Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Auth0 Product Roadmap Report
Search
suwa yuki
December 10, 2019
Technology
0
1k
Auth0 Product Roadmap Report
Auth0 Day 2019 Recap in Osakaのセッション「Auth0 Product Roadmap Report」のセッションスライドです。
suwa yuki
December 10, 2019
Tweet
Share
More Decks by suwa yuki
See All by suwa yuki
Auth0ハンズオンウェビナー資料
suwayuki
0
9.7k
Developers.IO CAFEの SaaS化を支えた三種の神器 - Developer Friendlyの重要性 - V2
suwayuki
0
1.9k
Web / ネイティブ / LINEアプリを まとめる技術
suwayuki
0
1.6k
LINE Loginで始めるAuth0の使い方 - 認証基盤をかんたんに構築する方法
suwayuki
1
5.3k
サービスを爆速で立ち上げるためのSaaSの活用
suwayuki
0
2k
Developers.IO CAFEの SaaS化を支えた三種の神器 - Developer Friendlyの重要性 -
suwayuki
0
450
デザイン工学科学生が ITベンチャーに就職し、トップエンジニアを目指す話
suwayuki
0
980
Auth0の認可
suwayuki
2
1.1k
Auth0 x Stripe x CircleCI - イノベーションを起こすためのサービスの活用 -
suwayuki
0
1.3k
Other Decks in Technology
See All in Technology
Beyond Kaniko: Navigating Unprivileged Container Image Creation
f30
0
130
ビギナーであり続ける/beginning
ikuodanaka
3
760
Should Our Project Join the CNCF? (Japanese Recap)
whywaita
PRO
0
340
成長し続けるアプリのためのテストと設計の関係、そして意思決定の記録。
sansantech
PRO
0
120
20250707-AI活用の個人差を埋めるチームづくり
shnjtk
4
3.9k
タイミーのデータモデリング事例と今後のチャレンジ
ttccddtoki
6
2.4k
Tokyo_reInforce_2025_recap_iam_access_analyzer
hiashisan
0
190
DBのスキルで生き残る技術 - AI時代におけるテーブル設計の勘所
soudai
PRO
50
19k
Backlog ユーザー棚卸しRTA、多分これが一番早いと思います
__allllllllez__
1
150
LLM時代の検索
shibuiwilliam
2
150
KubeCon + CloudNativeCon Japan 2025 Recap
ren510dev
1
380
20250705 Headlamp: 專注可擴展性的 Kubernetes 用戶界面
pichuang
0
270
Featured
See All Featured
A designer walks into a library…
pauljervisheath
207
24k
Gamification - CAS2011
davidbonilla
81
5.4k
Git: the NoSQL Database
bkeepers
PRO
430
65k
Done Done
chrislema
184
16k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
34
5.9k
A better future with KSS
kneath
238
17k
Making the Leap to Tech Lead
cromwellryan
134
9.4k
How GitHub (no longer) Works
holman
314
140k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
30
2.1k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
35
2.4k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
8
820
Imperfection Machines: The Place of Print at Facebook
scottboms
267
13k
Transcript
Auth0 Product Roadmap Report 2019.12.10 Classmethod, Inc. SUWA Yuki
• Senior Specialist • Developers.IO Blogger • iOS Node.js
Vue AWS etc… ਡ๚ ༔لɹYuki Suwa Auth0 Ambassador
ˌAuth0JP
November 2019 • Martin Gontovnikas ࢯདྷ • Auth0 Day 19
ొஃ • LINE Developer Day 2019 ొஃ
ຊͷ͓ • Gontoࢯ͕ޠͬͨηογϣϯͷৼΓฦΓ • Auth0 Product RoadmapʢAuth0 Dayʣ • Identity৽͍͠ϑΝΠΞʔΥʔϧ
ʢLINE Dev Dayʣ
Auth0ͷઓུ 2013 2016 2019 ։ൃऀ ֦ுੑ ϓϥοτϑΥʔϜ
Auth0ͷߟ͑ํ • ೝূ / ೝՄͷձࣾ • IDཧ͚ͩͰͳ͘ɺ։ൃऀͷ͓ख͍͕͍ͨ͠ • ։ൃऀͷExperienceେʹ͍ͯ͠Δ
։ൃऀͷͨΊͷϓϥοτϑΥʔϜ • 2, 3ߦͰ࢝ΊΒΕΔ • ଟ͘ͷݴޠΛαϙʔτ • Web͚ͩͰͳ͘ɺσεΫτοϓɺϞόΠϧͰ͑Δ
֦ுੑͷڧԽ • RuleΛͬͯAuth0ͷػೳΛχʔζʹ߹ΘͤΒΕΔ • ྫ : ຊҎ֎ͷIPΛϒϩοΫ͢Δ • 87%ͷސ٬͕֦ு͍ͯ͠Δ •
ଞͷೝূϕϯμʔͱେ͖͘ҟͳΔ
Response Optional Redirect External Page Your Code MFA Modified Access
& ID Tokens Rules Own API Access & ID Tokens Enrich Profile Send to Intercom
Auth0ͷઓུ 2013 2016 2019 ։ൃऀ ֦ுੑ ϓϥοτϑΥʔϜ εέʔϥϏϦςΟ ৴པ &
ίϯϓϥΠΞϯε
εέʔϥϏϦςΟ • 30ԯҎ্/݄ͷϩάΠϯΛཧ • 5ϲࠃɺ5ԯ1,200ສਓͷϓϩϑΝΠϧΛཧ • 12ສͷΞϓϦέʔγϣϯʢΫϥΠΞϯτʣ
৴པͱίϯϓϥΠΞϯε 27001 SOC HIPAA 27018 PCI
Auth0ͷઓུ 2013 2016 2019 ։ൃऀ ֦ுੑ ϓϥοτϑΥʔϜ εέʔϥϏϦςΟ ৴པ &
ίϯϓϥΠΞϯε ࣍Կʁ
ϫϯΫϦοΫͰ ͋ΒΏΔΞϓϦέʔγϣϯʹ ҆શʹΞΫηεͰ͖ΔΑ͏ʹ͢Δ
ΤϯυϢʔβʔͱͯ͠ • ϩάΠϯอͨΕͭͭɺηΩϡϦςΟΛҡ࣋ͯ͠ཉ͍͠ • ղܾ͢Δखஈͱͯ͠ίϯϑΟσϯεϨϕϧͷಋೖ • ೝূͱ͍͏1ͭͷΠϕϯτʹରͯ͠Ϩϕϧ͕มΘΔ • ྫ )
ৼΓࠐΈͳͲॏཁͳΞΫγϣϯͰMFA͕ൃಈ • ܧଓతͳೝূ͕ߦΘΕΔ
None
None
ηΩϡϦςΟΤϯδχΞͱͯ͠ • Կ͕ى͖͍ͯͯɺԿΛ͙ͷ͔ΛѲ͍ͨ͠ • ⚠ Ϣʔβʔ͕10Ҏʹผͳࠃ͔ΒϩάΠϯ ɹɹ ϑΟογϯά߈ܸΛݕग़ • ⚠
ଞͷࠃͷIPΞυϨε͔ΒϩάΠϯ ɹɹ Credential Stuffing߈ܸΛݕग़
ཧऀͱͯ͠ • ৽نސ٬৭ʑͳཁٻΛ͍࣋ͬͯΔ • ྫ ) ৽͍͠πʔϧͷಋೖɺ৽͍͠ϩάΠϯํࣜͷಋೖ • அଓత /
ܧଓతʹൃੜ͢Δӡ༻ • ྫ ) σόΠεฆࣦɺAPIͷೝূใͷऔಘ • Auth0͕IFͱͳΓɺ֤IDཧऀࣗͨͪͰ࣮ࢪ͢Δ
࣮ऀͱͯ͠ • ඞཁͳݶΓγϯϓϧʹɺͦͯ͠ύϫϑϧʹ • ͱͯ؆୯ʹελʔτͰ͖Δɺγϯϓϧ͞Λอͭ • ඞཁͰ͋ΕConnection, Hook, RuleͳͲͰ֦ுͰ͖Δ
Features
ۙͰՃ͞Εͨػೳ Authentication & Authorization • Sign in with Apple •
LINE • Enterprise OIDC Connections Service Management • Log Search Filtering
ۙͰՃ͞Εͨػೳ • Explorer • શͯͷઃఆΛ ϏδϡΞϥΠζ
ۙͰՃ͞Εͨػೳ • AWS Session Tag with Auth0 as SAML Provider
• SAML Provider͔ΒSSO͢ΔࡍʹΞαʔγϣϯΛ͚Δ ͜ͱͰResourceͷTagͰABAC (Attributed-Based Access Control) Ͱ͖Δػೳ https://dev.classmethod.jp/cloud/aws/session-tag-auth0/
Coming next (Q4 to 2020) • Universal LoginͷΧελϜςΩετ • ϋογϡࡁΈύεϫʔυͷΠϯϙʔτʢ֦ுʣ
• ύεϫʔυϨεͷωΠςΟϒ/όοΫΤϯυΞϓϦͷαϙʔτ • ϦϑϨογϡτʔΫϯͷϩʔςʔγϣϯ (for ITP2 session interruptions) • On-Behalf-Of-Flowͷαϙʔτ IN PROGRESS
Coming next (Q4 to 2020) • νʔϜΞΧϯτͷμογϡϘʔυͷΞΫηείϯτ ϩʔϧ • 3rd
partyͷΑΓϦΞϧλΠϜͳϩάग़ྗ • ෆਖ਼ϩάΠϯΛܰݮ͢ΔͨΊͷ৴པείΞϦϯά IN PROGRESS
Coming next (Q4 to 2020) • MFAͷཁૉΛબ͢Δػೳ • Native FacebookϩάΠϯ
• RBACͷͨΊͷϓϩόΠμιʔε/ϗετάϧʔϓػೳ • 3rd Party APIͷΞΫηείϯτϩʔϧ PLANNED
Coming next (Q4 to 2020) • ॺ໊Ωʔϩʔςʔγϣϯ • ඇΞΫςΟϒޙͷϦϑϨογϡτʔΫϯͷߋ৽ •
ϩάͷҰ؏ੑͷվળ • Management APIͰͷHooksͷཧ PLANNED
Coming next (Q4 to 2020) • Universal Loginͷ͞ΒͳΔΧελϚΠζ • Web
AuthNͱॺ໊ΩʔͷͨΊͷMFAαϙʔτ • ConsentͷΧελϚΠζͱϩʔΧϥΠζ • ؆୯ͳΞϓϦϚΠάϨʔγϣϯ CONCIDERING
Coming next (Q4 to 2020) • Ϣʔβʔ͕ϒϩοΫ͞Εͨཧ༝ͷอ • ύεϫʔυϦηοτϑϩʔͷΧελϚΠζ •
߹ཧԽ͞ΕͨB2B SaaSͷOrganizationཧ • Credential Stuffing߈ܸ (bot attack) ͷอޢ CONCIDERING
Coming next (Q4 to 2020) • σόΠε͝ͱʹΞΫςΟϒηογϣϯΛ੍ޚ͢Δػೳ • ηογϣϯͷνΣοΫˍRevoke͕Ͱ͖ΔAPI •
HooksͷContextualͳΤϥʔϋϯυϦϯά • ςφϯτͷ࡞ɺཧ͕Ͱ͖ΔAPI CONCIDERING
Summary • Auth0ͷϏδϣϯUXͱDXΛͱʹߴΊΔͱ͜Ζʹ͋Δ • UXͱͯ͠ɺ ϫϯΫϦοΫͰ҆શʹΞΫηεͰ͖ΔΑ͏ʹ͢Δ • DXͱͯ͠ɺγϯϓϧΛอͪɺࣗ༝ʹ֦ுͰ͖ΔΑ͏ʹ͢Δ
"VUIύʔτφʔͱͯ͠ Resell Consulting Development "84ͱͷ Έ߹ΘͤͰ ͓҆͘ܖ ೝূγεςϜͷઃܭ ߏஙࢧԉΛ௨ͯ͠ εϐʔσΟʹಋೖ
"VUIΛͬͨ ΞϓϦέʔγϣϯΛ νʔϜͰ։ൃ