- Großer Saal
Securing account and identity data is one of the biggest challanges in the web industry. Weekly we receive reports from websites that have been compromised, there are details of millions (https://www.pwnedlist.com/) of leaked accounts available for everyone who is interested. Delivering functional focussed websites often does not allow the developers to work on security features in detail. With the prominent market standards OAuth2 and SCIMv2 it becomes easy to protect identity data for everyone. The talk will have three focus areas: 1. Why do we need standard based options for secure identity management. 2. Details on the market standards OAuth2 and SCIMv2. 3. An example scenario based on a MIT licenced OAuth2/SCIMv2 backend.