02-27, 10:00–10:30 (UTC), Ríma
This session explores building an API-centric authentication layer for the OAuth 2.0 for First-Party Applications specification. Discusses an authentication API designed to handle diverse authentication needs in a flexible, API-driven manner.
OAuth 2.0, paired with OpenID Connect, is the standard for user authentication. However, its reliance on browser redirects for communication among parties often results in a suboptimal user experience particularly for native applications. This has led developers to seek alternative, and sometimes less secure, methods to implement OAuth in an API-centric manner.
The upcoming “OAuth 2.0 for First-Party Applications” specification aims to bridge this gap by introducing an extension to OAuth for API-centric authorization. However, the scope of OAuth 2.0 for FiPA does not include user authentication in an API-centric way. This session will dive into bridging this gap by designing a flexible, API-centric authentication layer to complement the OAuth 2.0 for First-Party Applications specification.
The session will explore:
- Designing an API-centric authentication layer that supports various authentication methods such as passkeys, Email OTP, social logins, etc. in a generic manner.
- Handling multi-factor authentication (MFA).
- Handling multi-option selection for authentication.
- Handling social and enterprise federated login scenarios.
- Leveraging the authentication API to dynamically build UI representations in login interfaces.
The session will include a demo showcasing a mobile application that integrates the discussed authentication API. It will show the enhanced user login experience that can be achieved when implementing OAuth 2.0 for First-Party Application specification along with an authentication API as discussed in this session.
Janak is a Software Engineer and a Technical Lead at WSO2, where he focuses on the design and development of the Identity and Access Management solution. With over six years of experience in the IAM domain, he is passionate about creating secure, user-centric, and scalable systems. Through his work, he strives to advance IAM solutions, helping organizations deliver secure and seamless digital experiences. Janak currently leads the authentication and registration aspects of the Identity and Access Management team.