Welcome to OWASP AppSec 2018 USA we look forward to seeing you in San Jose, CA
Back To Schedule
Thursday, October 11 • 10:15am - 10:50am
Authentication as a Microservice: Portable Customer Identity Management

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Authentication is a core piece of many applications but it has traditionally been handled in a monolithic manner. Foreign keys to the user table and join tables for roles and permissions is the most common mechanism that applications use to manage user data. Moving to microservices means that applications now need to decouple authentication, user management, and user data. To accomplish this, a portable identity model is required.
In this session, we will discuss the advantages of a microservice architecture, as well as the most common pitfalls including increased network chatter and various security issues. I’ll cover the basics of authentication and authorization as a microservice and JWT revocation. The goal is to allow developers to primarily focus on code and move away from infrastructure concerns.

avatar for Brian Pontarelli

Brian Pontarelli

CEO, FusionAuth and CleanSpeak
Brian Pontarelli is founder and CEO of Inversoft, a Denver-based provider of platform technologies built to help companies manage, moderate and engage their customers. These technologies include Passport, a modern identity and user management API that provides login, registration... Read More →

Thursday October 11, 2018 10:15am - 10:50am PDT
  Gold, Beginner
  • NEW FIELD 1 Track 3