Enterprise Identity and Access Management
Combined Session
Thursday, May 08, 2025 12:05—13:05
Location: A 03-04
Thursday, May 08, 2025 12:05—13:05
Location: A 03-04
In the ever-evolving landscape of identity and access management, interoperability can be a challenge. The Interoperability Profiling for Secure Identity in the Enterprise (IPSIE) standard, a new initiative by the OpenID Foundation, aims to reduce integration headaches and strengthen security. This session, “Less Oopsie with IPSIE,” will explore the motivations behind IPSIE’s creation, its current status, and the roadmap for its development.
Attendees will gain insights into how IPSIE minimizes optionality in existing identity specifications like OpenID Connect, SAML, and SCIM, enabling seamless integration across enterprise applications.
Whether you’re a developer, architect, or security professional, this session will illuminate how IPSIE addresses key pain points in enterprise identity management. Don’t miss this opportunity to stay ahead of the curve and make fewer “oopsies” with IPSIE!
The return on investment (ROI) for issuers, holders, and verifiers is attractive at first glance, particularly in enterprise services like Employee Assistance Programs (EAPs) or expense management platforms where it has such potential for user experience improvements. But a closer look reveals a set of tradeoffs complicating the effort:
Cutting down on Personally Identifiable Information (PII) and boosting security are big draws, but the cost and complexity of managing a decentralized identity system can easily outweigh the benefits for most companies. Moving from file syncing to VCs sounds great, but it means overhauling the digital infrastructure, and not every organization sees the value in doing that. (would love a third item here, just for a set of three, but again that's style, not substance)
This session will dig into the realities of enterprise adoption—what the ROI really looks like, what roadblocks are in the way, and how organizations can start making smarter decisions about whether VCs are worth the investment.
Identity is only as useful as it is current. A shift to continuous identity demands mutli-lateral, real-time coordination between identity domains, and drove the creation of an event-based approach for SCIM. We'll use an open source demo to introduce the standard and its use cases that support not only synchronization, but privacy, authorization policy, and security.