In this episode of Identity, Unlocked, principal architect at Auth0 and podcast host Vittorio Bertocci focuses on OpenID foundation’s FastFederation (FastFed) group. Vittorio chats with Darin McAdams, a software engineer at AWS and the author of FastFed’s specifications, to explore how FastFed is looking to shorten the time it takes to join organizations into a federation.
Darin explains that Dick Hardt, one of the founders of FastFed, zeroed in on him to edit and draft the spec for FastFed. Darin began at the beginning, creating a sample G Suite and trying to set up a federation between both AWS and Salesforce. When he finally arrived at a place to begin joining the orgs, he was stuck - the first line, the first page, the needle scratches, and he doesn’t know how to proceed.
Eventually, after reading the SAML specs and following Google’s directions for integration, a long drawn out process of over 40 steps, Darin was finally able to integrate his sample G Suite with AWS, but never Salesforce. It became clear to him this process could be made much faster through automation.
FastFed is going after integrating a push-button single-sign-on experience for users of a federation, and to do so, they have to develop the communication between different authentication programs used by the organizations. FastFed also runs into the complications of communicating between identity providers, enterprise security preferences, and creating trust between the orgs.
Darin and Vittorio dive into more details of the problems faced creating FastFed and scaling down a program with a vast scope into a push-button user experience.
Darin explains how he discovered the problem FastFed is trying to solve:
How FastFed is looking to make the problem better:
Darin discusses the logical problems FastFed had to solve:
SCIM’ing the problem. Funneling the multiple implications of SCIM into a single solution:
Darin calls on engineers:
Identity, Unlocked is the podcast that discusses identity specs and trends from a developer perspective. Identity, Unlocked is powered by Auth0. Vittorio Bertocci is Principal Architect at Auth0 and applies his vast knowledge of the identity industry to Auth0 in all aspects of the company, including internal and external education, product innovation, and customer integration.
Auth0 provides a platform to authenticate, authorize, and secure access for applications, devices, and users. Security and application teams rely on Auth0s simplicity, extensibility, and expertise to make identity work for everyone. Safeguarding billions of login transactions each month, Auth0 secures identities so innovators can innovate, and empowers global enterprises to deliver trusted, superior digital experiences to their customers around the world.