Job Description
Job Description
- Define and maintain modern authentication standards for applications and APIs (OAuth2/OIDC/SAML), including reference architectures.
- Support project teams in implementing and troubleshooting auth flows (Auth Code + PKCE, Device Code, Client Credentials, OBO), including edge cases and production incidents.
- Review and harden token/session configurations (lifetimes, refresh behaviour, session controls) and advise on mitigations for common auth threats (replay, token theft).
- Design and standardize claims/attributes strategy (least-privilege claims, normalization across IdPs, group/role overage handling) for scalable integrations.
- Define API access models and permission strategy (scopes vs roles, delegated vs app permissions) and govern consent patterns (admin/incremental) for least privilege and auditability.
- Configure and operate federation integrations (IdP/SP), including metadata management, planned ro...