SlideShare a Scribd company logo

[WSO2Con EU 2018] Identity APIs is the New Black

WSO2
WSO2

This presentation explores how Identity APIs have evolved over the time to cater the consumer and enterprise requirements, and real-world scenarios where tough identity challenges have been successfully tackled by using them.

Technology
1 of 26
Download to read offline
VP Engineering, WSO2 Identity APIs is the New Black S. Uthaiyashankar
IAM Evolution
Story of Kermit Corporation LDAP HR Application Payroll Application License Application AD RDB Kermit Corp John John Li JohnL
Siloed IAM - Centralized but Proprietary Payroll Application Identity Provider HR Application License Application Kermit Corp FinOrg CRM Application Kermit Proprietary Kermit Proprietary Kermit Proprietary
● Same physical user digitally represented in different siloes with different credentials ● No single sign-on across silos ● Higher probability of identity mismanagement ● Identity integrations across department/enterprise borders are difficult or impossible IAM Challenges in Kermit Corp
Centralized IAM - Standard APIs Payroll Application Identity Provider HR Application License Application Kermit Corp FinOrg CRM Application SAML SSO / SCIM / OAuth OpenID Connect / SCIM WS-Fed / SCIM OpenID Connect / SCIM
Dave is Not Happy Yet!
Customer (is the king!) IAM ● Social login and BYOI ● Seamless experience across devices (Omnichannel) ● Privacy ○ Consent management ○ Ownership of user information ● Party-to-party delegation
Self Care Portal Identity Provider Retail Application Cloud OIDC OpenID Connect / SCIM / Consent Receipt Customer CRM SCIM Kermit Corp CIAM at a Glance
Business Success Seamless Experience Customer Satisfaction Identity Integrations Identity APIs
Dave is Happy !!
Next Big Challenge -> Identity of Things ● Dynamic device registration ● Device to device authentication ● Delegation of device access
Modern Identity APIs
User Provisioning with SCIM Self Care Portal Identity Provider Foo Org Zee Org Identity Provider Bar Org Identity Provider SCIM SCIM SCIM Inbound Outbound Inbound
Delegated Authorization with OAuth 2.0 Authorization Code Grant Suitable for web applications SAML Bearer Grant Suitable for apps already using SAML SSO for authentication JWT Grant Suitable for apps already using a JWT mechanism for authentication Client Credentials Grant Suitable to retrieve data not specific to end users - e.g. Weather/Stocks - and for machine-to-machine communications
Application (OAuth Client) OAuth Authorization Server 2 3 4 1 5 6 7 8 Authz Code Grant Flow OAuth Resource Server Introspect Authenticate + Consent 302 Access Token Rq Access Token Access Token Access Token Resource Request Prerequisite Client application registered with the Authz Server manually or via Dynamic Client Registration Resource Owner Authz Code
Authentication with OIDC ● OpenID Connect was created on top of OAuth 2.0 to provide an identity layer ● Introduces a new scope named “openid” ● Introduces a new token named ID Token, containing user claims ● Introduces a new endpoint named ‘userinfo’, to fetch additional user claims
OIDC Flow Application (OAuth Client) OAuth Authorization Server Resource Owner 2 3 4 1 5 6 9 OAuth Resource Server Introspect Authz Code 302 Access Token Rq Access Token ID Token User Info Request 7 Access Token Access Token 8 Access Token Resource Request scope=openid Authenticate + Consent
Party-to-party Delegation with UMA 2.0 ● Developed on top of OAuth 2.0 ● Introduces an entity named ‘Requesting Party’, and two access tokens named ‘Protection API token’ (PAT) and ‘Requesting Party Token’ (RPT) ● Lots of use cases in CIAM and IoT: ○ E.g. A patient granting access to Doctor and Insurer to their health records ○ E.g. Homeowner granting rotate access of the CCTV camera to the housemaid
UMA 2.0 in Action OAuth Resource Server Application (OAuth Client) Resource Owner Requesting Party Protection API Authorization API OAuth Authorization Server Register Resource Access Protected Resource Request Authorization Authorize to register resources Define policies Introspection API Validate RPT Result: RPT Result: PAT
Fine-grained Authorization with XACML ● Standard for attribute based access control ● Decouples authorization logic from the application code by introducing XML based policies ● Consists of 4 key components: ○ Policy Administration Point ○ Policy Decision Point ○ Policy Information Point ○ Policy Enforcement Point
Policy Store Policy Administration Point Policy Decision Point Identity Provider HR Application Policy Enforcement Point End-user Policy Information Point XACML in Action Entitlement Administrator CRUD Policies Do operation XACML Request
Open Policy Agent (OPA) Enforcement API : Service requests decisions Management API : Management pushes updates Service OPA Query Decision Data Policy
User Consent Management Change Consent Self Care Portal Consent Mgt API Identity Provider ConsentStorages End-user
User Data Exposure Export PII Self Care Portal PII Exposure API Identity Provider PIIStorages End-user Claims Security questions Consent receipts
THANK YOU wso2.com

Recommended

[WSO2Con EU 2018] Blockchain in the Business API Ecosystem - API Consumption ...
[WSO2Con EU 2018] Blockchain in the Business API Ecosystem - API Consumption ...[WSO2Con EU 2018] Blockchain in the Business API Ecosystem - API Consumption ...
[WSO2Con EU 2018] Blockchain in the Business API Ecosystem - API Consumption ...WSO2
 
[WSO2Con EU 2018] A New Service Architecture for Effective Business Services
[WSO2Con EU 2018] A New Service Architecture for Effective Business Services[WSO2Con EU 2018] A New Service Architecture for Effective Business Services
[WSO2Con EU 2018] A New Service Architecture for Effective Business ServicesWSO2
 
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...WSO2
 
[WSO2Con EU 2018] API-driven Integration with WSO2 at Schneider Electric
[WSO2Con EU 2018] API-driven Integration with WSO2 at Schneider Electric[WSO2Con EU 2018] API-driven Integration with WSO2 at Schneider Electric
[WSO2Con EU 2018] API-driven Integration with WSO2 at Schneider ElectricWSO2
 
apidays LIVE India - Asynchronous and Broadcasting APIs using Kafka by Rohit ...
apidays LIVE India - Asynchronous and Broadcasting APIs using Kafka by Rohit ...apidays LIVE India - Asynchronous and Broadcasting APIs using Kafka by Rohit ...
apidays LIVE India - Asynchronous and Broadcasting APIs using Kafka by Rohit ...apidays
 
Architecting SaaS
Architecting SaaSArchitecting SaaS
Architecting SaaSAxEdge Consulting
 
Gravitee.io
Gravitee.ioGravitee.io
Gravitee.ioKnoldus Inc.
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applicationskanimozhin
 

Recommended

[WSO2Con EU 2018] Blockchain in the Business API Ecosystem - API Consumption ...
[WSO2Con EU 2018] Blockchain in the Business API Ecosystem - API Consumption ...[WSO2Con EU 2018] Blockchain in the Business API Ecosystem - API Consumption ...
[WSO2Con EU 2018] Blockchain in the Business API Ecosystem - API Consumption ...WSO2
 
[WSO2Con EU 2018] A New Service Architecture for Effective Business Services
[WSO2Con EU 2018] A New Service Architecture for Effective Business Services[WSO2Con EU 2018] A New Service Architecture for Effective Business Services
[WSO2Con EU 2018] A New Service Architecture for Effective Business ServicesWSO2
 
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...
[WSO2Con EU 2018] Kicking Your Enterprise Security Up a Notch With Adaptive A...WSO2
 
[WSO2Con EU 2018] API-driven Integration with WSO2 at Schneider Electric
[WSO2Con EU 2018] API-driven Integration with WSO2 at Schneider Electric[WSO2Con EU 2018] API-driven Integration with WSO2 at Schneider Electric
[WSO2Con EU 2018] API-driven Integration with WSO2 at Schneider ElectricWSO2
 
apidays LIVE India - Asynchronous and Broadcasting APIs using Kafka by Rohit ...
apidays LIVE India - Asynchronous and Broadcasting APIs using Kafka by Rohit ...apidays LIVE India - Asynchronous and Broadcasting APIs using Kafka by Rohit ...
apidays LIVE India - Asynchronous and Broadcasting APIs using Kafka by Rohit ...apidays
 
Architecting SaaS
Architecting SaaSArchitecting SaaS
Architecting SaaSAxEdge Consulting
 
Gravitee.io
Gravitee.ioGravitee.io
Gravitee.ioKnoldus Inc.
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applicationskanimozhin
 
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...WSO2
 
[WSO2Con USA 2018] CIAM @ IDEXX: Changing the Auth Engine In-flight
[WSO2Con USA 2018] CIAM @ IDEXX: Changing the Auth Engine In-flight[WSO2Con USA 2018] CIAM @ IDEXX: Changing the Auth Engine In-flight
[WSO2Con USA 2018] CIAM @ IDEXX: Changing the Auth Engine In-flightWSO2
 
APIdays Paris 2019 - API Platform Architecture: What to know before going ope...
APIdays Paris 2019 - API Platform Architecture: What to know before going ope...APIdays Paris 2019 - API Platform Architecture: What to know before going ope...
APIdays Paris 2019 - API Platform Architecture: What to know before going ope...apidays
 
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...apidays
 
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...WSO2
 
Manage Content In-Place, Migrate as Needed for Records and Retention
Manage Content In-Place, Migrate as Needed for Records and Retention Manage Content In-Place, Migrate as Needed for Records and Retention
Manage Content In-Place, Migrate as Needed for Records and RetentionZia Consulting
 
Frictionless Adoption of Payment Services Directive (PSD2) with WSO2
Frictionless Adoption of Payment Services Directive (PSD2) with WSO2Frictionless Adoption of Payment Services Directive (PSD2) with WSO2
Frictionless Adoption of Payment Services Directive (PSD2) with WSO2WSO2
 
[WSO2 API Manager Community Call: Streaming API Support in WSO2 API Manager 4.0
[WSO2 API Manager Community Call: Streaming API Support in WSO2 API Manager 4.0[WSO2 API Manager Community Call: Streaming API Support in WSO2 API Manager 4.0
[WSO2 API Manager Community Call: Streaming API Support in WSO2 API Manager 4.0WSO2
 
apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...
apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...
apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...apidays
 
Identity Federation Patterns with WSO2 Identity Server​
Identity Federation Patterns with WSO2 Identity Server​Identity Federation Patterns with WSO2 Identity Server​
Identity Federation Patterns with WSO2 Identity Server​WSO2
 
WSO2 IoT Server - Product Overview
WSO2 IoT Server - Product OverviewWSO2 IoT Server - Product Overview
WSO2 IoT Server - Product OverviewWSO2
 
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...WSO2
 
OpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG UpdateOpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG UpdateBjorn Hjelm
 
What’s New in WSO2 IoT Server 3.1.0
What’s New in WSO2 IoT Server 3.1.0What’s New in WSO2 IoT Server 3.1.0
What’s New in WSO2 IoT Server 3.1.0WSO2
 
AN INTRODUCTION TO THE WSO2 IOT SERVER
AN INTRODUCTION TO THE WSO2 IOT SERVERAN INTRODUCTION TO THE WSO2 IOT SERVER
AN INTRODUCTION TO THE WSO2 IOT SERVERWSO2
 
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...apidays
 
Integrating Healthcare Applications with EMR Systems and Databases and Transf...
Integrating Healthcare Applications with EMR Systems and Databases and Transf...Integrating Healthcare Applications with EMR Systems and Databases and Transf...
Integrating Healthcare Applications with EMR Systems and Databases and Transf...WSO2
 
[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...
[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...
[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...WSO2
 
[WSO2Con EU 2018] Simplifying Digital Transformation with an "API Aware" Mindset
[WSO2Con EU 2018] Simplifying Digital Transformation with an "API Aware" Mindset[WSO2Con EU 2018] Simplifying Digital Transformation with an "API Aware" Mindset
[WSO2Con EU 2018] Simplifying Digital Transformation with an "API Aware" MindsetWSO2
 
WSO2 Open Healthcare Platform - Healthcare Interoperability Targeting the U.S...
WSO2 Open Healthcare Platform - Healthcare Interoperability Targeting the U.S...WSO2 Open Healthcare Platform - Healthcare Interoperability Targeting the U.S...
WSO2 Open Healthcare Platform - Healthcare Interoperability Targeting the U.S...WSO2
 
[WSO2Con USA 2018] Identity APIs is the New Black
[WSO2Con USA 2018] Identity APIs is the New Black[WSO2Con USA 2018] Identity APIs is the New Black
[WSO2Con USA 2018] Identity APIs is the New BlackWSO2
 
Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04Synacts
 

More Related Content

What's hot

[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...WSO2
 
[WSO2Con USA 2018] CIAM @ IDEXX: Changing the Auth Engine In-flight
[WSO2Con USA 2018] CIAM @ IDEXX: Changing the Auth Engine In-flight[WSO2Con USA 2018] CIAM @ IDEXX: Changing the Auth Engine In-flight
[WSO2Con USA 2018] CIAM @ IDEXX: Changing the Auth Engine In-flightWSO2
 
APIdays Paris 2019 - API Platform Architecture: What to know before going ope...
APIdays Paris 2019 - API Platform Architecture: What to know before going ope...APIdays Paris 2019 - API Platform Architecture: What to know before going ope...
APIdays Paris 2019 - API Platform Architecture: What to know before going ope...apidays
 
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...apidays
 
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...WSO2
 
Manage Content In-Place, Migrate as Needed for Records and Retention
Manage Content In-Place, Migrate as Needed for Records and Retention Manage Content In-Place, Migrate as Needed for Records and Retention
Manage Content In-Place, Migrate as Needed for Records and RetentionZia Consulting
 
Frictionless Adoption of Payment Services Directive (PSD2) with WSO2
Frictionless Adoption of Payment Services Directive (PSD2) with WSO2Frictionless Adoption of Payment Services Directive (PSD2) with WSO2
Frictionless Adoption of Payment Services Directive (PSD2) with WSO2WSO2
 
[WSO2 API Manager Community Call: Streaming API Support in WSO2 API Manager 4.0
[WSO2 API Manager Community Call: Streaming API Support in WSO2 API Manager 4.0[WSO2 API Manager Community Call: Streaming API Support in WSO2 API Manager 4.0
[WSO2 API Manager Community Call: Streaming API Support in WSO2 API Manager 4.0WSO2
 
apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...
apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...
apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...apidays
 
Identity Federation Patterns with WSO2 Identity Server​
Identity Federation Patterns with WSO2 Identity Server​Identity Federation Patterns with WSO2 Identity Server​
Identity Federation Patterns with WSO2 Identity Server​WSO2
 
WSO2 IoT Server - Product Overview
WSO2 IoT Server - Product OverviewWSO2 IoT Server - Product Overview
WSO2 IoT Server - Product OverviewWSO2
 
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...WSO2
 
OpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG UpdateOpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG UpdateBjorn Hjelm
 
What’s New in WSO2 IoT Server 3.1.0
What’s New in WSO2 IoT Server 3.1.0What’s New in WSO2 IoT Server 3.1.0
What’s New in WSO2 IoT Server 3.1.0WSO2
 
AN INTRODUCTION TO THE WSO2 IOT SERVER
AN INTRODUCTION TO THE WSO2 IOT SERVERAN INTRODUCTION TO THE WSO2 IOT SERVER
AN INTRODUCTION TO THE WSO2 IOT SERVERWSO2
 
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...apidays
 
Integrating Healthcare Applications with EMR Systems and Databases and Transf...
Integrating Healthcare Applications with EMR Systems and Databases and Transf...Integrating Healthcare Applications with EMR Systems and Databases and Transf...
Integrating Healthcare Applications with EMR Systems and Databases and Transf...WSO2
 
[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...
[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...
[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...WSO2
 
[WSO2Con EU 2018] Simplifying Digital Transformation with an "API Aware" Mindset
[WSO2Con EU 2018] Simplifying Digital Transformation with an "API Aware" Mindset[WSO2Con EU 2018] Simplifying Digital Transformation with an "API Aware" Mindset
[WSO2Con EU 2018] Simplifying Digital Transformation with an "API Aware" MindsetWSO2
 
WSO2 Open Healthcare Platform - Healthcare Interoperability Targeting the U.S...
WSO2 Open Healthcare Platform - Healthcare Interoperability Targeting the U.S...WSO2 Open Healthcare Platform - Healthcare Interoperability Targeting the U.S...
WSO2 Open Healthcare Platform - Healthcare Interoperability Targeting the U.S...WSO2
 

What's hot (20)

[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
[WSO2Con EU 2017] How API Management at Suva is Helping in Reducing Costs to ...
 
[WSO2Con USA 2018] CIAM @ IDEXX: Changing the Auth Engine In-flight
[WSO2Con USA 2018] CIAM @ IDEXX: Changing the Auth Engine In-flight[WSO2Con USA 2018] CIAM @ IDEXX: Changing the Auth Engine In-flight
[WSO2Con USA 2018] CIAM @ IDEXX: Changing the Auth Engine In-flight
 
APIdays Paris 2019 - API Platform Architecture: What to know before going ope...
APIdays Paris 2019 - API Platform Architecture: What to know before going ope...APIdays Paris 2019 - API Platform Architecture: What to know before going ope...
APIdays Paris 2019 - API Platform Architecture: What to know before going ope...
 
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
apidays LIVE Australia 2021 - Levelling up database security by thinking in A...
 
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
[APIdays Singapore 2019] Managing the API lifecycle with Open Source Technolo...
 
Manage Content In-Place, Migrate as Needed for Records and Retention
Manage Content In-Place, Migrate as Needed for Records and Retention Manage Content In-Place, Migrate as Needed for Records and Retention
Manage Content In-Place, Migrate as Needed for Records and Retention
 
Frictionless Adoption of Payment Services Directive (PSD2) with WSO2
Frictionless Adoption of Payment Services Directive (PSD2) with WSO2Frictionless Adoption of Payment Services Directive (PSD2) with WSO2
Frictionless Adoption of Payment Services Directive (PSD2) with WSO2
 
[WSO2 API Manager Community Call: Streaming API Support in WSO2 API Manager 4.0
[WSO2 API Manager Community Call: Streaming API Support in WSO2 API Manager 4.0[WSO2 API Manager Community Call: Streaming API Support in WSO2 API Manager 4.0
[WSO2 API Manager Community Call: Streaming API Support in WSO2 API Manager 4.0
 
apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...
apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...
apidays LIVE India - Digital Trust Infrastructure - Key to digital transforma...
 
Identity Federation Patterns with WSO2 Identity Server​
Identity Federation Patterns with WSO2 Identity Server​Identity Federation Patterns with WSO2 Identity Server​
Identity Federation Patterns with WSO2 Identity Server​
 
WSO2 IoT Server - Product Overview
WSO2 IoT Server - Product OverviewWSO2 IoT Server - Product Overview
WSO2 IoT Server - Product Overview
 
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
 
OpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG UpdateOpenID Foundation MODRNA WG Update
OpenID Foundation MODRNA WG Update
 
What’s New in WSO2 IoT Server 3.1.0
What’s New in WSO2 IoT Server 3.1.0What’s New in WSO2 IoT Server 3.1.0
What’s New in WSO2 IoT Server 3.1.0
 
AN INTRODUCTION TO THE WSO2 IOT SERVER
AN INTRODUCTION TO THE WSO2 IOT SERVERAN INTRODUCTION TO THE WSO2 IOT SERVER
AN INTRODUCTION TO THE WSO2 IOT SERVER
 
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...
apidays LIVE New York 2021 - Building Contextualized API Specifications by Bo...
 
Integrating Healthcare Applications with EMR Systems and Databases and Transf...
Integrating Healthcare Applications with EMR Systems and Databases and Transf...Integrating Healthcare Applications with EMR Systems and Databases and Transf...
Integrating Healthcare Applications with EMR Systems and Databases and Transf...
 
[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...
[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...
[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...
 
[WSO2Con EU 2018] Simplifying Digital Transformation with an "API Aware" Mindset
[WSO2Con EU 2018] Simplifying Digital Transformation with an "API Aware" Mindset[WSO2Con EU 2018] Simplifying Digital Transformation with an "API Aware" Mindset
[WSO2Con EU 2018] Simplifying Digital Transformation with an "API Aware" Mindset
 
WSO2 Open Healthcare Platform - Healthcare Interoperability Targeting the U.S...
WSO2 Open Healthcare Platform - Healthcare Interoperability Targeting the U.S...WSO2 Open Healthcare Platform - Healthcare Interoperability Targeting the U.S...
WSO2 Open Healthcare Platform - Healthcare Interoperability Targeting the U.S...
 

Similar to [WSO2Con EU 2018] Identity APIs is the New Black

[WSO2Con USA 2018] Identity APIs is the New Black
[WSO2Con USA 2018] Identity APIs is the New Black[WSO2Con USA 2018] Identity APIs is the New Black
[WSO2Con USA 2018] Identity APIs is the New BlackWSO2
 
Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04Synacts
 
Who’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and MobileWho’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and MobileNordic APIs
 
CIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John BradleyCIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John BradleyCloudIDSummit
 
Microservices security - jpmc tech fest 2018
Microservices security - jpmc tech fest 2018Microservices security - jpmc tech fest 2018
Microservices security - jpmc tech fest 2018MOnCloud
 
Federation Services
Federation ServicesFederation Services
Federation ServicesEmpowerID
 
Auth proxy pattern on Kubernetes
Auth proxy pattern on KubernetesAuth proxy pattern on Kubernetes
Auth proxy pattern on KubernetesMichał Wcisło
 
Identity for IoT: An Authentication Framework for the IoT
Identity for IoT: An Authentication Framework for the IoTIdentity for IoT: An Authentication Framework for the IoT
Identity for IoT: An Authentication Framework for the IoTAllSeen Alliance
 
Cartes Asia Dem 2010 V2
Cartes Asia Dem 2010 V2Cartes Asia Dem 2010 V2
Cartes Asia Dem 2010 V2Donald Malloy
 
OAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedOAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedCalvin Noronha
 
CIS14: Securing the Internet of Things with Open Standards
CIS14: Securing the Internet of Things with Open StandardsCIS14: Securing the Internet of Things with Open Standards
CIS14: Securing the Internet of Things with Open StandardsCloudIDSummit
 
Mobile Cloud Identity
Mobile Cloud IdentityMobile Cloud Identity
Mobile Cloud IdentityMark Diodati
 
Internet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsInternet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsGeorge Fletcher
 
Securing Microservices in Hybrid Cloud
Securing Microservices in Hybrid CloudSecuring Microservices in Hybrid Cloud
Securing Microservices in Hybrid CloudVMware Tanzu
 
Con8823 access management for the internet of things-final
Con8823 access management for the internet of things-finalCon8823 access management for the internet of things-final
Con8823 access management for the internet of things-finalOracleIDM
 
CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0CloudIDSummit
 
FIWARE Identity Management and Access Control
FIWARE Identity Management and Access ControlFIWARE Identity Management and Access Control
FIWARE Identity Management and Access ControlFernando Lopez Aguilar
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationSylvain Maret
 

Similar to [WSO2Con EU 2018] Identity APIs is the New Black (20)

[WSO2Con USA 2018] Identity APIs is the New Black
[WSO2Con USA 2018] Identity APIs is the New Black[WSO2Con USA 2018] Identity APIs is the New Black
[WSO2Con USA 2018] Identity APIs is the New Black
 
Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04
 
Who’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and MobileWho’s Knocking? Identity for APIs, Web and Mobile
Who’s Knocking? Identity for APIs, Web and Mobile
 
CIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John BradleyCIS 2015 Extreme OpenID Connect - John Bradley
CIS 2015 Extreme OpenID Connect - John Bradley
 
Microservices security - jpmc tech fest 2018
Microservices security - jpmc tech fest 2018Microservices security - jpmc tech fest 2018
Microservices security - jpmc tech fest 2018
 
Federation Services
Federation ServicesFederation Services
Federation Services
 
SSO Manager
SSO ManagerSSO Manager
SSO Manager
 
Auth proxy pattern on Kubernetes
Auth proxy pattern on KubernetesAuth proxy pattern on Kubernetes
Auth proxy pattern on Kubernetes
 
Identity for IoT: An Authentication Framework for the IoT
Identity for IoT: An Authentication Framework for the IoTIdentity for IoT: An Authentication Framework for the IoT
Identity for IoT: An Authentication Framework for the IoT
 
Cartes Asia Dem 2010 V2
Cartes Asia Dem 2010 V2Cartes Asia Dem 2010 V2
Cartes Asia Dem 2010 V2
 
OAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedOAuth with Salesforce - Demystified
OAuth with Salesforce - Demystified
 
CIS14: Securing the Internet of Things with Open Standards
CIS14: Securing the Internet of Things with Open StandardsCIS14: Securing the Internet of Things with Open Standards
CIS14: Securing the Internet of Things with Open Standards
 
Auth experience - vol 1.0
Auth experience - vol 1.0Auth experience - vol 1.0
Auth experience - vol 1.0
 
Mobile Cloud Identity
Mobile Cloud IdentityMobile Cloud Identity
Mobile Cloud Identity
 
Internet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsInternet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open Standards
 
Securing Microservices in Hybrid Cloud
Securing Microservices in Hybrid CloudSecuring Microservices in Hybrid Cloud
Securing Microservices in Hybrid Cloud
 
Con8823 access management for the internet of things-final
Con8823 access management for the internet of things-finalCon8823 access management for the internet of things-final
Con8823 access management for the internet of things-final
 
CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0
 
FIWARE Identity Management and Access Control
FIWARE Identity Management and Access ControlFIWARE Identity Management and Access Control
FIWARE Identity Management and Access Control
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web Application
 

More from WSO2

Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
How to Create a Service in Choreo
How to Create a Service in ChoreoHow to Create a Service in Choreo
How to Create a Service in ChoreoWSO2
 
Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023WSO2
 
Platform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzurePlatform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzureWSO2
 
GartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfGartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfWSO2
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in MinutesWSO2
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityWSO2
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...WSO2
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfWSO2
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoWSO2
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsWSO2
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital BusinessesWSO2
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)WSO2
 
Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformationWSO2
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesWSO2
 
Building a Future-ready Bank
Building a Future-ready BankBuilding a Future-ready Bank
Building a Future-ready BankWSO2
 
WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIsWSO2
 
[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native DeploymentWSO2
 
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”WSO2
 

More from WSO2 (20)

Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
How to Create a Service in Choreo
How to Create a Service in ChoreoHow to Create a Service in Choreo
How to Create a Service in Choreo
 
Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023
 
Platform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzurePlatform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on Azure
 
GartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfGartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdf
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos Identity
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdf
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing Choreo
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected Products
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
 
Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking Experiences
 
Building a Future-ready Bank
Building a Future-ready BankBuilding a Future-ready Bank
Building a Future-ready Bank
 
WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs
 
[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment
 
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 

Recently uploaded (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 

[WSO2Con EU 2018] Identity APIs is the New Black

  • 1. VP Engineering, WSO2 Identity APIs is the New Black S. Uthaiyashankar
  • 3. Story of Kermit Corporation LDAP HR Application Payroll Application License Application AD RDB Kermit Corp John John Li JohnL
  • 4. Siloed IAM - Centralized but Proprietary Payroll Application Identity Provider HR Application License Application Kermit Corp FinOrg CRM Application Kermit Proprietary Kermit Proprietary Kermit Proprietary
  • 5. ● Same physical user digitally represented in different siloes with different credentials ● No single sign-on across silos ● Higher probability of identity mismanagement ● Identity integrations across department/enterprise borders are difficult or impossible IAM Challenges in Kermit Corp
  • 6. Centralized IAM - Standard APIs Payroll Application Identity Provider HR Application License Application Kermit Corp FinOrg CRM Application SAML SSO / SCIM / OAuth OpenID Connect / SCIM WS-Fed / SCIM OpenID Connect / SCIM
  • 7. Dave is Not Happy Yet!
  • 8. Customer (is the king!) IAM ● Social login and BYOI ● Seamless experience across devices (Omnichannel) ● Privacy ○ Consent management ○ Ownership of user information ● Party-to-party delegation
  • 9. Self Care Portal Identity Provider Retail Application Cloud OIDC OpenID Connect / SCIM / Consent Receipt Customer CRM SCIM Kermit Corp CIAM at a Glance
  • 10. Business Success Seamless Experience Customer Satisfaction Identity Integrations Identity APIs
  • 12. Next Big Challenge -> Identity of Things ● Dynamic device registration ● Device to device authentication ● Delegation of device access
  • 14. User Provisioning with SCIM Self Care Portal Identity Provider Foo Org Zee Org Identity Provider Bar Org Identity Provider SCIM SCIM SCIM Inbound Outbound Inbound
  • 15. Delegated Authorization with OAuth 2.0 Authorization Code Grant Suitable for web applications SAML Bearer Grant Suitable for apps already using SAML SSO for authentication JWT Grant Suitable for apps already using a JWT mechanism for authentication Client Credentials Grant Suitable to retrieve data not specific to end users - e.g. Weather/Stocks - and for machine-to-machine communications
  • 16. Application (OAuth Client) OAuth Authorization Server 2 3 4 1 5 6 7 8 Authz Code Grant Flow OAuth Resource Server Introspect Authenticate + Consent 302 Access Token Rq Access Token Access Token Access Token Resource Request Prerequisite Client application registered with the Authz Server manually or via Dynamic Client Registration Resource Owner Authz Code
  • 17. Authentication with OIDC ● OpenID Connect was created on top of OAuth 2.0 to provide an identity layer ● Introduces a new scope named “openid” ● Introduces a new token named ID Token, containing user claims ● Introduces a new endpoint named ‘userinfo’, to fetch additional user claims
  • 18. OIDC Flow Application (OAuth Client) OAuth Authorization Server Resource Owner 2 3 4 1 5 6 9 OAuth Resource Server Introspect Authz Code 302 Access Token Rq Access Token ID Token User Info Request 7 Access Token Access Token 8 Access Token Resource Request scope=openid Authenticate + Consent
  • 19. Party-to-party Delegation with UMA 2.0 ● Developed on top of OAuth 2.0 ● Introduces an entity named ‘Requesting Party’, and two access tokens named ‘Protection API token’ (PAT) and ‘Requesting Party Token’ (RPT) ● Lots of use cases in CIAM and IoT: ○ E.g. A patient granting access to Doctor and Insurer to their health records ○ E.g. Homeowner granting rotate access of the CCTV camera to the housemaid
  • 20. UMA 2.0 in Action OAuth Resource Server Application (OAuth Client) Resource Owner Requesting Party Protection API Authorization API OAuth Authorization Server Register Resource Access Protected Resource Request Authorization Authorize to register resources Define policies Introspection API Validate RPT Result: RPT Result: PAT
  • 21. Fine-grained Authorization with XACML ● Standard for attribute based access control ● Decouples authorization logic from the application code by introducing XML based policies ● Consists of 4 key components: ○ Policy Administration Point ○ Policy Decision Point ○ Policy Information Point ○ Policy Enforcement Point
  • 22. Policy Store Policy Administration Point Policy Decision Point Identity Provider HR Application Policy Enforcement Point End-user Policy Information Point XACML in Action Entitlement Administrator CRUD Policies Do operation XACML Request
  • 23. Open Policy Agent (OPA) Enforcement API : Service requests decisions Management API : Management pushes updates Service OPA Query Decision Data Policy
  • 24. User Consent Management Change Consent Self Care Portal Consent Mgt API Identity Provider ConsentStorages End-user
  • 25. User Data Exposure Export PII Self Care Portal PII Exposure API Identity Provider PIIStorages End-user Claims Security questions Consent receipts