This event has ended. Visit the official site or create your own event on Sched.
Back To Schedule
Wednesday, October 11 • 17:35 - 18:05
UAA Project Updates and Roadmap - Sree Tummidi, Pivotal

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Cloud Foundry UAA has been continually expanding its horizons to secure not just the core CF platform but also Apps and APIs running on and off the platform. In this talk we will start off with a brief overview of UAA in the CF ecosystem followed by feature highlights including:

OpenID Connect Enhancements:
Multiple enhancements around OpenID Connect have been introduced for UAA as an Identity Provider and Relying Party including support for discovery profile, custom user claims in id_token and /userinfo , account chooser, authentication method reference and much more.

Keys and Secrets Rotation:
At last year’s CF Summit Justin Smith introduced his vision for Cloud Native Security with three R’s(https://www.youtube.com/watch?v=NUXpz0Dni50). Now UAA supports canary style rotation of signing keys and OAuth clients secrets and will soon add support for rotation of SAML Keys.

Opaque Tokens:
UAA since its inception has supported JSON Web Tokens which has the advantage of offline validation. However with the the addition of stateful opaque tokens UAA now supports on-demand token revocation.

In addition to this we will also provide a sneak peek of the UAA roadmap with features like Multi-Factor Authentication, additional token exchange flows and fine grained authorization support.

avatar for Sree Tummidi

Sree Tummidi

Sr. Manager Product Management, Pivotal
Sree Tummidi is currently the Product Lead for Security at Pivotal. She has been with Pivotal for 4+ years driving the open source and proprietary roadmap for security including product management of Cloud Foundry UAA. She brings in more than 14 years of experience in the security... Read More →

Wednesday October 11, 2017 17:35 - 18:05 CEST
Shanghai, Ground Floor