Building an Identity Architecture

Free Online Course. Register and start learning right away.

This online four-part course is focused on best practices to build a centralized and modular identity architecture based on open standards. You get a comprehensive introduction to the Neo-security concepts and how you can use them to create a secure architecture to protect and assert legitimate access to APIs, services, and applications on the web and mobile. It manages identities, governs the issuance of tokens, and is responsible for federation—critical for building a secure and scalable platform.

Each session is approximately 20 minutes long.

Course outline

Session 1: Introduction to Neo-Security

In the first session, we will introduce you to the concept of Neo-security and then take a closer look at the three main parts of the systems that adhere to it:

The Identity Management System
The API Management System
The Entitlement Management System

Session 2: API Integration Patterns

In this part, we will look at API integration patterns and how to properly secure your APIs in the Neo-security architecture. We will talk about:

The Phantom token flow
The Split token flow
Proof-of-Possession tokens

Session 3: API Integration Patterns (cont.)

In the third part of the Building an Identity Architecture course, we continue learning about the different API integration patterns. We will take a closer look at:

How to organize scopes and claims
Levels of enforcement
Token sharing techniques, when APIs talk to each other
Dealing with entitlement

Session 4: Identities and Access Management

In the fourth and last part of the Building an Identity Architecture course, we examine identities and access management, the details of authentication. In the session, we share:

Insight on user identities
Theory of the authentication process
The relationship between authentication and authorization
An overview of federation

Presented by:

Michal Trojanowski

Product Marketing Engineer at Curity