A Love Letter to IAM (Identity Access Management)

A love letter to IAM (Identity Access Management):

I recall the initial skepticism when I shared my fascination with all things Identity. Delving into SAML (Security Assertion Markup Language) back in 2017, the intricate dance of redirects concealed behind the scenes captivated me. The complexity was a thing of beauty.

Navigating the labyrinth of IdP (Identity Provider) and SP (Service Provider) configurations, alongside the intricacies of malformed XML files and the nuances of certificate requirements (SHA1 versus SHA256), revealed the fragility of the system.

Fast forward to 2022 with my exploration of OAuth 2.0, an access delegation protocol rather than an authentication mechanism, and it’s multitude of token and scope varieties. Followed by OIDC (OpenID Connect). 

Unraveling these technologies and translating their complexities into understandable terms for diverse audiences has become a passion.

IAM, with its layers of intricacy and depth, continues to hold my heart. It would be an absolute dream to work for an Identity Provider because it would never feel like work.