Early-bird Discount
expires in
Register Now


B2B, CIAM, OAuth 2

B2B, CIAM, OAuth 2

Combined Session
Wednesday, June 05, 2024 14:30—15:30
Location: A 03-04

Business to Business (B2B) Delegated Client Authorisation Using OAuth 2.0

With the growing exposure of digital services and assets through application programming interfaces (APIs) and the emergence of the API Economy, entire business models are starting to be built around APIs. Increasingly, APIs are designed to be used externally as part of an organisation’s service delivery model.

The adoption of the OAuth protocol has allowed consumer-to-business (C2B) integrations to authorise access to APIs in a standardised way. However, business-to-business (B2B) integrations using OAuth are now rapidly growing, and as API ecosystems become more complex, there is an urgent need for further standardisation. Although OAuth supports direct B2B integration, there is no standard way to implement delegated B2B authorisation because OAuth delegation was primarily designed for C2B integration where the resource owner is an individual consumer.

There are use cases where, for an online business to provide services to their customers, they need authorised access to resources owned by the customer organisation at third-party resource providers.

In this session, we will explore how OAuth and its extensions, such as rich authorisation requests and token exchange grant types, can be used to allow a resource owner client to dynamically delegate access to its resources to another client using delegated B2B authorisation.

The presentation will cover the following topics:

  • Business use case for B2B delegated authorisation
  • Brief overview of the OAuth 2.0 protocol
  • Proposed enhancements to the OAuth 2.0 standard to achieve interoperable B2B delegated authorisation
  • Security considerations
Igor Janicijevic
Principal Engineer, Digital Access
National Australia Bank
Igor Janicijevic is Principal Engineer at National Australia Bank (NAB), where he focuses on digital identity and access management. Prior to NAB he spent 15 years at SecureNet / Betrusted /...
B2B Identity: How the Companies of the HTI Group Took Digitalization to the Next Level

The companies of the HTI Group combine innovative solutions and sustainable products in the fields of winter sports technology, urban mobility, material transport, snow and vegetation management, as well as renewable energies. As developers and manufacturers, the companies of HTI are drivers of innovation and are active worldwide. Their products and solutions need to perform reliably and safely in remote areas, often under extreme environments. Operational excellence is core to the value that they deliver to their business customers. Their customers operate in dynamic environments and experience surges in demand during peak seasons, making it crucial to have a resilient on-boarding/off-boarding process for business users to operate and manage their equipment safely and reliably. Join us in this session to learn how the HTI Group built a more reliable experience for thousands of business customers and partners – helping their customers minimize downtime; protecting their revenue; and building more trust with their end consumers.

Hannes Stockner
Head of Data Integration
HTI Services
Hannes has worked as a Software Developer for various companies in Vienna, Hamburg, Zurich and London. His focus in the last years has been on developing Internet of Things (IoT) applications and...
Fostering Trust in Global Automotive Supply Chains Through DID and SSI

In a world that's becoming increasingly interconnected, establishing trust within global networks is both a critical challenge and a foundational necessity for successful collaboration and secure data exchange. The emergence of Self-Sovereign Identity (SSI) and Decentralized Identifiers (DID) has introduced new paradigms for digital identity that empower individuals and organizations with greater control and privacy while also ensuring interoperability and trust at scale.

This talk delves into how SSI and DID can be leveraged to create a more secure and trustworthy framework for identity verification and management within global automotive network Catena-X. We will explore how these technologies facilitate seamless interactions by enabling legal entities to present verifiable credentials in a peer-to-peer manner without the need for a central authority.

Matthias Buchhorn-Roth
Product Lead
My team and I operate the data space for the Catena-X global automotive supply chain network, addressing pressing challenges such as carbon emissions, sustainable resource management, comprehensive...
Hakan Yildiz
Decentralized Digital Identity Architect
I am a Digital Identity Architect specializing in Decentralized Digital Identities (DDI), also known as Self-Sovereign Identities (SSI). I assist organizations across various sectors to integrate...
Secure your ticket
Be quick before the Early-bird Discount expires in
00d 00h 00m 00 s
Get a ticket
Almost Ready to Join EIC 2024?
Reach out to our team with any remaining questions
Get in touch