Identity and Access Management
SUSEID - Sovereign IAM at SUSE
<p>SUSE’s IAM evolution mirrors its corporate journey, beginning with deep dependency on Novell (later MicroFocus) Access Manager, following its transition to independence.As the organization grew, individual departments adopted several tools to solve immediate authentication needs.</p>
<p>This led to a proliferation of unmanageable authentication silos across customer portals, partner networks, and internal employee systems.Recognizing the inefficiencies and risks of this fragmented landscape, SUSE IT has set the goal to consolidate these scattered silos by unifying identities into a single, modern governance solution.</p>
<p>Authentik: https://goauthentik.io/
389-ds: https://www.port389.org/
PostgreSQL: https://www.postgresql.org/
Patroni: https://patroni.readthedocs.io/en/latest/
RKE2: https://docs.rke2.io/</p>
Additional information
| Live Stream | https://live.fosdem.org/watch/h2214 |
|---|---|
| Type | devroom |
| Language | English |
More sessions
| 2/1/26 |
<p>Welcome to the devroom, rules and initial setup.</p>
|
| 2/1/26 |
<p>As security threats become more sophisticated, the need for efficient, real-time communication between identity providers and relying parties is essential. The Shared Signals Framework (SSF) and related specifications such as CAEP and RISC address this challenge by providing a standardised way for systems to exchange security related signals, such as session revocations, credential breaches, and other identity-related incidents, in a secure and scalable manner. This talk introduces the Shared ...
|
| 2/1/26 |
<p>We introduce the <a href="https://github.com/nextcloud/scim_client">SCIM client app</a> for <a href="https://nextcloud.com/">Nextcloud</a> that allows Nextcloud users and groups to be automatically synced to external services that support the <a href="https://tools.ietf.org/wg/scim/">SCIM</a> standard. This enables Nextcloud to act as an authoritative store of user identity information, simplifying user management across multiple connected services.</p> <p>This talk will discuss the ...
|
| 2/1/26 |
<p>OAuth 2.0 and OpenID Connect have been around for years to secure web and mobile applications alike with growing popularity.</p> <p>To keep your applications and their data secure, these standards are evolving to align with security best practices.</p> <p>Join this talk to see how the FAPI 2.0 Security Profile and the upcoming OAuth 2.1 standard promotes and enforces best practices, how to adapt your applications, and how Keycloak as an Open Source IAM can help you. Expect a demo and examples ...
|
| 2/1/26 |
<p><a href="https://www.proconnect.gouv.fr">ProConnect</a> is an open-source Federated Identity Provider written mainly in TypeScript and designed to connect professionals with government services. Developed by the French Interministerial Digital Directorate (<a href="https://www.numerique.gouv.fr/numerique-etat/dinum/">DINUM</a>), it builds on the experience of <a href="https://franceconnect.gouv.fr/">FranceConnect</a> while introducing a lightweight, modern architecture.</p> <p>This talk will ...
|
| 2/1/26 |
<p>Each month it seems we are made aware of a break in security. Some report of a data base of identity information that is reported as captured by an entity of some type. Lists of passwords, ID numbers, bank account information, credit card information. And these are only the ones we hear about, since many of these break-ins are not reported, or kept quiet.</p> <p>Often we hope that the data is encrypted, but as we all know quantum computers are coming quickly and quantum computers can take ...
|
| 2/1/26 |
<p>Passkeys are now first-class citizens on Windows, macOS, Android and iOS - but the Linux desktop still has no standard FIDO2 platform APIs for browsers and native apps. </p> <p>This talk presents <strong>Credentials for Linux</strong> (<a href="https://github.com/linux-credentials">github.com/linux-credentials</a>), a cross-desktop effort to bring Passkeys and other credentials to Linux in a way that works for sandboxed apps and browsers alike.</p> <p>We’ll cover:</p> <ul> <li><strong>Very ...
|
