Profesia, Lynx Group, presenta la quinta puntata della serie di master class sulla tecnologia WSO2 di cui è Distributore esclusivo per l'Italia.
Il webinar, con la partecipazione straordinaria di WSO2, descrive come implementare nei client l'autorizzazione OAUTH2.
Scrivi a contact@profesia.it se stai pensando a una trasformazione digitale per evolvere verso un business agile
CIS14: Working with OAuth and OpenID ConnectCloudIDSummit
Roland Hedberg, Umeå University
All you need to know about OpenID Connect, with concrete examples and hands-on demos that illustrate how OpenID Connect can be used in web and mobile scenarios.
CIS14: OAuth and OpenID Connect in ActionCloudIDSummit
Chuck Mortimore, Salesforcce.com
Setup and walk-through of live demos, demonstrating interop of various providers and showing real enterprise use-cases.
CEOS WGISS 36 - Frascati, Italy - 2013.09.19
Single Sign On with OAuth and OpenID used for Kalideos project and to be used within the French Land Surface Thematic Center
Как да контролираме достъпа до web API и други защитени ресурси посредством OAuth 2.0, и как да идентифицираме потребители с OpenID Connect. Лекцията е предназначена за уеб архитекти и програмисти, както и за всички разработчици, които искат да научат повече за новите уеб протоколи за авторизация и автентикация.
CIS14: Working with OAuth and OpenID ConnectCloudIDSummit
Roland Hedberg, Umeå University
All you need to know about OpenID Connect, with concrete examples and hands-on demos that illustrate how OpenID Connect can be used in web and mobile scenarios.
CIS14: OAuth and OpenID Connect in ActionCloudIDSummit
Chuck Mortimore, Salesforcce.com
Setup and walk-through of live demos, demonstrating interop of various providers and showing real enterprise use-cases.
CEOS WGISS 36 - Frascati, Italy - 2013.09.19
Single Sign On with OAuth and OpenID used for Kalideos project and to be used within the French Land Surface Thematic Center
Как да контролираме достъпа до web API и други защитени ресурси посредством OAuth 2.0, и как да идентифицираме потребители с OpenID Connect. Лекцията е предназначена за уеб архитекти и програмисти, както и за всички разработчици, които искат да научат повече за новите уеб протоколи за авторизация и автентикация.
Explains the process described in the core specification for OpenID Connect 1.0 which is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.
As part of MobiliYa Spread Knowledge Initiative Presentation Series.
Agenda
1.Intro -Auth-Authentication & Authorization & SSO
2.OAuth2 in Depth
3.Where does JWT fit in ?
4.How to do stateless Authorization using OAUTH2 & JWT ?
5.Some Sample Code ? How easy is it to implement ?
Authentication and Authorization Architecture in the MEAN StackFITC
Save 10% off ANY FITC event with discount code 'slideshare'
See our upcoming events at www.fitc.ca
Yuri will discuss the challenges of authentication and authorization in the MEAN stack. Topics include architecture, best practices for determining client and server responsibilities, and the importance of sharing authorization context with the client logic in order to build an effective user experience. Angular and Node code samples will be used to illustrate.
Presented live at FITC's Spotlight: MEAN Stack event held on March 28th, 2014
More info at FITC.ca
Securing your APIs with OAuth, OpenID, and OpenID ConnectManish Pandit
As products and companies move towards IoT model, users and machines alike need to interact with various APIs. Securing these APIs in a connected world can be a challenge faced by many. Fortunately, there are open standards addressing even the most complex of use cases - OAuth, OpenID and OpenID Connect happen to be widely adopted and have a growing support across many API and Identity Providers. In this session I'll talk about these standards, and walk through common use cases/flows from an API Provider as well as consumer's side. We will explore how these standards come together to not only secure the APIs, but also manage identity.
Websites and applications are implementing social single sign-on to allow users to login using trusted authentication providers such as Google, Facebook, and even Salesforce. Join us to learn how to configure the OpenID Connect authentication provider to allow users to authenticate at Google to access a Salesforce environment. We'll also look at how you can relieve yourself of the burden of password management by having your web app login users via Salesforce.
OpenID Connect: The new standard for connecting to your Customers, Partners, ...Salesforce Developers
With the proliferation of cloud applications, mobile devices, and the need to connect to external users, IT organizations are increasingly challenged with how to manage and gain transparency into user access to systems and applications. As your organization looks to deploy Identity in the cloud, it’s critical that this is backed by open-standards.
In this webinar, Chuck Mortimore, Pat Patterson, and Ian Glazer will give you a broad overview of how OpenID Connect can help better connect you with your customers, partners, apps, and devices
Key Takeaways
Get introduced to OpenID Connect, learn how it builds on top of OAuth, and discover why it’s an important new standard for your organization
Consume OpenID Connect from popular Identity providers with Social Sign-On
Provide a single, branded Identity to your own users and applications using OpenID Connect
Use OpenID Connect to easily build Identity-enabled mobile applications
Plan for the next generation of connected devices
Intended Audience
This webinar is aimed at a technical audience of administrators, developers, architects and business analysts who are wishing to learn more about Identity and Standards
OAuth 2.0 is an open authentication and authorization protocol which enables applications to access each others data. This talk will presents how to implement the OAuth2 definitions to secure RESTful resources developed using JAX-RS in the Java EE platform.
This slide deck gives an introduction to OAuth 2.0, starting with some concepts, explaining the flow plus a few hints. The reminder of the slides are about implementing an OAuth 2.0 server using the Apache Amber library (renamed to Apache Oltu lately). My impression is that many developers shy away as soon as they hear "security" and so I did not only want to talk about the concepts of OAuth 2.0 but also wanted to show how easily you can implement an OAuth 2.0 server ... hope it reduces the fear of contact a bit ... ;-)
The OAuth 2.0 authorization framework enables a third-party
application to obtain limited access to an HTTP service, either on
behalf of a resource owner by orchestrating an approval interaction
between the resource owner and the HTTP service, or by allowing
the third-party application to obtain access on its own behalf.
An Authentication and Authorization Architecture for a Microservices WorldVMware Tanzu
SpringOne Platform 2016
Speaker: David Ferriera; Director, Cloud Technology, Forgerock
Microservices architecture elevates the challenges for Authentication and Authorization management. When a single frontend request can result in many backend microservices calls, it is important to balance security and performance. ForgeRock provides a standards-based blueprint that provides a flexible solution for making these choices while protecting your Cloud Foundry services end to end.
CIS14: Consolidating Authorization for API and Web SSO using OpenID ConnectCloudIDSummit
John Bradley, Ping Identity
Overview of the different participant rolls in OpenID Connect, how JSON Web Tokens (JWT) are used, how OpenID Connect provides both authentication and authorization tokens in a single flow, and how OpenID Connect can support Single Sign on for Native Applications.
How do SAML, OpenID Connect and OAuth compare? How are they similar? Different? When do you use one or the other? For more info, also see my blog: http://gluu.co/oauth-saml-openid
Explains the process described in the core specification for OpenID Connect 1.0 which is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.
As part of MobiliYa Spread Knowledge Initiative Presentation Series.
Agenda
1.Intro -Auth-Authentication & Authorization & SSO
2.OAuth2 in Depth
3.Where does JWT fit in ?
4.How to do stateless Authorization using OAUTH2 & JWT ?
5.Some Sample Code ? How easy is it to implement ?
Authentication and Authorization Architecture in the MEAN StackFITC
Save 10% off ANY FITC event with discount code 'slideshare'
See our upcoming events at www.fitc.ca
Yuri will discuss the challenges of authentication and authorization in the MEAN stack. Topics include architecture, best practices for determining client and server responsibilities, and the importance of sharing authorization context with the client logic in order to build an effective user experience. Angular and Node code samples will be used to illustrate.
Presented live at FITC's Spotlight: MEAN Stack event held on March 28th, 2014
More info at FITC.ca
Securing your APIs with OAuth, OpenID, and OpenID ConnectManish Pandit
As products and companies move towards IoT model, users and machines alike need to interact with various APIs. Securing these APIs in a connected world can be a challenge faced by many. Fortunately, there are open standards addressing even the most complex of use cases - OAuth, OpenID and OpenID Connect happen to be widely adopted and have a growing support across many API and Identity Providers. In this session I'll talk about these standards, and walk through common use cases/flows from an API Provider as well as consumer's side. We will explore how these standards come together to not only secure the APIs, but also manage identity.
Websites and applications are implementing social single sign-on to allow users to login using trusted authentication providers such as Google, Facebook, and even Salesforce. Join us to learn how to configure the OpenID Connect authentication provider to allow users to authenticate at Google to access a Salesforce environment. We'll also look at how you can relieve yourself of the burden of password management by having your web app login users via Salesforce.
OpenID Connect: The new standard for connecting to your Customers, Partners, ...Salesforce Developers
With the proliferation of cloud applications, mobile devices, and the need to connect to external users, IT organizations are increasingly challenged with how to manage and gain transparency into user access to systems and applications. As your organization looks to deploy Identity in the cloud, it’s critical that this is backed by open-standards.
In this webinar, Chuck Mortimore, Pat Patterson, and Ian Glazer will give you a broad overview of how OpenID Connect can help better connect you with your customers, partners, apps, and devices
Key Takeaways
Get introduced to OpenID Connect, learn how it builds on top of OAuth, and discover why it’s an important new standard for your organization
Consume OpenID Connect from popular Identity providers with Social Sign-On
Provide a single, branded Identity to your own users and applications using OpenID Connect
Use OpenID Connect to easily build Identity-enabled mobile applications
Plan for the next generation of connected devices
Intended Audience
This webinar is aimed at a technical audience of administrators, developers, architects and business analysts who are wishing to learn more about Identity and Standards
OAuth 2.0 is an open authentication and authorization protocol which enables applications to access each others data. This talk will presents how to implement the OAuth2 definitions to secure RESTful resources developed using JAX-RS in the Java EE platform.
This slide deck gives an introduction to OAuth 2.0, starting with some concepts, explaining the flow plus a few hints. The reminder of the slides are about implementing an OAuth 2.0 server using the Apache Amber library (renamed to Apache Oltu lately). My impression is that many developers shy away as soon as they hear "security" and so I did not only want to talk about the concepts of OAuth 2.0 but also wanted to show how easily you can implement an OAuth 2.0 server ... hope it reduces the fear of contact a bit ... ;-)
The OAuth 2.0 authorization framework enables a third-party
application to obtain limited access to an HTTP service, either on
behalf of a resource owner by orchestrating an approval interaction
between the resource owner and the HTTP service, or by allowing
the third-party application to obtain access on its own behalf.
An Authentication and Authorization Architecture for a Microservices WorldVMware Tanzu
SpringOne Platform 2016
Speaker: David Ferriera; Director, Cloud Technology, Forgerock
Microservices architecture elevates the challenges for Authentication and Authorization management. When a single frontend request can result in many backend microservices calls, it is important to balance security and performance. ForgeRock provides a standards-based blueprint that provides a flexible solution for making these choices while protecting your Cloud Foundry services end to end.
CIS14: Consolidating Authorization for API and Web SSO using OpenID ConnectCloudIDSummit
John Bradley, Ping Identity
Overview of the different participant rolls in OpenID Connect, how JSON Web Tokens (JWT) are used, how OpenID Connect provides both authentication and authorization tokens in a single flow, and how OpenID Connect can support Single Sign on for Native Applications.
How do SAML, OpenID Connect and OAuth compare? How are they similar? Different? When do you use one or the other? For more info, also see my blog: http://gluu.co/oauth-saml-openid
The world of Identity and Access Management is ruled by two things, acronyms and standards. In our hugely popular blog post on SAML vs OAuth we compared the two most common authorization protocols – SAML2 and OAuth 2.0. This white paper extends that comparison with the inclusion of a third protocol, OpenID Connect. We also touch on the now obsolete OpenID 2.0 protocol.
Microsoft Graph API Delegated PermissionsStefan Weber
Slidedeck presented during a webinar i held on13th December 2023 about how to consume Microsoft Graph API using user level permissions.
Webinar Recording https://youtu.be/2cSsg5ws1H4
OAuth 2.0 es un protocolo abierto que nos brinda autorización y delegación para nuestras APIs HTTP. En esta sesión daremos un repaso al estado del arte de la seguridad en las APIs HTTP. A continuación pasaremos a entender que es este protocolo y como funciona. Daremos un repaso a todos sus flujos: Authorization Code, Implicit, Client Credentials, ROPC, PKCE… y veremos ejemplos en directo para acabar de tener un imagen completa de todo lo que nos ofrece y que nos servirá para cuando empecemos a trabajar con servidores de identidad OIDC.
1. Intro - Auth - Authentication & Authorization & SSO
2. OAuth2 in Depth
3. Where does JWT fit in ?
4. How to do stateless Authorization using OAUTH2 & JWT ?
5. Some Sample Code ? How easy is it to implement ?
It seems that OAuth 2.0 is everywhere these days. Whether you are building a hot new single page web application (SPA), a native mobile experience, or just trying to integrate with the API economy, you can't go far without running into the popular authorization framework for REST/APIs and social authentication.
During Oktane15 (https://www.okta.com/oktane15/), Karl McGuinness, our Senior Director of Identity, demystified the powerful, yet often misunderstood, world of OAuth 2.0 and shared details on Okta’s growing support for OpenID Connect.
AllTheTalks.Online 2020: "Basics of OAuth 2.0 and OpenID Connect"Andreas Falk
Microservice architectures bring many benefits to software applications. But at the same time, new challenges of distributed systems have also been introduced. One of these challenges is how to implement a flexible, secure and efficient authentication and authorization scheme in such architectures.
The common solution for this is to use stateless token-based authentication and authorization by adopting standard protocols like OAuth 2.0 and OpenID Connect (OIDC).
In this talk, you will get a concise introduction into OAuth 2.0 and OIDC.
We will look at OAuth 2.0 and OIDC grant flows and discuss the differences between OAuth 2.0 and OpenID Connect. Finally, you will be introduced to the current best practices currently evolved by the working group.
So If you finally want to understand the base concepts of OAuth 2.0 and OIDC in a short time then this is the talk you should go for.
OAuth 2.0 - The fundamentals, the good , the bad, technical primer and commo...Good Dog Labs, Inc.
OAuth 2.0 seems to be a comprehensive framework for authorizing access to protected resources, but is it really? We can argue that OpenID Connect will make it enterprise ready, but level of adoption in the enterprise is yet to be seen. This primer describes the framework fundamentals,the good, the bad, and common OAuth 2.0 flows.
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...WSO2
Client-side applications are becoming an increasingly popular technology to build applications owing to the advanced user experience that they provide consumers. Authentication and API authorization for these applications are also becoming equally popular topics that many developers have a hard time getting their heads around.
Check these slides, where Johann Nallathamby, Head of Solutions Architecture for IAM at WSO2, will attempt to demystify some complexities and misconceptions surrounding this topic and help you better understand the most important features to consider when choosing an authentication and API authorization solution for client-side applications.
These slides will review:
- The broader classification of client-side applications and their legacy and more recent authentication and API authorization patterns
- Sender-constrained token patterns
- Solution patterns being employed to improve user experience in client-side applications
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...apidays
INTERFACE, by apidays 2021 - It’s APIs all the way down
June 30, July 1 & 2, 2021
The Evolution of API Security for Client-Side Applications
Johann Dilantha Nallathamby, Head of Solutions Architecture for IAM at WSO2
APIs are now the standard entry point to the majority of newly created ‘back-end’ functionality. These APIs exist to provide not only a standardized, structured way to access the required features or functions, but also to act as ‘gatekeepers’, ensuring appropriate security, auditing, accounting etc. Security is always underpinned by identity and as such, APIs need to know if not who is accessing them, what is the context in which they are being accessed.
6.TICTACTECH_POLARION_5giugno_ Functional Safety & CyberSecurity con PolarionProfesia Srl, Lynx Group
Nella 6° puntata di Tic Tac Tech abbiamo ospitato Siemens che ci ha illustrato in che modo Polarion è nativamente compliance ai principali standard di sicurezza cross market e al riparo dai cyber attacchi. Ogni mercato ha le sue normative di riferimento e Polarion mette a disposizione Template ad hoc per aderire alle normative.
Non esitate a contattarci per una demo ad hoc sul vostro standard!
sales@profesia.it
In questa sessione ci concentriamo sul concetto di Total Experience e su come oggi le dinamiche che ruotano attorno ai dipendenti e ai clienti si intrecciano verso un nuovo concetto di Brand Awareness.
Migliorare la onboarding dei dipendenti grazie all'utilizzo di strumenti di Digital Adoption Platform vuol dire contribuire a migliorare retention e produttività.
I vantaggi per le organizzazioni sono molteplici:
👩🏫 Formazione tradizionale VS 👨💻 #Selflearning
🚂 Learning curve VS digital Onboarding 💹
🐢Lentezza VS Agilità 🐍
Scrivici - sales@profesia.it - per scoprire come una DAP può aiutare i tuoi colleghi in #smartworking a integrarsi facilmente nelle dinamiche aziendali
3.TIC TAC TECH: Gartner - Gestire il debito tecnico dell'architettura ITProfesia Srl, Lynx Group
Il debito tecnico dell'architettura IT è quel tipo di debito tecnico causato da una deriva architetturale derivata da decisioni non ottimali, violazioni dell'architettura del prodotto target definito e anche da best practice architetturali di settore e da compromessi architettonici adottati per velocizzare la software delivery.
In questo talk commentiamo il report di Gartner dedicato a questo tema.
Per scoprire come modernizzare il vostro IT e risolvere il debito scrivete a sales@profesia.it
2. Guidare il futuro, l'approccio di WSO2 Italia alle tendenze tecnologiche e...Profesia Srl, Lynx Group
Nella seconda puntata di TIC TAC TECH vedremo dove ci troviamo e dove siamo diretti in termini di tecnologie emergenti. Matteo, CTO di Profesia ci darà degli input su quali tendenze tecnologiche emergenti sono da cavalcare, per cogliere potenzialità e vantaggi in un Business digitale moderno che si evolve continuamente.
Guidare il futuro: l'approccio di WSO2 Italia.
Scrivi a sales@profesia.it per conoscere i nostri esperti
1. Nella prima puntata TIC TAC TECH 2024 analizzeremo il 9° Report di Sonatype sul mondo Open Source e sulla sicurezza della catena di fornitura del software. Scarica il report completo sul sito di Sonatype o scrivi a info@profesia.it per mettere in sicurezza il tuo patrimonio Open Source
Profesia e Newired presentano un webinar che racconta come è possibile rivoluzionare il vostro processo di creazione dei contenuti del vostro sito web, consentendovi di semplificare concetti complessi, snellire i flussi di lavoro e fornire istruzioni passo-passo che coinvolgano e responsabilizzino realmente i vostri utenti.
In questo webinar di 30 minuti vedrai:
- best practice sulla DAS;
- consigli pratici;
- esempi reali che dimostrano come Newired possa elevare i vostri contenuti a nuovi livelli di chiarezza ed efficacia.
Vuoi provare Newired sulla tua applicazione? Scrivi a sales@profesia.it per una POC
In Estra la Digital Transformation parte dalla User Experience del ClienteProfesia Srl, Lynx Group
Per rispondere alle esigenze di business che nel tempo hanno richiesto sempre più un approccio efficiente e rapido nella gestione dei servizi, abbiamo installato un’infrastruttura che chi ha consentito di integrare la App mobile di Estra con il gestionale aziendale. La suite WSO2 è stata la chiave che ci ha permesso di velocizzare lo sviluppo delle nostre App Web e Mobile, migliorare la sicurezza e l’esperienza dei clienti.
Intervento di Manuel Cesarini, Estra Spa.
Per maggiori informazioni puoi scrivere a sales@profesia.it
Nello speech Michelangelo Simonazzi racconta come un’integrazione tra sistemi omnicanale, stores, WMS, marketplace in ambienti internazionali permette una riduzione del time-to-market ed una standardizzazione delle procedure operative.
Intervento di Michelangelo Simonazzi, Gianvito Rossi.
Per maggiori informazioni puoi scrivere a sales@profesia.it
Nell’intervento Stefano Olivotto di Crédit Agricole Italia ha illustrato la sua esperienza nell’adozione di uno strumento di API management e di un processo di gestione delle API, con una particolare focalizzazione su metodologia di adozione, sulle principali sfide indirizzate e un verticale sul livello di automazione raggiunto mediante l’adozione di tecniche di DevOps.
Per maggiori informazioni scrivi a sales@profesia.it
Evoluzioni nel mondo delle API
Matteo Bordin, CTO di Profesia, Lynx Group, ci racconta in che modo l'AI può aiutare nell'esposizione di servizi digitali per una esperienza utente positiva.
Per maggiori informazioni scrivi a sales@profesia.it
WSO2 ITALIA SMART TALK #10 - Interoperability nelle utility, un caso realeProfesia Srl, Lynx Group
Nella decima puntata di WSO2 ITALIA SMART TALK 2023 - Alessio e Daniele ci raccontano alcuni casi d'uso di interoperabilità attualmente utilizzati in ambito Utility.
Vuoi conoscere Profesia e il nostro approccio orientato al Business Digitale? Scrivi a sales@profesia.it per fissare un appuntamento
WSO2 ITALIA SMART TALK 2023 - Gabriele ci mostra come installare WSO2 in AWS.
Vuoi conoscere Profesia e il nostro approccio orientato al Business Digitale? Scrivi a sales@profesia.it e fissiamo un appuntamento
WSO2 SMART TALK 2023 #2 Novità di WSO2 Identity Server
Nel secondo appuntamento di WSO2 smart talk 2023 Matteo ci racconta tutte le novità di WSO2 Identity Server 6.2. Per ulteriori informazioni scrivete a sales@profesia.it
Leo Antonaccio ci racconta un tipico caso d'uso di implementazione di WSO2 IDENTITY SERVER con SPID.
In questo talk ci rivolgiamo non solo alle PA ma a qualsiasi organizzazione interscambi informazioni con la PA.
Vuoi conoscere Profesia?
Scrivi a sales@profesia.it per conoscere il nostro approccio: smart, collaudato, efficace
WSO2 ITALIA SMART TALK 2023 #8
ASYNCHRONOUS API. STREAMING AND EVENT DRIVEN ARCHITECTURE.
Unisciti al Gruppo Linkedin WSO2 ITALIA CLUB e scopri come avere un digital business di successo.
Scrivi a sales@profesia.it per conoscere Profesia, polo innovativo del Gruppo Lynx
WSO2 ITALIA SMART TALK #6 - Autenticazione User Centric: Identità digitaleProfesia Srl, Lynx Group
L'esposizione di dati e/o servizi attraverso la progettazione di API non deve solo tenere conto del dato che viene esposto, quanto piuttosto dell'utilizzo che l'utente farà di quel dato.
Per questo motivo la progettazione di una qualsiasi infrastruttura è bene che sia svolta partendo dalle esigenze dell'utente finale (user centred), occorre quindi chiesersi come l'usere interagirà con il prodotto in modo da poter implementare un applicativo semplice da usare così da ridurre al minimo il periodo di formazione dell'utente stesso all'utilizzo del prodotto.
WSO2 Identity Server pone l'attenzione nella gestione degli utenti finali come soggetti distinti tra di loro e con differenti peculiarità, aiutando gli amministratori della piattaforma applicativa nell'on-boarding e nella gestione degli stessi.
Scrivi a sales@profesia.it per conoscere come rendere la gestione delle identità digitali un fattore di successo
WSO2 ITALIA SMART TALK #5 - APIFICATION: OPPORTUNITÀ DELLE ORGANIZZAZIONI MOD...Profesia Srl, Lynx Group
APIfication, con questo termine sempre più "di moda" identifichiamo uno strumento che consente di valorizzare maggiormente le API, rendendo disponibili funzionalità e dati come servizio, lo riteniamo sempre più importante, in un'ottica di digital transformation, soprattutto in area banking e finance.
Un approccio più moderno all’integrazione API riduce il time-to-market, velocizza l'adozione di nuove tecnologie e crea nuovi flussi di entrate, aumentando la crescita dei ricavi.
L'APIfication può aiutare a creare con più facilità offerte integrate di vendita e marketing con i partner e a fornire prodotti e servizi più velocemente. In questo appuntamento numero 5 di WSO2 ITALIA SMART TALK ti raccontiamo come evolvere il vostro business! Scrivi a sales@profesia.it per conoscere i numerosi progetti di successo
In questo appuntamento con WSO2 SMART TALK, il nostro partner WSO2 ci racconta il caso di successo di Telefonica (O2) Germany e la sua strategia di APIfication. Scopri come monetizzare le tue API e offrire un'esperienza di navigazione user centric ai tuoi clienti. Scrivi a sales@profesia.it per iniziare subito
In questa prima puntata di WSO2 Smart Talk 2023 Matteo ci farà esplorare WSO2 API Manager 4.1.0 raccontandoci principali use cases, caratteristiche dell'ultima versione e anche accenni a versioni future
Nell'ambito dell'iniziativa #PAnontidemo_webinar, ciclo di eventi e iniziative dedicati alla Pubblica Amministrazioni italiana, Emerasoft e Profesia presentano weModI, la soluzione per l'interoperabilità delle PA conforme alle normative AgID (ModI & PDND).
Negli ultimi anni le Amministrazioni Pubbliche sono chiamate a interscambiare informazioni attraverso le API. Questo processo si è reso necessario per rendere standard il processo di interoperabilità tra gli enti sul territorio italiano.
WSO2 è la soluzione 100% Open Source e leader di mercato in grado di aiutare il Management di un ente (pubblico o privato) nel processo di manutenzione ed evoluzione delle API. Il percorso tracciato da WSO2 risponde puntualmente alle esigenze degli utenti finali e nel caso della Pubblica Amministrazione, che rappresenta uno dei principali utilizzatori della piattaforma, viene messa a disposizione l'estensione weModI, che rende WSO2 API Manager conforme ai pattern definiti da AgID.
Gli utenti hanno così la possibilità di pubblicare e sottoscrivere API aderenti ai pattern ModI in modo semplice e sicuro, avviando un percorso di collaborazione e monetizzazione che assicura trasparenza e rapidità nell'interoperabilità con altri enti nazionali ed europei secondo quello che è già noto come Interoperable Europe Act.
Se sei una PA alle prese con PDND contattaci! Scrivi a sales@profesia.it o chiamaci allo 0110120371
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
#5 WSO2 Masterclassitalia - WSO2 Identity Server, un approccio OAUTH2
1.
2. Iscriviti al gruppo Linkedin WSO2 Italia per entrare nella community italiana,
conoscere la tecnologia WSO2 e condividere strategie di integrazione e use cases
17. Identity Server: Oauth2 lato Client
OAuth Token Validation using SOAP Service
WSO2 Identity Server provides a SOAP service to validate the OAuth2 token it has issued, which can be used by the
resource server. This section guides you through calling the SOAP service using the SOAP UI.
Sample: using SoapUI
1. Go to the SOAP UI and give the WSDL location
Service Name: OAuth2TokenValidationService
WSDL location: https://localhost:9443/services/OAuth2TokenValidationService?wsdl
19. Identity Server: Oauth2 lato Client
OAuth2 Token Revocation
The OAuth Token Revocation functionality is available with WSO2 Identity Server and follows this specification
REST endpoint at /oauth2/revoke
The following is an example of the request that needs to be sent to the revocation REST endpoint by OAuth 2.0 client
to revoke a token:
curl -X POST --basic -u "<client id>:<client secret>" -H "Content-Type:
application/x-www-form-urlencoded;charset=UTF-8" -k -d "token=<token to
revoke>&token_type_hint=access_token" https://localhost:9443/oauth2/revoke
20. Identity Server: Oauth2 lato Client
OAuth2 Clients
The OAuth 2.0 specification defines two types of clients based on their ability to maintain the confidentiality of client
credentials as below.
Confidential:
A Confidential client is capable of maintaining the confidentiality of its credentials provided by an authorization
server. For example a web application where only the administrator can get access to the server and see the client
credentials would be a confidential client.
Public:
A public client is not capable of maintaining the confidentiality of its credentials provided by an authorization server.
For example a mobile phone application or a desktop application that has the client secret embedded, could get
cracked, and the secret could be revealed. The same is true for a JavaScript application running in the users browser.
The user could use a JavaScript debugger to look into the application, and see client credentials.
23. Back-channel Authentication and API Authorization
The following implementations are the most common back-channel flows you may come across:
1. Legacy username/password authentication and token-based API authorization
2. OIDC resource owner password grant flow
26. Front-channel Authentication and API Authorization
The following implementations are the most common front-channel flows you may come across:
● Legacy identity federation and API authorization
● OIDC implicit grant flow
● OIDC authorization code grant flow
● OIDC authorization code grant flow with Proof Key for Code Exchange (PKCE)
31. Front-channel Authentication and API Authorization
Pro:
● They provide a single sign-on experience to the users.
● Users provide their credentials only to the IAM system which mitigates possibilities of password leakage to a
great extent.
Cons:
● they involve redirections and therefore do not provide the best possible user experience.
Pros and Cons of front-channel flows