As the enterprise Identity landscape becomes more complex, it's important to centralize the authentication and authorization functionality around a core set of APIs and services. User experience benefits as a single set of authentication credentials and policies can be applied across multiple enterprise products. As many of these products move to mobile based applications, the need for long term authorization grows and the policies around session management change. This talk will explore AOL's path of moving from an internal application specific SSO mechanism to one based on OpenID Connect and OAuth2.
Key Takeaways:
1. Identity standards are applicable within the enterprise
2. Impacts of a mobile first strategy on enterprise infrastructure
3. Dealing with pseudo-multi-tenancy