SlideShare uma empresa Scribd logo

Single Sign-On Best Practices

Salesforce Developers
Salesforce Developers
1 de 29
Baixar para ler offline
Single Sign-On Best Practices Developer Track Suchin Rengan Shesh Kondi Director, Technical Solutions Architect Cloud Solutions Architect @sacrengan @sheshzilla
Safe Harbor Safe harbor statement under the Private Securities Litigation Reform Act of 1995: This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the forward- looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any projections of product or service availability, subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services. The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, new products and services, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the outcome of intellectual property and other litigation, risks associated with possible mergers and acquisitions, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, our limited history reselling non-salesforce.com products, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is included in our annual report on Form 10-Q for the most recent fiscal quarter ended July 31, 2012. This documents and others containing important disclosures are available on the SEC Filings section of the Investor Information section of our Web site. Any unreleased services or features referenced in this or other presentations, press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements.
Why are we here? • To discuss • Different Mechanisms for Authentication • When to choose what protocol • Best practice for implementations • To help you understand • Single Sign-On Using SAML 2.0 • API access using OAuth • Authentication Providers • To demonstrate • The amazing things that can be built using our Authentication services
What is Single Sign On? Per wikipedia.. Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them In simple terms.. Ability for systems to establish Authentication using a mutually agreed upon an identity mechanism
Authentication Mechanisms Suchin Rengan
Username / Password Authentication • The out-of-the-box experience • Salesforce hosts the authentication interface • Flexible policies • Mobile ready ① User sends credentials to Salesforce ② Salesforce authenticates user in our database and user is granted session to Salesforce
What is SAML? • The Standard for Federated Single Sign-On • OASIS Standard: Commercial & Open Source support • Authentication interface is hosted by customer ① User requests a secure resource ② Salesforce.com redirects to Customer IDP ③ Customer authenticates user ④ User returns to Salesforce.com with SAML and is granted session * If you’re logged into the Dreamforce org, you’ve used SAML!
What is Delegated Authentication? • SOAP based protocol for “Single Login” • Salesforce only: Minimal commercial support • Salesforce hosts the authentication interface ① User sends credentials to Salesforce ② Salesforce sends credentials to Customer ③ Customer authenticates user and replies “true” ④ User is granted session to Salesforce
What is OAuth? • An open protocol to allow secure API access in a simple, standard method from desktop/web applications • Standard track in IETF • Integrates with previous authentication mechanisms ① App redirects user to Salesforce ② Salesforce authenticates user ③ Saleforce redirects user back to app with code ④ App sends code to Salesforce ⑤ Salesforce issues session ⑥ App accesses API
When do I use what? • UserId/Password • When you just want the basics • SAML • Single Sign-On for the web and applications • SAML provides the best commercial support • SAML provides re-use across other Cloud services • OAuth • Building an API client or connected application (including Mobile) • Delegated Auth • SF Mobile CRM and older API clients with your own credentials * Not mutually exclusive…you can mix and match
Customer Poll/ Question If you want to use your Active Directory credentials to use Salesforce for Outlook what mechanism would you use? A. Username / Password B. SAML C. OAuth D. Delegated Authentication
SSO in Action Shesh Kondi Suchin Rengan
How about using a Corporate Identity for Employees? Identity Provider (IDP) Service Provider (SP) MyDomain: A sub-domain used to access a specific SF Organization. Example: https://acme- 1. Generate SAML token and send 2. Validate SAML and generate developer.my.salesforce.com response to Salesforce session
Provisioning Users So, how we get the users in Salesforce??  Manually…. But that doesn’t cut for large organizations  API… But that takes code and maintenance  Just In Time Provisioning (SAML JIT)
What about Multiple Salesforce Orgs? Identity Provider (IDP) Service Provider (SP) Service Provider (SP)
…and an org can even be an IDP… Identity Provider (IDP) Service Provider (SP) Service Provider (SP)
How about bookmarks? 1. Request Resource. Redirect to IDP 2. Send SAML Request 3. Authenticate. Send SAML Response 4. Validate SAML. Generate session Identity Provider (IDP) Service Provider (SP) 4 2 3 1
How about Employees use Mobile? 1. User Posts Credentials 2. User get’s session
Salesforce as an IDP for a Third Party SP Identity Provider (IDP) Service Provider (SP) Service Provider (SP)
What about Single Sign-On for Partners? Identity Provider (IDP) Partner Portal 1. Generate SAML and send to 2. Validate SAML and generate Salesforce session Same as IDP Initiated SAML, but with 2 additional attributes Send these in attribute statement: organization_id & portal_id
What about the Consumers? Social Sign On  Login using ‘Social’ Credentials  Facebook and Janrain Authentication Providers  Link Accounts  Dyanamic Provisioning
How about using Social credentials for Salesforce access? 1. Authenticate and Link accounts 2. Allow Salesforce access
SSO Best Practices Suchin Rengan
Best Practices Develop troubleshooting practices for SSO failures  SSO is in critical path since no login means no access to users Citi SSO SAML Issues Troubleshooting Process SAML SSO Issue is Reported Gather Information: - User Id - Error Message Check the Login Type “SAML Idp Initiated SSO” Any Login Error NO Is User Profile Make appropriate Message in User’s Configured with changes to User Login History? Proper Federation Id? Profile Error Messages like: - Failed: Issuer Mismatched - Failed: Certificate Mismathed YES YES NO Talk to Citi STS NO team and get SAML Setting Is SAML Token their help in Related Issue? (1) Valid? (2) resolution of the issue YES YES Make appropriate changes to SAML Settings If necessary open support ticket with SFDC Error Messages like: - Failed: Audience Mismatched - Failed: Recipient Mismatched - Failed: Certificate Mismatched Verify if it resolves the issue ADDITIONAL NOTES 1) For Certificate related issues, verify Certificate that is uploaded under SAML settings 2) A SAML Token can be validated using the SAML Token Debugger tool that is accessible on the SAML Settings Screen 3) Replay related issue is a temporary issue and happens if multiple SAML requests for the same user is made
SAML Best Practices – Prevent Failures • Make sure the IDP server is on a high available environment • Be proactive with regards to certificate (Salesforce and client) expirations • Check for any time skews that may lead to inconsistent timeout/ session creation issues • Implement custom logout, error pages to present custom messages instead of defaults • TEST and TEST and TEST
SAML Best Practices – Reliable & Scalable • Use Federation Id instead of SF username as subject Id • Identity based on login and no mapping required to know SF username • Login post is org specific and hence no time needed by SF to resolve org instance • Disabling users from directly logging into SF if SAML is enabled • Enable DA and implement a service that always return false • Use the “My Domains” feature and redirect the user when attempting to login directly. Also, disable flag that allows users to log into Salesforce.com directly  Administrators should be excluded from SSO
Where do we go from here? Learn more on developer force: • http://wiki.developerforce.com/index.php/Single_Sign- On_for_Desktop_and_Mobile_Applications_using_SAML_and_OAuth • http://wiki.developerforce.com/index.php/CRC:SSO Attend these sessions: • Hands-on Training: Enable Single Sign-on with SAML Thursday, September 20th: 3:00 PM - 4:00 PM • Authentication with OAuth and Connected Apps Thursday, September 20th: 10:30 AM - 11:30 AM
Suchin Rengan Shesh Kondi @sacrengan @sheshzilla
Single Sign-On Best Practices

Recomendados

Salesforce Identity Management
Salesforce Identity ManagementSalesforce Identity Management
Salesforce Identity ManagementJayant Jindal
 
Single Sign On Considerations
Single Sign On ConsiderationsSingle Sign On Considerations
Single Sign On ConsiderationsVenkat Gattamaneni
 
Single Sign-On and User Provisioning with Salesforce Identity
Single Sign-On and User Provisioning with Salesforce IdentitySingle Sign-On and User Provisioning with Salesforce Identity
Single Sign-On and User Provisioning with Salesforce IdentitySalesforce Developers
 
Introduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelIntroduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelSalesforce Developers
 
Deep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected AppsDeep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected AppsSalesforce Developers
 
Oracle api gateway overview
Oracle api gateway overviewOracle api gateway overview
Oracle api gateway overviewOracle Corporation
 
Salesforce.com Org Migration Overview
Salesforce.com Org Migration OverviewSalesforce.com Org Migration Overview
Salesforce.com Org Migration OverviewShell Black
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSOAjit Dadresa
 

Recomendados

Salesforce Identity Management
Salesforce Identity ManagementSalesforce Identity Management
Salesforce Identity ManagementJayant Jindal
 
Single Sign On Considerations
Single Sign On ConsiderationsSingle Sign On Considerations
Single Sign On ConsiderationsVenkat Gattamaneni
 
Single Sign-On and User Provisioning with Salesforce Identity
Single Sign-On and User Provisioning with Salesforce IdentitySingle Sign-On and User Provisioning with Salesforce Identity
Single Sign-On and User Provisioning with Salesforce IdentitySalesforce Developers
 
Introduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelIntroduction to the Salesforce Security Model
Introduction to the Salesforce Security ModelSalesforce Developers
 
Deep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected AppsDeep Dive into OAuth for Connected Apps
Deep Dive into OAuth for Connected AppsSalesforce Developers
 
Oracle api gateway overview
Oracle api gateway overviewOracle api gateway overview
Oracle api gateway overviewOracle Corporation
 
Salesforce.com Org Migration Overview
Salesforce.com Org Migration OverviewSalesforce.com Org Migration Overview
Salesforce.com Org Migration OverviewShell Black
 
Single sign on - SSO
Single sign on - SSOSingle sign on - SSO
Single sign on - SSOAjit Dadresa
 
Sales Cloud Best Practices
Sales Cloud Best PracticesSales Cloud Best Practices
Sales Cloud Best PracticesSales Support Systematics Sp. z o.o.
 
OAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedOAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedCalvin Noronha
 
Introducing the Salesforce platform
Introducing the Salesforce platformIntroducing the Salesforce platform
Introducing the Salesforce platformJohn Stevenson
 
Salesforce Community Cloud
Salesforce Community CloudSalesforce Community Cloud
Salesforce Community CloudJayant Jindal
 
Salesforce sales cloud solutions
Salesforce sales cloud solutionsSalesforce sales cloud solutions
Salesforce sales cloud solutionsJanBask LLC
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsJohn Bauer
 
Getting started with Salesforce security
Getting started with Salesforce securityGetting started with Salesforce security
Getting started with Salesforce securitySalesforce Admins
 
Salesforce Application Lifecycle Management presented to EA Forum by Sam Garf...
Salesforce Application Lifecycle Management presented to EA Forum by Sam Garf...Salesforce Application Lifecycle Management presented to EA Forum by Sam Garf...
Salesforce Application Lifecycle Management presented to EA Forum by Sam Garf...Sam Garforth
 
Partner Community User Guide for Consulting Partners
Partner Community User Guide for Consulting PartnersPartner Community User Guide for Consulting Partners
Partner Community User Guide for Consulting PartnersSalesforce Partners
 
Session 1: INTRODUCTION TO SALESFORCE
Session 1: INTRODUCTION TO SALESFORCESession 1: INTRODUCTION TO SALESFORCE
Session 1: INTRODUCTION TO SALESFORCESmritiSharan1
 
Data model in salesforce
Data model in salesforceData model in salesforce
Data model in salesforceChamil Madusanka
 
Salesforce Communities
Salesforce CommunitiesSalesforce Communities
Salesforce CommunitiesSunil kumar
 
Single Sign-On and User Management With Salesforce Identity
Single Sign-On and User Management With Salesforce IdentitySingle Sign-On and User Management With Salesforce Identity
Single Sign-On and User Management With Salesforce IdentitySalesforce Developers
 
Enterprise Integration - Solution Patterns From the Field
Enterprise Integration - Solution Patterns From the FieldEnterprise Integration - Solution Patterns From the Field
Enterprise Integration - Solution Patterns From the FieldSalesforce Developers
 
SSO introduction
SSO introductionSSO introduction
SSO introductionAidy Tificate
 
Salesforce Intro
Salesforce IntroSalesforce Intro
Salesforce IntroRich Helton
 
Salesforce Security Model (Dmitry Goshko, Igor Haritonovich)
Salesforce Security Model (Dmitry Goshko, Igor Haritonovich)Salesforce Security Model (Dmitry Goshko, Igor Haritonovich)
Salesforce Security Model (Dmitry Goshko, Igor Haritonovich)Yury Bondarau
 
APIC/DataPower security
APIC/DataPower securityAPIC/DataPower security
APIC/DataPower securityShiu-Fun Poon
 
Customer Service in Salesforce: Managing Cases Effectively
Customer Service in Salesforce: Managing Cases EffectivelyCustomer Service in Salesforce: Managing Cases Effectively
Customer Service in Salesforce: Managing Cases EffectivelyInternetCreations
 
A complete Salesforce implementation guide on how to implement Salesforce
A complete Salesforce implementation guide on how to implement SalesforceA complete Salesforce implementation guide on how to implement Salesforce
A complete Salesforce implementation guide on how to implement SalesforceSoftweb Solutions
 
Taking a Pragmatic Look at the Salesforce Security Model
Taking a Pragmatic Look at the Salesforce Security ModelTaking a Pragmatic Look at the Salesforce Security Model
Taking a Pragmatic Look at the Salesforce Security ModelSalesforce Developers
 
CIS13: Identity as a Matter of Public Safety: A Case Study in Secure API Acce...
CIS13: Identity as a Matter of Public Safety: A Case Study in Secure API Acce...CIS13: Identity as a Matter of Public Safety: A Case Study in Secure API Acce...
CIS13: Identity as a Matter of Public Safety: A Case Study in Secure API Acce...CloudIDSummit
 

Mais conteúdo relacionado

Mais procurados

OAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedOAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedCalvin Noronha
 
Introducing the Salesforce platform
Introducing the Salesforce platformIntroducing the Salesforce platform
Introducing the Salesforce platformJohn Stevenson
 
Salesforce Community Cloud
Salesforce Community CloudSalesforce Community Cloud
Salesforce Community CloudJayant Jindal
 
Salesforce sales cloud solutions
Salesforce sales cloud solutionsSalesforce sales cloud solutions
Salesforce sales cloud solutionsJanBask LLC
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsJohn Bauer
 
Getting started with Salesforce security
Getting started with Salesforce securityGetting started with Salesforce security
Getting started with Salesforce securitySalesforce Admins
 
Salesforce Application Lifecycle Management presented to EA Forum by Sam Garf...
Salesforce Application Lifecycle Management presented to EA Forum by Sam Garf...Salesforce Application Lifecycle Management presented to EA Forum by Sam Garf...
Salesforce Application Lifecycle Management presented to EA Forum by Sam Garf...Sam Garforth
 
Partner Community User Guide for Consulting Partners
Partner Community User Guide for Consulting PartnersPartner Community User Guide for Consulting Partners
Partner Community User Guide for Consulting PartnersSalesforce Partners
 
Session 1: INTRODUCTION TO SALESFORCE
Session 1: INTRODUCTION TO SALESFORCESession 1: INTRODUCTION TO SALESFORCE
Session 1: INTRODUCTION TO SALESFORCESmritiSharan1
 
Salesforce Communities
Salesforce CommunitiesSalesforce Communities
Salesforce CommunitiesSunil kumar
 
Single Sign-On and User Management With Salesforce Identity
Single Sign-On and User Management With Salesforce IdentitySingle Sign-On and User Management With Salesforce Identity
Single Sign-On and User Management With Salesforce IdentitySalesforce Developers
 
Enterprise Integration - Solution Patterns From the Field
Enterprise Integration - Solution Patterns From the FieldEnterprise Integration - Solution Patterns From the Field
Enterprise Integration - Solution Patterns From the FieldSalesforce Developers
 
Salesforce Intro
Salesforce IntroSalesforce Intro
Salesforce IntroRich Helton
 
Salesforce Security Model (Dmitry Goshko, Igor Haritonovich)
Salesforce Security Model (Dmitry Goshko, Igor Haritonovich)Salesforce Security Model (Dmitry Goshko, Igor Haritonovich)
Salesforce Security Model (Dmitry Goshko, Igor Haritonovich)Yury Bondarau
 
APIC/DataPower security
APIC/DataPower securityAPIC/DataPower security
APIC/DataPower securityShiu-Fun Poon
 
Customer Service in Salesforce: Managing Cases Effectively
Customer Service in Salesforce: Managing Cases EffectivelyCustomer Service in Salesforce: Managing Cases Effectively
Customer Service in Salesforce: Managing Cases EffectivelyInternetCreations
 
A complete Salesforce implementation guide on how to implement Salesforce
A complete Salesforce implementation guide on how to implement SalesforceA complete Salesforce implementation guide on how to implement Salesforce
A complete Salesforce implementation guide on how to implement SalesforceSoftweb Solutions
 

Mais procurados (20)

Sales Cloud Best Practices
Sales Cloud Best PracticesSales Cloud Best Practices
Sales Cloud Best Practices
 
OAuth with Salesforce - Demystified
OAuth with Salesforce - DemystifiedOAuth with Salesforce - Demystified
OAuth with Salesforce - Demystified
 
Introducing the Salesforce platform
Introducing the Salesforce platformIntroducing the Salesforce platform
Introducing the Salesforce platform
 
Salesforce Community Cloud
Salesforce Community CloudSalesforce Community Cloud
Salesforce Community Cloud
 
Salesforce sales cloud solutions
Salesforce sales cloud solutionsSalesforce sales cloud solutions
Salesforce sales cloud solutions
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation Considerations
 
Getting started with Salesforce security
Getting started with Salesforce securityGetting started with Salesforce security
Getting started with Salesforce security
 
Salesforce Application Lifecycle Management presented to EA Forum by Sam Garf...
Salesforce Application Lifecycle Management presented to EA Forum by Sam Garf...Salesforce Application Lifecycle Management presented to EA Forum by Sam Garf...
Salesforce Application Lifecycle Management presented to EA Forum by Sam Garf...
 
Partner Community User Guide for Consulting Partners
Partner Community User Guide for Consulting PartnersPartner Community User Guide for Consulting Partners
Partner Community User Guide for Consulting Partners
 
Session 1: INTRODUCTION TO SALESFORCE
Session 1: INTRODUCTION TO SALESFORCESession 1: INTRODUCTION TO SALESFORCE
Session 1: INTRODUCTION TO SALESFORCE
 
Data model in salesforce
Data model in salesforceData model in salesforce
Data model in salesforce
 
Salesforce Communities
Salesforce CommunitiesSalesforce Communities
Salesforce Communities
 
Single Sign-On and User Management With Salesforce Identity
Single Sign-On and User Management With Salesforce IdentitySingle Sign-On and User Management With Salesforce Identity
Single Sign-On and User Management With Salesforce Identity
 
Enterprise Integration - Solution Patterns From the Field
Enterprise Integration - Solution Patterns From the FieldEnterprise Integration - Solution Patterns From the Field
Enterprise Integration - Solution Patterns From the Field
 
SSO introduction
SSO introductionSSO introduction
SSO introduction
 
Salesforce Intro
Salesforce IntroSalesforce Intro
Salesforce Intro
 
Salesforce Security Model (Dmitry Goshko, Igor Haritonovich)
Salesforce Security Model (Dmitry Goshko, Igor Haritonovich)Salesforce Security Model (Dmitry Goshko, Igor Haritonovich)
Salesforce Security Model (Dmitry Goshko, Igor Haritonovich)
 
APIC/DataPower security
APIC/DataPower securityAPIC/DataPower security
APIC/DataPower security
 
Customer Service in Salesforce: Managing Cases Effectively
Customer Service in Salesforce: Managing Cases EffectivelyCustomer Service in Salesforce: Managing Cases Effectively
Customer Service in Salesforce: Managing Cases Effectively
 
A complete Salesforce implementation guide on how to implement Salesforce
A complete Salesforce implementation guide on how to implement SalesforceA complete Salesforce implementation guide on how to implement Salesforce
A complete Salesforce implementation guide on how to implement Salesforce
 

Semelhante a Single Sign-On Best Practices

Taking a Pragmatic Look at the Salesforce Security Model
Taking a Pragmatic Look at the Salesforce Security ModelTaking a Pragmatic Look at the Salesforce Security Model
Taking a Pragmatic Look at the Salesforce Security ModelSalesforce Developers
 
CIS13: Identity as a Matter of Public Safety: A Case Study in Secure API Acce...
CIS13: Identity as a Matter of Public Safety: A Case Study in Secure API Acce...CIS13: Identity as a Matter of Public Safety: A Case Study in Secure API Acce...
CIS13: Identity as a Matter of Public Safety: A Case Study in Secure API Acce...CloudIDSummit
 
Exploring SAML 2.0-based federation in AWS.pptx
Exploring SAML 2.0-based federation in AWS.pptxExploring SAML 2.0-based federation in AWS.pptx
Exploring SAML 2.0-based federation in AWS.pptxInfosectrain3
 
Exploring SAML 2.0-based federation in AWS.pptx
Exploring SAML 2.0-based federation in AWS.pptxExploring SAML 2.0-based federation in AWS.pptx
Exploring SAML 2.0-based federation in AWS.pptxinfosec train
 
Identity as a Matter of Public Safety
Identity as a Matter of Public SafetyIdentity as a Matter of Public Safety
Identity as a Matter of Public SafetyAdam Lewis
 
Authentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsAuthentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsSalesforce Developers
 
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...Amazon Web Services
 
IAM/IRM CONSIDERATIONS FOR SAAS PROVIDER SELECTION
IAM/IRM CONSIDERATIONS FOR SAAS PROVIDER SELECTIONIAM/IRM CONSIDERATIONS FOR SAAS PROVIDER SELECTION
IAM/IRM CONSIDERATIONS FOR SAAS PROVIDER SELECTIONForgeRock
 
RealMe Technical Overview 2013 v1.1
RealMe Technical Overview 2013 v1.1RealMe Technical Overview 2013 v1.1
RealMe Technical Overview 2013 v1.1Venkat Maddali
 
Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...
Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...
Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...Amazon Web Services
 
Deep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech Talks
Deep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech TalksDeep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech Talks
Deep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech TalksAmazon Web Services
 
CIS14: How I Came to Share Signals and Learned to Love my Identity System
CIS14: How I Came to Share Signals and Learned to Love my Identity SystemCIS14: How I Came to Share Signals and Learned to Love my Identity System
CIS14: How I Came to Share Signals and Learned to Love my Identity SystemCloudIDSummit
 
Chakray.com - Enterprise Security and IAM with WSO2IS and Penrose
Chakray.com - Enterprise Security and IAM with WSO2IS and PenroseChakray.com - Enterprise Security and IAM with WSO2IS and Penrose
Chakray.com - Enterprise Security and IAM with WSO2IS and PenroseRoger CARHUATOCTO
 
CIS14: Creating a Federated Identity Service for Better SSO
CIS14: Creating a Federated Identity Service for Better SSOCIS14: Creating a Federated Identity Service for Better SSO
CIS14: Creating a Federated Identity Service for Better SSOCloudIDSummit
 
Enterprise Security Requirements
Enterprise Security RequirementsEnterprise Security Requirements
Enterprise Security RequirementsWSO2
 
Identity Federation on JBossAS
Identity Federation on JBossASIdentity Federation on JBossAS
Identity Federation on JBossASRoger CARHUATOCTO
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersSalesforce Developers
 
Deep Dive on Amazon Cognito - DevDay Los Angeles 2017
Deep Dive on Amazon Cognito - DevDay Los Angeles 2017Deep Dive on Amazon Cognito - DevDay Los Angeles 2017
Deep Dive on Amazon Cognito - DevDay Los Angeles 2017Amazon Web Services
 
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...NCCOMMS
 

Semelhante a Single Sign-On Best Practices (20)

Taking a Pragmatic Look at the Salesforce Security Model
Taking a Pragmatic Look at the Salesforce Security ModelTaking a Pragmatic Look at the Salesforce Security Model
Taking a Pragmatic Look at the Salesforce Security Model
 
CIS13: Identity as a Matter of Public Safety: A Case Study in Secure API Acce...
CIS13: Identity as a Matter of Public Safety: A Case Study in Secure API Acce...CIS13: Identity as a Matter of Public Safety: A Case Study in Secure API Acce...
CIS13: Identity as a Matter of Public Safety: A Case Study in Secure API Acce...
 
Exploring SAML 2.0-based federation in AWS.pptx
Exploring SAML 2.0-based federation in AWS.pptxExploring SAML 2.0-based federation in AWS.pptx
Exploring SAML 2.0-based federation in AWS.pptx
 
Exploring SAML 2.0-based federation in AWS.pptx
Exploring SAML 2.0-based federation in AWS.pptxExploring SAML 2.0-based federation in AWS.pptx
Exploring SAML 2.0-based federation in AWS.pptx
 
Identity as a Matter of Public Safety
Identity as a Matter of Public SafetyIdentity as a Matter of Public Safety
Identity as a Matter of Public Safety
 
Authentication with OAuth and Connected Apps
Authentication with OAuth and Connected AppsAuthentication with OAuth and Connected Apps
Authentication with OAuth and Connected Apps
 
SAML 101
SAML 101SAML 101
SAML 101
 
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
 
IAM/IRM CONSIDERATIONS FOR SAAS PROVIDER SELECTION
IAM/IRM CONSIDERATIONS FOR SAAS PROVIDER SELECTIONIAM/IRM CONSIDERATIONS FOR SAAS PROVIDER SELECTION
IAM/IRM CONSIDERATIONS FOR SAAS PROVIDER SELECTION
 
RealMe Technical Overview 2013 v1.1
RealMe Technical Overview 2013 v1.1RealMe Technical Overview 2013 v1.1
RealMe Technical Overview 2013 v1.1
 
Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...
Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...
Amazon Cognito Public Beta of Built-in UI for User Sign-up/in and SAML Federa...
 
Deep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech Talks
Deep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech TalksDeep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech Talks
Deep Dive on User Sign-up Sign-in with Amazon Cognito - AWS Online Tech Talks
 
CIS14: How I Came to Share Signals and Learned to Love my Identity System
CIS14: How I Came to Share Signals and Learned to Love my Identity SystemCIS14: How I Came to Share Signals and Learned to Love my Identity System
CIS14: How I Came to Share Signals and Learned to Love my Identity System
 
Chakray.com - Enterprise Security and IAM with WSO2IS and Penrose
Chakray.com - Enterprise Security and IAM with WSO2IS and PenroseChakray.com - Enterprise Security and IAM with WSO2IS and Penrose
Chakray.com - Enterprise Security and IAM with WSO2IS and Penrose
 
CIS14: Creating a Federated Identity Service for Better SSO
CIS14: Creating a Federated Identity Service for Better SSOCIS14: Creating a Federated Identity Service for Better SSO
CIS14: Creating a Federated Identity Service for Better SSO
 
Enterprise Security Requirements
Enterprise Security RequirementsEnterprise Security Requirements
Enterprise Security Requirements
 
Identity Federation on JBossAS
Identity Federation on JBossASIdentity Federation on JBossAS
Identity Federation on JBossAS
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
 
Deep Dive on Amazon Cognito - DevDay Los Angeles 2017
Deep Dive on Amazon Cognito - DevDay Los Angeles 2017Deep Dive on Amazon Cognito - DevDay Los Angeles 2017
Deep Dive on Amazon Cognito - DevDay Los Angeles 2017
 
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
 

Mais de Salesforce Developers

Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSalesforce Developers
 
Maximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component PerformanceMaximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component PerformanceSalesforce Developers
 
Local development with Open Source Base Components
Local development with Open Source Base ComponentsLocal development with Open Source Base Components
Local development with Open Source Base ComponentsSalesforce Developers
 
TrailheaDX India : Developer Highlights
TrailheaDX India : Developer HighlightsTrailheaDX India : Developer Highlights
TrailheaDX India : Developer HighlightsSalesforce Developers
 
Why developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX IndiaWhy developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX IndiaSalesforce Developers
 
CodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local DevelopmentCodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local DevelopmentSalesforce Developers
 
CodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web ComponentsCodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web ComponentsSalesforce Developers
 
Enterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web ComponentsEnterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web ComponentsSalesforce Developers
 
TrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer HighlightsTrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer HighlightsSalesforce Developers
 
Lightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingLightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingSalesforce Developers
 
LWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilityLWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilitySalesforce Developers
 
Lightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce dataLightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce dataSalesforce Developers
 
Lightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An IntroductionLightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An IntroductionSalesforce Developers
 
Migrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCPMigrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCPSalesforce Developers
 
Scale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in SalesforceScale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in SalesforceSalesforce Developers
 
Replicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data CaptureReplicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data CaptureSalesforce Developers
 
Modern Development with Salesforce DX
Modern Development with Salesforce DXModern Development with Salesforce DX
Modern Development with Salesforce DXSalesforce Developers
 
Integrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS ConnectIntegrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS ConnectSalesforce Developers
 

Mais de Salesforce Developers (20)

Sample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce DevelopersSample Gallery: Reference Code and Best Practices for Salesforce Developers
Sample Gallery: Reference Code and Best Practices for Salesforce Developers
 
Maximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component PerformanceMaximizing Salesforce Lightning Experience and Lightning Component Performance
Maximizing Salesforce Lightning Experience and Lightning Component Performance
 
Local development with Open Source Base Components
Local development with Open Source Base ComponentsLocal development with Open Source Base Components
Local development with Open Source Base Components
 
TrailheaDX India : Developer Highlights
TrailheaDX India : Developer HighlightsTrailheaDX India : Developer Highlights
TrailheaDX India : Developer Highlights
 
Why developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX IndiaWhy developers shouldn’t miss TrailheaDX India
Why developers shouldn’t miss TrailheaDX India
 
CodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local DevelopmentCodeLive: Build Lightning Web Components faster with Local Development
CodeLive: Build Lightning Web Components faster with Local Development
 
CodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web ComponentsCodeLive: Converting Aura Components to Lightning Web Components
CodeLive: Converting Aura Components to Lightning Web Components
 
Enterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web ComponentsEnterprise-grade UI with open source Lightning Web Components
Enterprise-grade UI with open source Lightning Web Components
 
TrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer HighlightsTrailheaDX and Summer '19: Developer Highlights
TrailheaDX and Summer '19: Developer Highlights
 
Live coding with LWC
Live coding with LWCLive coding with LWC
Live coding with LWC
 
Lightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and TestingLightning web components - Episode 4 : Security and Testing
Lightning web components - Episode 4 : Security and Testing
 
LWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura InteroperabilityLWC Episode 3- Component Communication and Aura Interoperability
LWC Episode 3- Component Communication and Aura Interoperability
 
Lightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce dataLightning web components episode 2- work with salesforce data
Lightning web components episode 2- work with salesforce data
 
Lightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An IntroductionLightning web components - Episode 1 - An Introduction
Lightning web components - Episode 1 - An Introduction
 
Migrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCPMigrating CPQ to Advanced Calculator and JSQCP
Migrating CPQ to Advanced Calculator and JSQCP
 
Scale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in SalesforceScale with Large Data Volumes and Big Objects in Salesforce
Scale with Large Data Volumes and Big Objects in Salesforce
 
Replicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data CaptureReplicate Salesforce Data in Real Time with Change Data Capture
Replicate Salesforce Data in Real Time with Change Data Capture
 
Modern Development with Salesforce DX
Modern Development with Salesforce DXModern Development with Salesforce DX
Modern Development with Salesforce DX
 
Get Into Lightning Flow Development
Get Into Lightning Flow DevelopmentGet Into Lightning Flow Development
Get Into Lightning Flow Development
 
Integrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS ConnectIntegrate CMS Content Into Lightning Communities with CMS Connect
Integrate CMS Content Into Lightning Communities with CMS Connect
 

Single Sign-On Best Practices

  • 1. Single Sign-On Best Practices Developer Track Suchin Rengan Shesh Kondi Director, Technical Solutions Architect Cloud Solutions Architect @sacrengan @sheshzilla
  • 2. Safe Harbor Safe harbor statement under the Private Securities Litigation Reform Act of 1995: This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the forward- looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any projections of product or service availability, subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services. The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, new products and services, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the outcome of intellectual property and other litigation, risks associated with possible mergers and acquisitions, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, our limited history reselling non-salesforce.com products, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is included in our annual report on Form 10-Q for the most recent fiscal quarter ended July 31, 2012. This documents and others containing important disclosures are available on the SEC Filings section of the Investor Information section of our Web site. Any unreleased services or features referenced in this or other presentations, press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements.
  • 3. Why are we here? • To discuss • Different Mechanisms for Authentication • When to choose what protocol • Best practice for implementations • To help you understand • Single Sign-On Using SAML 2.0 • API access using OAuth • Authentication Providers • To demonstrate • The amazing things that can be built using our Authentication services
  • 4. What is Single Sign On? Per wikipedia.. Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them In simple terms.. Ability for systems to establish Authentication using a mutually agreed upon an identity mechanism
  • 6. Username / Password Authentication • The out-of-the-box experience • Salesforce hosts the authentication interface • Flexible policies • Mobile ready ① User sends credentials to Salesforce ② Salesforce authenticates user in our database and user is granted session to Salesforce
  • 7. What is SAML? • The Standard for Federated Single Sign-On • OASIS Standard: Commercial & Open Source support • Authentication interface is hosted by customer ① User requests a secure resource ② Salesforce.com redirects to Customer IDP ③ Customer authenticates user ④ User returns to Salesforce.com with SAML and is granted session * If you’re logged into the Dreamforce org, you’ve used SAML!
  • 8. What is Delegated Authentication? • SOAP based protocol for “Single Login” • Salesforce only: Minimal commercial support • Salesforce hosts the authentication interface ① User sends credentials to Salesforce ② Salesforce sends credentials to Customer ③ Customer authenticates user and replies “true” ④ User is granted session to Salesforce
  • 9. What is OAuth? • An open protocol to allow secure API access in a simple, standard method from desktop/web applications • Standard track in IETF • Integrates with previous authentication mechanisms ① App redirects user to Salesforce ② Salesforce authenticates user ③ Saleforce redirects user back to app with code ④ App sends code to Salesforce ⑤ Salesforce issues session ⑥ App accesses API
  • 10. When do I use what? • UserId/Password • When you just want the basics • SAML • Single Sign-On for the web and applications • SAML provides the best commercial support • SAML provides re-use across other Cloud services • OAuth • Building an API client or connected application (including Mobile) • Delegated Auth • SF Mobile CRM and older API clients with your own credentials * Not mutually exclusive…you can mix and match
  • 11. Customer Poll/ Question If you want to use your Active Directory credentials to use Salesforce for Outlook what mechanism would you use? A. Username / Password B. SAML C. OAuth D. Delegated Authentication
  • 12. SSO in Action Shesh Kondi Suchin Rengan
  • 13. How about using a Corporate Identity for Employees? Identity Provider (IDP) Service Provider (SP) MyDomain: A sub-domain used to access a specific SF Organization. Example: https://acme- 1. Generate SAML token and send 2. Validate SAML and generate developer.my.salesforce.com response to Salesforce session
  • 14. Provisioning Users So, how we get the users in Salesforce??  Manually…. But that doesn’t cut for large organizations  API… But that takes code and maintenance  Just In Time Provisioning (SAML JIT)
  • 15. What about Multiple Salesforce Orgs? Identity Provider (IDP) Service Provider (SP) Service Provider (SP)
  • 16. …and an org can even be an IDP… Identity Provider (IDP) Service Provider (SP) Service Provider (SP)
  • 17. How about bookmarks? 1. Request Resource. Redirect to IDP 2. Send SAML Request 3. Authenticate. Send SAML Response 4. Validate SAML. Generate session Identity Provider (IDP) Service Provider (SP) 4 2 3 1
  • 18. How about Employees use Mobile? 1. User Posts Credentials 2. User get’s session
  • 19. Salesforce as an IDP for a Third Party SP Identity Provider (IDP) Service Provider (SP) Service Provider (SP)
  • 20. What about Single Sign-On for Partners? Identity Provider (IDP) Partner Portal 1. Generate SAML and send to 2. Validate SAML and generate Salesforce session Same as IDP Initiated SAML, but with 2 additional attributes Send these in attribute statement: organization_id & portal_id
  • 21. What about the Consumers? Social Sign On  Login using ‘Social’ Credentials  Facebook and Janrain Authentication Providers  Link Accounts  Dyanamic Provisioning
  • 22. How about using Social credentials for Salesforce access? 1. Authenticate and Link accounts 2. Allow Salesforce access
  • 24. Best Practices Develop troubleshooting practices for SSO failures  SSO is in critical path since no login means no access to users Citi SSO SAML Issues Troubleshooting Process SAML SSO Issue is Reported Gather Information: - User Id - Error Message Check the Login Type “SAML Idp Initiated SSO” Any Login Error NO Is User Profile Make appropriate Message in User’s Configured with changes to User Login History? Proper Federation Id? Profile Error Messages like: - Failed: Issuer Mismatched - Failed: Certificate Mismathed YES YES NO Talk to Citi STS NO team and get SAML Setting Is SAML Token their help in Related Issue? (1) Valid? (2) resolution of the issue YES YES Make appropriate changes to SAML Settings If necessary open support ticket with SFDC Error Messages like: - Failed: Audience Mismatched - Failed: Recipient Mismatched - Failed: Certificate Mismatched Verify if it resolves the issue ADDITIONAL NOTES 1) For Certificate related issues, verify Certificate that is uploaded under SAML settings 2) A SAML Token can be validated using the SAML Token Debugger tool that is accessible on the SAML Settings Screen 3) Replay related issue is a temporary issue and happens if multiple SAML requests for the same user is made
  • 25. SAML Best Practices – Prevent Failures • Make sure the IDP server is on a high available environment • Be proactive with regards to certificate (Salesforce and client) expirations • Check for any time skews that may lead to inconsistent timeout/ session creation issues • Implement custom logout, error pages to present custom messages instead of defaults • TEST and TEST and TEST
  • 26. SAML Best Practices – Reliable & Scalable • Use Federation Id instead of SF username as subject Id • Identity based on login and no mapping required to know SF username • Login post is org specific and hence no time needed by SF to resolve org instance • Disabling users from directly logging into SF if SAML is enabled • Enable DA and implement a service that always return false • Use the “My Domains” feature and redirect the user when attempting to login directly. Also, disable flag that allows users to log into Salesforce.com directly  Administrators should be excluded from SSO
  • 27. Where do we go from here? Learn more on developer force: • http://wiki.developerforce.com/index.php/Single_Sign- On_for_Desktop_and_Mobile_Applications_using_SAML_and_OAuth • http://wiki.developerforce.com/index.php/CRC:SSO Attend these sessions: • Hands-on Training: Enable Single Sign-on with SAML Thursday, September 20th: 3:00 PM - 4:00 PM • Authentication with OAuth and Connected Apps Thursday, September 20th: 10:30 AM - 11:30 AM
  • 28. Suchin Rengan Shesh Kondi @sacrengan @sheshzilla