2015 identity summit - openam: friends with benefits
TRANSCRIPT
EUROPE’S LEADING ONLINE FASHION PLATFORM
15 countries3 fulfillment centers16+ million active customers2.2+ billion € revenue 2014130+ million visits per month9.000+ employees
Visit us: tech.zalando.com
DataCenter IGütersloh, Germany
DataCenter IIBerlin, Germany
DataCenter IIIBerlin, Germany
APP 1
APP 2
APP 3
APP 4
APP 5
APP 6
APP 1
APP 2
APP 3
APP 4
APP 5
APP 6
APP 1
APP 2
APP 3
APP 4FW FW
GLOBAL TRAFFIC MANAGEMENT
October
900+Apps
800+ Tech employees
Unified IdentityBeing in control of account, data and access regardless of its source
Unified PasswordOne password only to manage all accounts
Unified FlowsAbility to authenticate and authorize reliably for any identity
Unified cohesive architectureKnow you can trust an identity, without being aware of the protocol
Vision
THE PATH TO AWS
One AWS account per teamsecured via SSL and OAuth 2.0
Deployment based on Docker
Usage of REST + OAuth is mandatory
Bye Monolith, hello Microservices
Project Goals
API’s
Project Goals
Services
API’s
Project Goals
Services
API’s
Roles
Employee
Project Goals
Services
API’s
Roles
Partner/Brands
Employee
Project Goals
Services
API’s
Roles
Partner/BrandsCustomers
Employee
Ah no wait, we don’t need magic, We just need a Unicorn!
Shop rebuilt!Microservices now! protected with OAuth2!
But what if…
❖OpenAM needs to be updated?❖… changes its interface❖… or just doesn’t suit us
anymore?
We need an abstraction layer!
OpenAM
Customer facing
application
OpenDJ“Customer”