Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Auth0 Product Roadmap Report

suwa yuki
December 10, 2019

Auth0 Product Roadmap Report

Auth0 Day 2019 Recap in Osakaのセッション「Auth0 Product Roadmap Report」のセッションスライドです。

suwa yuki

December 10, 2019
Tweet

More Decks by suwa yuki

Other Decks in Technology

Transcript

  1. Auth0 Product Roadmap Report 2019.12.10 Classmethod, Inc. SUWA Yuki

  2. • Senior Specialist • Developers.IO Blogger • iOS  Node.js

     Vue  AWS  etc… ਡ๚ ༔لɹYuki Suwa Auth0 Ambassador
  3. ˌAuth0JP

  4. November 2019 • Martin Gontovnikas ࢯདྷ೔ • Auth0 Day 19

    ొஃ • LINE Developer Day 2019 ొஃ
  5. ຊ೔ͷ͓࿩ • Gontoࢯ͕ޠͬͨηογϣϯͷৼΓฦΓ • Auth0 Product RoadmapʢAuth0 Dayʣ • Identity͸৽͍͠ϑΝΠΞʔ΢Υʔϧ

    ʢLINE Dev Dayʣ
  6. Auth0ͷઓུ 2013 2016 2019 ։ൃऀ ֦ுੑ ϓϥοτϑΥʔϜ

  7. Auth0ͷߟ͑ํ • ೝূ / ೝՄͷձࣾ • ID؅ཧ͚ͩͰ͸ͳ͘ɺ։ൃऀͷ͓ख఻͍͕͍ͨ͠ • ։ൃऀͷExperience΋େ੾ʹ͍ͯ͠Δ

  8. ։ൃऀͷͨΊͷϓϥοτϑΥʔϜ • 2, 3ߦͰ࢝ΊΒΕΔ • ਺ଟ͘ͷݴޠΛαϙʔτ • Web͚ͩͰ͸ͳ͘ɺσεΫτοϓɺϞόΠϧͰ΋࢖͑Δ

  9. ֦ுੑͷڧԽ • RuleΛ࢖ͬͯAuth0ͷػೳΛχʔζʹ߹ΘͤΒΕΔ • ྫ : ೔ຊҎ֎ͷIPΛϒϩοΫ͢Δ • 87%ͷސ٬͕֦ு͍ͯ͠Δ •

    ଞͷೝূϕϯμʔͱେ͖͘ҟͳΔ఺
  10. Response Optional Redirect External Page Your Code MFA Modified Access


    & ID Tokens Rules Own
 API Access & ID
 Tokens Enrich
 Profile Send to Intercom
  11. Auth0ͷઓུ 2013 2016 2019 ։ൃऀ ֦ுੑ ϓϥοτϑΥʔϜ εέʔϥϏϦςΟ ৴པ &

    ίϯϓϥΠΞϯε
  12. εέʔϥϏϦςΟ • 30ԯҎ্/݄ͷϩάΠϯΛ؅ཧ • 5ϲࠃɺ5ԯ1,200ສਓͷϓϩϑΝΠϧΛ؅ཧ • 12ສ΋ͷΞϓϦέʔγϣϯʢΫϥΠΞϯτʣ

  13. ৴པͱίϯϓϥΠΞϯε 27001 SOC HIPAA 27018 PCI

  14. Auth0ͷઓུ 2013 2016 2019 ։ൃऀ ֦ுੑ ϓϥοτϑΥʔϜ εέʔϥϏϦςΟ ৴པ &

    ίϯϓϥΠΞϯε ࣍͸Կʁ
  15. ϫϯΫϦοΫͰ
 ͋ΒΏΔΞϓϦέʔγϣϯʹ
 ҆શʹΞΫηεͰ͖ΔΑ͏ʹ͢Δ

  16. ΤϯυϢʔβʔͱͯ͠ • ϩάΠϯ͸อͨΕͭͭɺηΩϡϦςΟΛҡ࣋ͯ͠ཉ͍͠ • ղܾ͢Δखஈͱͯ͠ίϯϑΟσϯεϨϕϧͷಋೖ • ೝূͱ͍͏1ͭͷΠϕϯτʹରͯ͠Ϩϕϧ͕มΘΔ • ྫ )

    ৼΓࠐΈͳͲॏཁͳΞΫγϣϯͰMFA͕ൃಈ • ܧଓతͳೝূ͕ߦΘΕΔ
  17. None
  18. None
  19. ηΩϡϦςΟΤϯδχΞͱͯ͠ • Կ͕ى͖͍ͯͯɺԿΛ๷͙ͷ͔Λ೺Ѳ͍ͨ͠ • ⚠ Ϣʔβʔ͕10෼Ҏ಺ʹผͳࠃ͔ΒϩάΠϯ
 ɹɹ ϑΟογϯά߈ܸΛݕग़ • ⚠

    ଞͷࠃͷIPΞυϨε͔ΒϩάΠϯ
 ɹɹ Credential Stuffing߈ܸΛݕग़
  20. ؅ཧऀͱͯ͠ • ৽نސ٬͸৭ʑͳཁٻΛ͍࣋ͬͯΔ • ྫ ) ৽͍͠πʔϧͷಋೖɺ৽͍͠ϩάΠϯํࣜͷಋೖ • அଓత /

    ܧଓతʹൃੜ͢Δӡ༻ • ྫ ) σόΠεฆࣦɺAPIͷೝূ৘ใͷऔಘ • Auth0͕IFͱͳΓɺ֤ID؅ཧऀ͸ࣗ෼ͨͪͰ࣮ࢪ͢Δ
  21. ࣮૷ऀͱͯ͠ • ඞཁͳݶΓγϯϓϧʹɺͦͯ͠ύϫϑϧʹ • ͱͯ΋؆୯ʹελʔτͰ͖Δɺγϯϓϧ͞Λอͭ • ඞཁͰ͋Ε͹Connection, Hook, RuleͳͲͰ֦ுͰ͖Δ

  22. Features

  23. ௚ۙͰ௥Ճ͞Εͨػೳ Authentication & Authorization • Sign in with Apple •

    LINE • Enterprise OIDC Connections Service Management • Log Search Filtering
  24. ௚ۙͰ௥Ճ͞Εͨػೳ • Explorer • શͯͷઃఆΛ
 ϏδϡΞϥΠζ

  25. ௚ۙͰ௥Ճ͞Εͨػೳ • AWS Session Tag with Auth0 as SAML Provider

    • SAML Provider͔ΒSSO͢ΔࡍʹΞαʔγϣϯΛ෇͚Δ ͜ͱͰResourceͷTagͰABAC (Attributed-Based Access Control) Ͱ͖Δػೳ https://dev.classmethod.jp/cloud/aws/session-tag-auth0/
  26. Coming next (Q4 to 2020) • Universal LoginͷΧελϜςΩετ • ϋογϡࡁΈύεϫʔυͷΠϯϙʔτʢ֦ுʣ

    • ύεϫʔυϨεͷωΠςΟϒ/όοΫΤϯυΞϓϦͷαϙʔτ • ϦϑϨογϡτʔΫϯͷϩʔςʔγϣϯ (for ITP2 session interruptions) • On-Behalf-Of-Flowͷαϙʔτ IN PROGRESS
  27. Coming next (Q4 to 2020) • νʔϜΞΧ΢ϯτͷμογϡϘʔυ΁ͷΞΫηείϯτ ϩʔϧ • 3rd

    party΁ͷΑΓϦΞϧλΠϜͳϩάग़ྗ • ෆਖ਼ϩάΠϯΛܰݮ͢ΔͨΊͷ৴པ౓είΞϦϯά IN PROGRESS
  28. Coming next (Q4 to 2020) • MFAͷཁૉΛબ୒͢Δػೳ • Native FacebookϩάΠϯ

    • RBACͷͨΊͷϓϩόΠμιʔε/ϗετάϧʔϓػೳ • 3rd Party APIͷΞΫηείϯτϩʔϧ PLANNED
  29. Coming next (Q4 to 2020) • ॺ໊Ωʔϩʔςʔγϣϯ • ඇΞΫςΟϒޙͷϦϑϨογϡτʔΫϯͷߋ৽ •

    ϩάͷҰ؏ੑͷվળ • Management APIͰͷHooksͷ؅ཧ PLANNED
  30. Coming next (Q4 to 2020) • Universal Loginͷ͞ΒͳΔΧελϚΠζ • Web

    AuthNͱॺ໊ΩʔͷͨΊͷMFAαϙʔτ • ConsentͷΧελϚΠζͱϩʔΧϥΠζ • ؆୯ͳΞϓϦϚΠάϨʔγϣϯ CONCIDERING
  31. Coming next (Q4 to 2020) • Ϣʔβʔ͕ϒϩοΫ͞Εͨཧ༝ͷอ؅ • ύεϫʔυϦηοτϑϩʔͷΧελϚΠζ •

    ߹ཧԽ͞ΕͨB2B SaaSͷOrganization؅ཧ • Credential Stuffing߈ܸ (bot attack) ͷอޢ CONCIDERING
  32. Coming next (Q4 to 2020) • σόΠε͝ͱʹΞΫςΟϒηογϣϯΛ੍ޚ͢Δػೳ • ηογϣϯͷνΣοΫˍRevoke͕Ͱ͖ΔAPI •

    HooksͷContextualͳΤϥʔϋϯυϦϯά • ςφϯτͷ࡞੒ɺ؅ཧ͕Ͱ͖ΔAPI CONCIDERING
  33. Summary • Auth0ͷϏδϣϯ͸UXͱDXΛͱ΋ʹߴΊΔͱ͜Ζʹ͋Δ • UXͱͯ͠ɺ ϫϯΫϦοΫͰ҆શʹΞΫηεͰ͖ΔΑ͏ʹ͢Δ • DXͱͯ͠ɺγϯϓϧΛอͪɺࣗ༝ʹ֦ுͰ͖ΔΑ͏ʹ͢Δ

  34. "VUIύʔτφʔͱͯ͠ Resell Consulting Development "84ͱͷ
 ૊Έ߹ΘͤͰ
 ͓҆͘ܖ໿ ೝূγεςϜͷઃܭ΍
 ߏஙࢧԉΛ௨ͯ͠
 εϐʔσΟʹಋೖ

    "VUIΛ࢖ͬͨ
 ΞϓϦέʔγϣϯΛ
 νʔϜͰ։ൃ