-finalCon8823 access management for the internet of things-final
Con8823 access management for the internet of things-final
OracleIDM
 
Enable Oauth2.0 with Sentinet API Management (Massimo Crippa @ BTUG Event)
Enable Oauth2.0 with Sentinet API Management (Massimo Crippa @ BTUG Event)Enable Oauth2.0 with Sentinet API Management (Massimo Crippa @ BTUG Event)
Enable Oauth2.0 with Sentinet API Management (Massimo Crippa @ BTUG Event)
Codit
 
GHC18 Abstract - API Security, a Grail Quest
GHC18 Abstract - API Security, a Grail QuestGHC18 Abstract - API Security, a Grail Quest
GHC18 Abstract - API Security, a Grail Quest
PaulaPaulSlides
 
Uncover the Flex Gateway with a Demonstration (1).pdf
Uncover the Flex Gateway with a Demonstration (1).pdfUncover the Flex Gateway with a Demonstration (1).pdf
Uncover the Flex Gateway with a Demonstration (1).pdf
Pankaj Goyal
 
Uncover the Flex Gateway with a Demonstration (1).pdf
Uncover the Flex Gateway with a Demonstration (1).pdfUncover the Flex Gateway with a Demonstration (1).pdf
Uncover the Flex Gateway with a Demonstration (1).pdf
PankajGoyal164048
 
Enterprise API deployment best practice
Enterprise API deployment best practiceEnterprise API deployment best practice
Enterprise API deployment best practice
Sanjay Roy
 
WSO2 Ecosystem platform for Connected Telco
WSO2 Ecosystem platform for Connected TelcoWSO2 Ecosystem platform for Connected Telco
WSO2 Ecosystem platform for Connected Telco
Mifan Careem
 
Algorithm for Securing SOAP Based Web Services from WSDL Scanning Attacks
Algorithm for Securing SOAP Based Web Services from WSDL Scanning AttacksAlgorithm for Securing SOAP Based Web Services from WSDL Scanning Attacks
Algorithm for Securing SOAP Based Web Services from WSDL Scanning Attacks
iosrjce
 
F017353539
F017353539F017353539
F017353539
IOSR Journals
 
What's new in API Connect and DataPower - 2019
What's new in API Connect and DataPower - 2019What's new in API Connect and DataPower - 2019
What's new in API Connect and DataPower - 2019
IBM DataPower Gateway
 
Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...
OracleIDM
 
[Workshop] API-driven Integration
[Workshop] API-driven Integration[Workshop] API-driven Integration
[Workshop] API-driven Integration
WSO2
 
Service Oriented Architecture Updated Luqman
Service Oriented Architecture Updated LuqmanService Oriented Architecture Updated Luqman
Service Oriented Architecture Updated Luqman
guesteb791b
 
Open APIs - Risks and Rewards (Øredev 2013)
Open APIs - Risks and Rewards (Øredev 2013)Open APIs - Risks and Rewards (Øredev 2013)
Open APIs - Risks and Rewards (Øredev 2013)
Nordic APIs
 
Federation Evolved: How Cloud, Mobile & APIs Change the Way We Broker Identity
Federation Evolved: How Cloud, Mobile & APIs Change the Way We Broker IdentityFederation Evolved: How Cloud, Mobile & APIs Change the Way We Broker Identity
Federation Evolved: How Cloud, Mobile & APIs Change the Way We Broker Identity
CA API Management
 

Similar to Identity and Client Management using OpenID Connect and SAML (20)

MuleSoft Surat Virtual Meetup#19 - Identity and Client Management With MuleSoft
MuleSoft Surat Virtual Meetup#19 - Identity and Client Management With MuleSoftMuleSoft Surat Virtual Meetup#19 - Identity and Client Management With MuleSoft
MuleSoft Surat Virtual Meetup#19 - Identity and Client Management With MuleSoft
 
Webinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform AwakensWebinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform Awakens
 
Open source wso2 identity server sso with drupal 8
Open source wso2 identity server sso with drupal 8Open source wso2 identity server sso with drupal 8
Open source wso2 identity server sso with drupal 8
 
How Secure is Your API?
How Secure is Your API?How Secure is Your API?
How Secure is Your API?
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web Application
 
Con8823 access management for the internet of things-final
Con8823 access management for the internet of things-finalCon8823 access management for the internet of things-final
Con8823 access management for the internet of things-final
 
Enable Oauth2.0 with Sentinet API Management (Massimo Crippa @ BTUG Event)
Enable Oauth2.0 with Sentinet API Management (Massimo Crippa @ BTUG Event)Enable Oauth2.0 with Sentinet API Management (Massimo Crippa @ BTUG Event)
Enable Oauth2.0 with Sentinet API Management (Massimo Crippa @ BTUG Event)
 
GHC18 Abstract - API Security, a Grail Quest
GHC18 Abstract - API Security, a Grail QuestGHC18 Abstract - API Security, a Grail Quest
GHC18 Abstract - API Security, a Grail Quest
 
Uncover the Flex Gateway with a Demonstration (1).pdf
Uncover the Flex Gateway with a Demonstration (1).pdfUncover the Flex Gateway with a Demonstration (1).pdf
Uncover the Flex Gateway with a Demonstration (1).pdf
 
Uncover the Flex Gateway with a Demonstration (1).pdf
Uncover the Flex Gateway with a Demonstration (1).pdfUncover the Flex Gateway with a Demonstration (1).pdf
Uncover the Flex Gateway with a Demonstration (1).pdf
 
Enterprise API deployment best practice
Enterprise API deployment best practiceEnterprise API deployment best practice
Enterprise API deployment best practice
 
WSO2 Ecosystem platform for Connected Telco
WSO2 Ecosystem platform for Connected TelcoWSO2 Ecosystem platform for Connected Telco
WSO2 Ecosystem platform for Connected Telco
 
Algorithm for Securing SOAP Based Web Services from WSDL Scanning Attacks
Algorithm for Securing SOAP Based Web Services from WSDL Scanning AttacksAlgorithm for Securing SOAP Based Web Services from WSDL Scanning Attacks
Algorithm for Securing SOAP Based Web Services from WSDL Scanning Attacks
 
F017353539
F017353539F017353539
F017353539
 
What's new in API Connect and DataPower - 2019
What's new in API Connect and DataPower - 2019What's new in API Connect and DataPower - 2019
What's new in API Connect and DataPower - 2019
 
Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...
 
[Workshop] API-driven Integration
[Workshop] API-driven Integration[Workshop] API-driven Integration
[Workshop] API-driven Integration
 
Service Oriented Architecture Updated Luqman
Service Oriented Architecture Updated LuqmanService Oriented Architecture Updated Luqman
Service Oriented Architecture Updated Luqman
 
Open APIs - Risks and Rewards (Øredev 2013)
Open APIs - Risks and Rewards (Øredev 2013)Open APIs - Risks and Rewards (Øredev 2013)
Open APIs - Risks and Rewards (Øredev 2013)
 
Federation Evolved: How Cloud, Mobile & APIs Change the Way We Broker Identity
Federation Evolved: How Cloud, Mobile & APIs Change the Way We Broker IdentityFederation Evolved: How Cloud, Mobile & APIs Change the Way We Broker Identity
Federation Evolved: How Cloud, Mobile & APIs Change the Way We Broker Identity
 

More from pqrs1234

AWS Route 53 with Mulesoft
AWS Route 53 with Mulesoft AWS Route 53 with Mulesoft
AWS Route 53 with Mulesoft
pqrs1234
 
Digital Transformation With MuleSoft : That Wins Customers
Digital Transformation With MuleSoft : That Wins CustomersDigital Transformation With MuleSoft : That Wins Customers
Digital Transformation With MuleSoft : That Wins Customers
pqrs1234
 
What is SSL/TLS, 1-way and 2-way SSL?
What is SSL/TLS, 1-way and 2-way SSL?What is SSL/TLS, 1-way and 2-way SSL?
What is SSL/TLS, 1-way and 2-way SSL?
pqrs1234
 
Session on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log managementSession on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log management
pqrs1234
 
Power of salesforce LWC with Mulesoft using platform events
Power of salesforce LWC with Mulesoft using platform eventsPower of salesforce LWC with Mulesoft using platform events
Power of salesforce LWC with Mulesoft using platform events
pqrs1234
 
Api complete life cycle with api security
Api complete life cycle with api securityApi complete life cycle with api security
Api complete life cycle with api security
pqrs1234
 
Nagpur Mulesoft Meetup on CICD using Jenkins
Nagpur Mulesoft Meetup on CICD using JenkinsNagpur Mulesoft Meetup on CICD using Jenkins
Nagpur Mulesoft Meetup on CICD using Jenkins
pqrs1234
 
Salesforce composite api mule soft connector
Salesforce composite api mule soft connectorSalesforce composite api mule soft connector
Salesforce composite api mule soft connector
pqrs1234
 
Coimbatore Second Mule Meetup on Error Handling in Mule 4
Coimbatore Second Mule Meetup on Error Handling in Mule 4Coimbatore Second Mule Meetup on Error Handling in Mule 4
Coimbatore Second Mule Meetup on Error Handling in Mule 4
pqrs1234
 

More from pqrs1234 (9)

AWS Route 53 with Mulesoft
AWS Route 53 with Mulesoft AWS Route 53 with Mulesoft
AWS Route 53 with Mulesoft
 
Digital Transformation With MuleSoft : That Wins Customers
Digital Transformation With MuleSoft : That Wins CustomersDigital Transformation With MuleSoft : That Wins Customers
Digital Transformation With MuleSoft : That Wins Customers
 
What is SSL/TLS, 1-way and 2-way SSL?
What is SSL/TLS, 1-way and 2-way SSL?What is SSL/TLS, 1-way and 2-way SSL?
What is SSL/TLS, 1-way and 2-way SSL?
 
Session on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log managementSession on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log management
 
Power of salesforce LWC with Mulesoft using platform events
Power of salesforce LWC with Mulesoft using platform eventsPower of salesforce LWC with Mulesoft using platform events
Power of salesforce LWC with Mulesoft using platform events
 
Api complete life cycle with api security
Api complete life cycle with api securityApi complete life cycle with api security
Api complete life cycle with api security
 
Nagpur Mulesoft Meetup on CICD using Jenkins
Nagpur Mulesoft Meetup on CICD using JenkinsNagpur Mulesoft Meetup on CICD using Jenkins
Nagpur Mulesoft Meetup on CICD using Jenkins
 
Salesforce composite api mule soft connector
Salesforce composite api mule soft connectorSalesforce composite api mule soft connector
Salesforce composite api mule soft connector
 
Coimbatore Second Mule Meetup on Error Handling in Mule 4
Coimbatore Second Mule Meetup on Error Handling in Mule 4Coimbatore Second Mule Meetup on Error Handling in Mule 4
Coimbatore Second Mule Meetup on Error Handling in Mule 4
 

Recently uploaded

math operations ued in python and all used
math operations ued in python and all usedmath operations ued in python and all used
math operations ued in python and all used
ssuser13ffe4
 
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
GeorgeMilliken2
 
Solutons Maths Escape Room Spatial .pptx
Solutons Maths Escape Room Spatial .pptxSolutons Maths Escape Room Spatial .pptx
Solutons Maths Escape Room Spatial .pptx
spdendr
 
Pengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptxPengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptx
Fajar Baskoro
 
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdfবাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
eBook.com.bd (প্রয়োজনীয় বাংলা বই)
 
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptxNEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
iammrhaywood
 
Chapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptxChapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptx
Denish Jangid
 
Bed Making ( Introduction, Purpose, Types, Articles, Scientific principles, N...
Bed Making ( Introduction, Purpose, Types, Articles, Scientific principles, N...Bed Making ( Introduction, Purpose, Types, Articles, Scientific principles, N...
Bed Making ( Introduction, Purpose, Types, Articles, Scientific principles, N...
Leena Ghag-Sakpal
 
IGCSE Biology Chapter 14- Reproduction in Plants.pdf
IGCSE Biology Chapter 14- Reproduction in Plants.pdfIGCSE Biology Chapter 14- Reproduction in Plants.pdf
IGCSE Biology Chapter 14- Reproduction in Plants.pdf
Amin Marwan
 
คำศัพท์ คำพื้นฐานการอ่าน ภาษาอังกฤษ ระดับชั้น ม.1
คำศัพท์ คำพื้นฐานการอ่าน ภาษาอังกฤษ ระดับชั้น ม.1คำศัพท์ คำพื้นฐานการอ่าน ภาษาอังกฤษ ระดับชั้น ม.1
คำศัพท์ คำพื้นฐานการอ่าน ภาษาอังกฤษ ระดับชั้น ม.1
สมใจ จันสุกสี
 
clinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdfclinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdf
Priyankaranawat4
 
Wound healing PPT
Wound healing PPTWound healing PPT
Wound healing PPT
Jyoti Chand
 
Hindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdfHindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdf
Dr. Mulla Adam Ali
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
Nguyen Thanh Tu Collection
 
Beyond Degrees - Empowering the Workforce in the Context of Skills-First.pptx
Beyond Degrees - Empowering the Workforce in the Context of Skills-First.pptxBeyond Degrees - Empowering the Workforce in the Context of Skills-First.pptx
Beyond Degrees - Empowering the Workforce in the Context of Skills-First.pptx
EduSkills OECD
 
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptxPrésentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
siemaillard
 
writing about opinions about Australia the movie
writing about opinions about Australia the moviewriting about opinions about Australia the movie
writing about opinions about Australia the movie
Nicholas Montgomery
 
B. Ed Syllabus for babasaheb ambedkar education university.pdf
B. Ed Syllabus for babasaheb ambedkar education university.pdfB. Ed Syllabus for babasaheb ambedkar education university.pdf
B. Ed Syllabus for babasaheb ambedkar education university.pdf
BoudhayanBhattachari
 
Main Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docxMain Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docx
adhitya5119
 
spot a liar (Haiqa 146).pptx Technical writhing and presentation skills
spot a liar (Haiqa 146).pptx Technical writhing and presentation skillsspot a liar (Haiqa 146).pptx Technical writhing and presentation skills
spot a liar (Haiqa 146).pptx Technical writhing and presentation skills
haiqairshad
 

Recently uploaded (20)

math operations ued in python and all used
math operations ued in python and all usedmath operations ued in python and all used
math operations ued in python and all used
 
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
 
Solutons Maths Escape Room Spatial .pptx
Solutons Maths Escape Room Spatial .pptxSolutons Maths Escape Room Spatial .pptx
Solutons Maths Escape Room Spatial .pptx
 
Pengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptxPengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptx
 
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdfবাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
 
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptxNEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
 
Chapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptxChapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptx
 
Bed Making ( Introduction, Purpose, Types, Articles, Scientific principles, N...
Bed Making ( Introduction, Purpose, Types, Articles, Scientific principles, N...Bed Making ( Introduction, Purpose, Types, Articles, Scientific principles, N...
Bed Making ( Introduction, Purpose, Types, Articles, Scientific principles, N...
 
IGCSE Biology Chapter 14- Reproduction in Plants.pdf
IGCSE Biology Chapter 14- Reproduction in Plants.pdfIGCSE Biology Chapter 14- Reproduction in Plants.pdf
IGCSE Biology Chapter 14- Reproduction in Plants.pdf
 
คำศัพท์ คำพื้นฐานการอ่าน ภาษาอังกฤษ ระดับชั้น ม.1
คำศัพท์ คำพื้นฐานการอ่าน ภาษาอังกฤษ ระดับชั้น ม.1คำศัพท์ คำพื้นฐานการอ่าน ภาษาอังกฤษ ระดับชั้น ม.1
คำศัพท์ คำพื้นฐานการอ่าน ภาษาอังกฤษ ระดับชั้น ม.1
 
clinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdfclinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdf
 
Wound healing PPT
Wound healing PPTWound healing PPT
Wound healing PPT
 
Hindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdfHindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdf
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
 
Beyond Degrees - Empowering the Workforce in the Context of Skills-First.pptx
Beyond Degrees - Empowering the Workforce in the Context of Skills-First.pptxBeyond Degrees - Empowering the Workforce in the Context of Skills-First.pptx
Beyond Degrees - Empowering the Workforce in the Context of Skills-First.pptx
 
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptxPrésentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
 
writing about opinions about Australia the movie
writing about opinions about Australia the moviewriting about opinions about Australia the movie
writing about opinions about Australia the movie
 
B. Ed Syllabus for babasaheb ambedkar education university.pdf
B. Ed Syllabus for babasaheb ambedkar education university.pdfB. Ed Syllabus for babasaheb ambedkar education university.pdf
B. Ed Syllabus for babasaheb ambedkar education university.pdf
 
Main Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docxMain Java[All of the Base Concepts}.docx
Main Java[All of the Base Concepts}.docx
 
spot a liar (Haiqa 146).pptx Technical writhing and presentation skills
spot a liar (Haiqa 146).pptx Technical writhing and presentation skillsspot a liar (Haiqa 146).pptx Technical writhing and presentation skills
spot a liar (Haiqa 146).pptx Technical writhing and presentation skills
 

Identity and Client Management using OpenID Connect and SAML

  • 1. [8th May 2021] [Coimbatore] MuleSoft Meetup Group Identity and Client Management With MuleSoft
  • 3. 3 Speakers Jitendra Bafna Senior Solution Architect Capgemini About the speaker:  Working as Senior Solution Architect at Capgemini.  MuleSoft Ambassador  Surat MuleSoft Meetup Leader.  12.5+ Years of Experience in Integrations and API Technologies.  Certified MuleSoft Integration Architect and platform Architect.
  • 4. CHEERS..!! We have prizes to give away! 3 Winners a special prize is ready 4 A SHOW OF HANDS: New Members With Us.!!
  • 5. 5 Agenda Introduction To API Security Security Threats and Vulnerabilities Identity Management – SAML and OpenID Connect Client Management – Dynamic Client Registration Live Demonstration Trivia Quiz
  • 6. What is API Security?
  • 7. 7 API Security is an essentials elements of the applications, especially in regards to APIs where you have hundreds or thousands of calls on daily basis. Everyday new threats and vulnerabilities are created and in such case it is very important to secure the APIs. MuleSoft provided the API manager which can minimize the risks from attacks like DDoS, DoS or any security vulnerabilities. API manager provides option for creating the API proxy for the backend API running on Anypoint platform and thereby secures requests coming into the platform again the API. What is API Security?
  • 8. 8 Different Types of API Attacks API Threats Denial Of Service Distributed Denial Of Service Parameter Tampering CORS/XSS Injection Attacks Sensitive Data Exposure
  • 9. 9 ⮚ Digital Signatures. ⮚ Cryptography like PGP, JCE and XML. ⮚ JWT OAuth or Token Based Authentication ⮚ API Manager Policies like Rate Limiting, XML Threat Protection, JWT Validation etc. ⮚ Anypoint Security and Web Application Firewall in case of Runtime Fabric. ⮚ Identity Management and Client Management Ways to achieve API Security API Security OAuth Rate Limiting Digital Signatures Cryptography Policies like XML Threat Protection, Rate Limiting, CORS etc. Anypoint Security Anypoint API Policies (Security) JWT Validation Policies Basic Authentication – Simple and LDAP XML/JSON Threat Protection Policies IP Whitelisting/Blacklisting Tokenization/Detokenization
  • 10. 10 OAuth Providers Grant Types OAuth Providers & Grant Types OKTA PING OPEN AM Keycloak AWS Cognito Azure IdP Auth0 Google Box GitHub Authorization Code Client Credentials Refresh Token Password Implicit Code
  • 11. 11 OAuth JWT – Authorization Code
  • 12. 12 OAuth JWT – Implicit Code
  • 13. 13 OAuth JWT – Client Credentials
  • 14. SAML 2.0 Identity Management SAML is stand for Security Assertion Mark-up Language and it is mainly designed to authenticate the users and provide identity data for access control and communication method for user identity. SAML is XML-based open standards for transferring data between two parties, Identity Provider (IP) and Service Provider (SP). ● Identity Provider is basically performs the authentication and transfer user identity to the Service Provider. ● Service Provide one who trusts the Identity Provider and authorized the user to access requested resources. 14
  • 15. SAML 2.0 Identity Management 15
  • 16. 16 OpenID Connect extends OAuth 2.0. The OAuth 2.0 protocol provides API security via scoped access tokens, and OpenID Connect provides user authentication and single sign-on (SSO) functionality. As the Anypoint Platform organization administrator, you can configure identity management in Anypoint Platform to set up users for single sign-on (SSO). Configure identity management using one of the following single sign-on standards: ● OpenID Connect: End user identity verification by an authorization server including SSO. ● SAML 2.0: Web-based authorization including cross-domain SSO. OpenID Connect Identity Management
  • 17. 17 SAML (SAML 1.0 and 2.0) and OpenID Connect (OIDC) are identity protocols, designed to authenticate users, and provide identity data for access control and as a communication method for a user’s identity. Mainly used for Enterprise and Government applications, SAML 2.0 is a mature technology dating from 2005 and supports a wide range of identity functionality. SAML uses XML for its identity data format and simple HTTP or SOAP for data transport mechanisms. A relatively new protocol, continuously evolving, OIDC was designed with web and mobile applications in mind. Designed to be easy to adopt and use, OIDC is an extension of OAuth2, with data structures in JSON format (JWT), and simple HTTPS flows for transport. SAML V/S OpenID Connect
  • 18. 18 Dynamic Client Registration allows you to register third party applications dynamically. This feature is based on the OpenID Connect Dynamic Client Registration specification. The OKTA Dynamic Client Registration API provides operations to register and manage client applications for use with Okta's OAuth 2.0 and OpenID Connect endpoints. Client Management – Dynamic Client Registration
  • 19. Demonstration 1. Identity Management With OpenID Connect 2. Client Management With OpenID Connect – Dynamic Client Registration 3. Identity Management With SAML