Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Auth0 Product Roadmap Report
Search
suwa yuki
December 10, 2019
Technology
0
940
Auth0 Product Roadmap Report
Auth0 Day 2019 Recap in Osakaのセッション「Auth0 Product Roadmap Report」のセッションスライドです。
suwa yuki
December 10, 2019
Tweet
Share
More Decks by suwa yuki
See All by suwa yuki
Auth0ハンズオンウェビナー資料
suwayuki
0
9.3k
Developers.IO CAFEの SaaS化を支えた三種の神器 - Developer Friendlyの重要性 - V2
suwayuki
0
1.8k
Web / ネイティブ / LINEアプリを まとめる技術
suwayuki
0
1.5k
LINE Loginで始めるAuth0の使い方 - 認証基盤をかんたんに構築する方法
suwayuki
1
5k
サービスを爆速で立ち上げるためのSaaSの活用
suwayuki
0
1.8k
Developers.IO CAFEの SaaS化を支えた三種の神器 - Developer Friendlyの重要性 -
suwayuki
0
400
デザイン工学科学生が ITベンチャーに就職し、トップエンジニアを目指す話
suwayuki
0
920
Auth0の認可
suwayuki
2
990
Auth0 x Stripe x CircleCI - イノベーションを起こすためのサービスの活用 -
suwayuki
0
1.2k
Other Decks in Technology
See All in Technology
Amplify Gen2 Deep Dive / バックエンドの型をいかにしてフロントエンドへ伝えるか #TSKaigi #TSKaigiKansai #AWSAmplifyJP
tacck
PRO
0
390
開発生産性を上げながらビジネスも30倍成長させてきたチームの姿
kamina_zzz
2
1.7k
OS 標準のデザインシステムを超えて - より柔軟な Flutter テーマ管理 | FlutterKaigi 2024
ronnnnn
1
290
AI前提のサービス運用ってなんだろう?
ryuichi1208
8
1.4k
Taming you application's environments
salaboy
0
200
これまでの計測・開発・デプロイ方法全部見せます! / Findy ISUCON 2024-11-14
tohutohu
3
370
CysharpのOSS群から見るModern C#の現在地
neuecc
2
3.5k
Making your applications cross-environment - OSCG 2024 NA
salaboy
0
200
Exadata Database Service on Dedicated Infrastructure(ExaDB-D) UI スクリーン・キャプチャ集
oracle4engineer
PRO
2
3.2k
AWS Lambdaと歩んだ“サーバーレス”と今後 #lambda_10years
yoshidashingo
1
180
OCI 運用監視サービス 概要
oracle4engineer
PRO
0
4.8k
OCI Network Firewall 概要
oracle4engineer
PRO
0
4.2k
Featured
See All Featured
Measuring & Analyzing Core Web Vitals
bluesmoon
4
130
Designing Dashboards & Data Visualisations in Web Apps
destraynor
229
52k
Being A Developer After 40
akosma
87
590k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
169
50k
YesSQL, Process and Tooling at Scale
rocio
169
14k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
26
1.4k
A Philosophy of Restraint
colly
203
16k
Fireside Chat
paigeccino
34
3k
The Cult of Friendly URLs
andyhume
78
6k
A designer walks into a library…
pauljervisheath
204
24k
Bash Introduction
62gerente
608
210k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
Transcript
Auth0 Product Roadmap Report 2019.12.10 Classmethod, Inc. SUWA Yuki
• Senior Specialist • Developers.IO Blogger • iOS Node.js
Vue AWS etc… ਡ๚ ༔لɹYuki Suwa Auth0 Ambassador
ˌAuth0JP
November 2019 • Martin Gontovnikas ࢯདྷ • Auth0 Day 19
ొஃ • LINE Developer Day 2019 ొஃ
ຊͷ͓ • Gontoࢯ͕ޠͬͨηογϣϯͷৼΓฦΓ • Auth0 Product RoadmapʢAuth0 Dayʣ • Identity৽͍͠ϑΝΠΞʔΥʔϧ
ʢLINE Dev Dayʣ
Auth0ͷઓུ 2013 2016 2019 ։ൃऀ ֦ுੑ ϓϥοτϑΥʔϜ
Auth0ͷߟ͑ํ • ೝূ / ೝՄͷձࣾ • IDཧ͚ͩͰͳ͘ɺ։ൃऀͷ͓ख͍͕͍ͨ͠ • ։ൃऀͷExperienceେʹ͍ͯ͠Δ
։ൃऀͷͨΊͷϓϥοτϑΥʔϜ • 2, 3ߦͰ࢝ΊΒΕΔ • ଟ͘ͷݴޠΛαϙʔτ • Web͚ͩͰͳ͘ɺσεΫτοϓɺϞόΠϧͰ͑Δ
֦ுੑͷڧԽ • RuleΛͬͯAuth0ͷػೳΛχʔζʹ߹ΘͤΒΕΔ • ྫ : ຊҎ֎ͷIPΛϒϩοΫ͢Δ • 87%ͷސ٬͕֦ு͍ͯ͠Δ •
ଞͷೝূϕϯμʔͱେ͖͘ҟͳΔ
Response Optional Redirect External Page Your Code MFA Modified Access
& ID Tokens Rules Own API Access & ID Tokens Enrich Profile Send to Intercom
Auth0ͷઓུ 2013 2016 2019 ։ൃऀ ֦ுੑ ϓϥοτϑΥʔϜ εέʔϥϏϦςΟ ৴པ &
ίϯϓϥΠΞϯε
εέʔϥϏϦςΟ • 30ԯҎ্/݄ͷϩάΠϯΛཧ • 5ϲࠃɺ5ԯ1,200ສਓͷϓϩϑΝΠϧΛཧ • 12ສͷΞϓϦέʔγϣϯʢΫϥΠΞϯτʣ
৴པͱίϯϓϥΠΞϯε 27001 SOC HIPAA 27018 PCI
Auth0ͷઓུ 2013 2016 2019 ։ൃऀ ֦ுੑ ϓϥοτϑΥʔϜ εέʔϥϏϦςΟ ৴པ &
ίϯϓϥΠΞϯε ࣍Կʁ
ϫϯΫϦοΫͰ ͋ΒΏΔΞϓϦέʔγϣϯʹ ҆શʹΞΫηεͰ͖ΔΑ͏ʹ͢Δ
ΤϯυϢʔβʔͱͯ͠ • ϩάΠϯอͨΕͭͭɺηΩϡϦςΟΛҡ࣋ͯ͠ཉ͍͠ • ղܾ͢Δखஈͱͯ͠ίϯϑΟσϯεϨϕϧͷಋೖ • ೝূͱ͍͏1ͭͷΠϕϯτʹରͯ͠Ϩϕϧ͕มΘΔ • ྫ )
ৼΓࠐΈͳͲॏཁͳΞΫγϣϯͰMFA͕ൃಈ • ܧଓతͳೝূ͕ߦΘΕΔ
None
None
ηΩϡϦςΟΤϯδχΞͱͯ͠ • Կ͕ى͖͍ͯͯɺԿΛ͙ͷ͔ΛѲ͍ͨ͠ • ⚠ Ϣʔβʔ͕10Ҏʹผͳࠃ͔ΒϩάΠϯ ɹɹ ϑΟογϯά߈ܸΛݕग़ • ⚠
ଞͷࠃͷIPΞυϨε͔ΒϩάΠϯ ɹɹ Credential Stuffing߈ܸΛݕग़
ཧऀͱͯ͠ • ৽نސ٬৭ʑͳཁٻΛ͍࣋ͬͯΔ • ྫ ) ৽͍͠πʔϧͷಋೖɺ৽͍͠ϩάΠϯํࣜͷಋೖ • அଓత /
ܧଓతʹൃੜ͢Δӡ༻ • ྫ ) σόΠεฆࣦɺAPIͷೝূใͷऔಘ • Auth0͕IFͱͳΓɺ֤IDཧऀࣗͨͪͰ࣮ࢪ͢Δ
࣮ऀͱͯ͠ • ඞཁͳݶΓγϯϓϧʹɺͦͯ͠ύϫϑϧʹ • ͱͯ؆୯ʹελʔτͰ͖Δɺγϯϓϧ͞Λอͭ • ඞཁͰ͋ΕConnection, Hook, RuleͳͲͰ֦ுͰ͖Δ
Features
ۙͰՃ͞Εͨػೳ Authentication & Authorization • Sign in with Apple •
LINE • Enterprise OIDC Connections Service Management • Log Search Filtering
ۙͰՃ͞Εͨػೳ • Explorer • શͯͷઃఆΛ ϏδϡΞϥΠζ
ۙͰՃ͞Εͨػೳ • AWS Session Tag with Auth0 as SAML Provider
• SAML Provider͔ΒSSO͢ΔࡍʹΞαʔγϣϯΛ͚Δ ͜ͱͰResourceͷTagͰABAC (Attributed-Based Access Control) Ͱ͖Δػೳ https://dev.classmethod.jp/cloud/aws/session-tag-auth0/
Coming next (Q4 to 2020) • Universal LoginͷΧελϜςΩετ • ϋογϡࡁΈύεϫʔυͷΠϯϙʔτʢ֦ுʣ
• ύεϫʔυϨεͷωΠςΟϒ/όοΫΤϯυΞϓϦͷαϙʔτ • ϦϑϨογϡτʔΫϯͷϩʔςʔγϣϯ (for ITP2 session interruptions) • On-Behalf-Of-Flowͷαϙʔτ IN PROGRESS
Coming next (Q4 to 2020) • νʔϜΞΧϯτͷμογϡϘʔυͷΞΫηείϯτ ϩʔϧ • 3rd
partyͷΑΓϦΞϧλΠϜͳϩάग़ྗ • ෆਖ਼ϩάΠϯΛܰݮ͢ΔͨΊͷ৴པείΞϦϯά IN PROGRESS
Coming next (Q4 to 2020) • MFAͷཁૉΛબ͢Δػೳ • Native FacebookϩάΠϯ
• RBACͷͨΊͷϓϩόΠμιʔε/ϗετάϧʔϓػೳ • 3rd Party APIͷΞΫηείϯτϩʔϧ PLANNED
Coming next (Q4 to 2020) • ॺ໊Ωʔϩʔςʔγϣϯ • ඇΞΫςΟϒޙͷϦϑϨογϡτʔΫϯͷߋ৽ •
ϩάͷҰ؏ੑͷվળ • Management APIͰͷHooksͷཧ PLANNED
Coming next (Q4 to 2020) • Universal Loginͷ͞ΒͳΔΧελϚΠζ • Web
AuthNͱॺ໊ΩʔͷͨΊͷMFAαϙʔτ • ConsentͷΧελϚΠζͱϩʔΧϥΠζ • ؆୯ͳΞϓϦϚΠάϨʔγϣϯ CONCIDERING
Coming next (Q4 to 2020) • Ϣʔβʔ͕ϒϩοΫ͞Εͨཧ༝ͷอ • ύεϫʔυϦηοτϑϩʔͷΧελϚΠζ •
߹ཧԽ͞ΕͨB2B SaaSͷOrganizationཧ • Credential Stuffing߈ܸ (bot attack) ͷอޢ CONCIDERING
Coming next (Q4 to 2020) • σόΠε͝ͱʹΞΫςΟϒηογϣϯΛ੍ޚ͢Δػೳ • ηογϣϯͷνΣοΫˍRevoke͕Ͱ͖ΔAPI •
HooksͷContextualͳΤϥʔϋϯυϦϯά • ςφϯτͷ࡞ɺཧ͕Ͱ͖ΔAPI CONCIDERING
Summary • Auth0ͷϏδϣϯUXͱDXΛͱʹߴΊΔͱ͜Ζʹ͋Δ • UXͱͯ͠ɺ ϫϯΫϦοΫͰ҆શʹΞΫηεͰ͖ΔΑ͏ʹ͢Δ • DXͱͯ͠ɺγϯϓϧΛอͪɺࣗ༝ʹ֦ுͰ͖ΔΑ͏ʹ͢Δ
"VUIύʔτφʔͱͯ͠ Resell Consulting Development "84ͱͷ Έ߹ΘͤͰ ͓҆͘ܖ ೝূγεςϜͷઃܭ ߏஙࢧԉΛ௨ͯ͠ εϐʔσΟʹಋೖ
"VUIΛͬͨ ΞϓϦέʔγϣϯΛ νʔϜͰ։ൃ