From federation to fabric: IAM’s evolution

In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that […]

The post From federation to fabric: IAM’s evolution appeared first on Security Intelligence.

Continue reading From federation to fabric: IAM’s evolution

From federation to fabric: IAM’s evolution

In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that […]

The post From federation to fabric: IAM’s evolution appeared first on Security Intelligence.

Continue reading From federation to fabric: IAM’s evolution

I want to join our organisation AD with a recently acquired company’s AD for federated access. What are the security risks I should consider?

As per the title. What risks and controls should I consider? Are there any questions i need to ask the external party AD before setting up the ‘Trust’ between the 2 ADs?

Continue reading I want to join our organisation AD with a recently acquired company’s AD for federated access. What are the security risks I should consider?

App-to-app or service-to-service authentication using federated login

I have an application Foo that exposes a web-based portal as well as a REST API service via HTTPS.
When a human user connects to the app Foo to use its web-based portal, the human user is first redirected to an OAuth2-based login page. Onc… Continue reading App-to-app or service-to-service authentication using federated login