Authentication as a Microservice: Portable Customer Identity Management - Brian Pontarelli
Authentication is a core piece of many applications but it has traditionally been handled in a monolithic manner. Foreign keys to the user table and join tables for roles and permissions is the most common mechanism that applications use to manage user data. Moving to microservices means that applications now need to decouple authentication, user management, and user data. To accomplish this, a portable identity model is required.
In this session, we will discuss the advantages of a microservice architecture, as well as the most common pitfalls including increased network chatter and various security issues. I'll cover the basics of authentication and authorization as a microservice and JWT revocation. The goal is to allow developers to primarily focus on code and move away from infrastructure concerns.
Speaker
Brian Pontarelli
CEO, Inversoft
Brian Pontarelli is founder and CEO of Inversoft, a Denver-based provider of platform technologies built to help companies manage, moderate and engage their customers. These technologies include Passport, a modern identity and user management API that provides login, registration
-
Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP...