Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Auth0 Product Roadmap Report
Search
suwa yuki
December 10, 2019
Technology
0
1k
Auth0 Product Roadmap Report
Auth0 Day 2019 Recap in Osakaのセッション「Auth0 Product Roadmap Report」のセッションスライドです。
suwa yuki
December 10, 2019
Tweet
Share
More Decks by suwa yuki
See All by suwa yuki
Auth0ハンズオンウェビナー資料
suwayuki
0
9.7k
Developers.IO CAFEの SaaS化を支えた三種の神器 - Developer Friendlyの重要性 - V2
suwayuki
0
1.9k
Web / ネイティブ / LINEアプリを まとめる技術
suwayuki
0
1.6k
LINE Loginで始めるAuth0の使い方 - 認証基盤をかんたんに構築する方法
suwayuki
1
5.3k
サービスを爆速で立ち上げるためのSaaSの活用
suwayuki
0
2k
Developers.IO CAFEの SaaS化を支えた三種の神器 - Developer Friendlyの重要性 -
suwayuki
0
450
デザイン工学科学生が ITベンチャーに就職し、トップエンジニアを目指す話
suwayuki
0
980
Auth0の認可
suwayuki
2
1.1k
Auth0 x Stripe x CircleCI - イノベーションを起こすためのサービスの活用 -
suwayuki
0
1.3k
Other Decks in Technology
See All in Technology
SREの次のキャリアの道しるべ 〜SREがマネジメントレイヤーに挑戦して、 気づいたこととTips〜
coconala_engineer
1
250
United airlines®️ USA Contact Numbers: Complete 2025 Support Guide
unitedflyhelp
0
330
AIエージェントが書くのなら直接CloudFormationを書かせればいいじゃないですか何故AWS CDKを使う必要があるのさ
watany
9
3.1k
freeeのアクセシビリティの現在地 / freee's Current Position on Accessibility
ymrl
2
250
成長し続けるアプリのためのテストと設計の関係、そして意思決定の記録。
sansantech
PRO
0
130
united airlines ™®️ USA Contact Numbers: Complete 2025 Support Guide
flyunitedhelp
1
440
第4回Snowflake 金融ユーザー会 Snowflake summit recap
tamaoki
1
300
PO初心者が考えた ”POらしさ”
nb_rady
0
220
ビジネス職が分析も担う事業部制組織でのデータ活用の仕組みづくり / Enabling Data Analytics in Business-Led Divisional Organizations
zaimy
1
220
さくらのIaaS基盤のモニタリングとOpenTelemetry/OSC Hokkaido 2025
fujiwara3
3
460
Delegating the chores of authenticating users to Keycloak
ahus1
0
160
Sansanのデータプロダクトマネジメントのアプローチ
sansantech
PRO
0
200
Featured
See All Featured
The Cult of Friendly URLs
andyhume
79
6.5k
What’s in a name? Adding method to the madness
productmarketing
PRO
23
3.5k
BBQ
matthewcrist
89
9.7k
The Pragmatic Product Professional
lauravandoore
35
6.7k
What's in a price? How to price your products and services
michaelherold
246
12k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
357
30k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
138
34k
GraphQLとの向き合い方2022年版
quramy
49
14k
How to Think Like a Performance Engineer
csswizardry
25
1.7k
Why You Should Never Use an ORM
jnunemaker
PRO
58
9.4k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
18
980
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
8
830
Transcript
Auth0 Product Roadmap Report 2019.12.10 Classmethod, Inc. SUWA Yuki
• Senior Specialist • Developers.IO Blogger • iOS Node.js
Vue AWS etc… ਡ๚ ༔لɹYuki Suwa Auth0 Ambassador
ˌAuth0JP
November 2019 • Martin Gontovnikas ࢯདྷ • Auth0 Day 19
ొஃ • LINE Developer Day 2019 ొஃ
ຊͷ͓ • Gontoࢯ͕ޠͬͨηογϣϯͷৼΓฦΓ • Auth0 Product RoadmapʢAuth0 Dayʣ • Identity৽͍͠ϑΝΠΞʔΥʔϧ
ʢLINE Dev Dayʣ
Auth0ͷઓུ 2013 2016 2019 ։ൃऀ ֦ுੑ ϓϥοτϑΥʔϜ
Auth0ͷߟ͑ํ • ೝূ / ೝՄͷձࣾ • IDཧ͚ͩͰͳ͘ɺ։ൃऀͷ͓ख͍͕͍ͨ͠ • ։ൃऀͷExperienceେʹ͍ͯ͠Δ
։ൃऀͷͨΊͷϓϥοτϑΥʔϜ • 2, 3ߦͰ࢝ΊΒΕΔ • ଟ͘ͷݴޠΛαϙʔτ • Web͚ͩͰͳ͘ɺσεΫτοϓɺϞόΠϧͰ͑Δ
֦ுੑͷڧԽ • RuleΛͬͯAuth0ͷػೳΛχʔζʹ߹ΘͤΒΕΔ • ྫ : ຊҎ֎ͷIPΛϒϩοΫ͢Δ • 87%ͷސ٬͕֦ு͍ͯ͠Δ •
ଞͷೝূϕϯμʔͱେ͖͘ҟͳΔ
Response Optional Redirect External Page Your Code MFA Modified Access
& ID Tokens Rules Own API Access & ID Tokens Enrich Profile Send to Intercom
Auth0ͷઓུ 2013 2016 2019 ։ൃऀ ֦ுੑ ϓϥοτϑΥʔϜ εέʔϥϏϦςΟ ৴པ &
ίϯϓϥΠΞϯε
εέʔϥϏϦςΟ • 30ԯҎ্/݄ͷϩάΠϯΛཧ • 5ϲࠃɺ5ԯ1,200ສਓͷϓϩϑΝΠϧΛཧ • 12ສͷΞϓϦέʔγϣϯʢΫϥΠΞϯτʣ
৴པͱίϯϓϥΠΞϯε 27001 SOC HIPAA 27018 PCI
Auth0ͷઓུ 2013 2016 2019 ։ൃऀ ֦ுੑ ϓϥοτϑΥʔϜ εέʔϥϏϦςΟ ৴པ &
ίϯϓϥΠΞϯε ࣍Կʁ
ϫϯΫϦοΫͰ ͋ΒΏΔΞϓϦέʔγϣϯʹ ҆શʹΞΫηεͰ͖ΔΑ͏ʹ͢Δ
ΤϯυϢʔβʔͱͯ͠ • ϩάΠϯอͨΕͭͭɺηΩϡϦςΟΛҡ࣋ͯ͠ཉ͍͠ • ղܾ͢Δखஈͱͯ͠ίϯϑΟσϯεϨϕϧͷಋೖ • ೝূͱ͍͏1ͭͷΠϕϯτʹରͯ͠Ϩϕϧ͕มΘΔ • ྫ )
ৼΓࠐΈͳͲॏཁͳΞΫγϣϯͰMFA͕ൃಈ • ܧଓతͳೝূ͕ߦΘΕΔ
None
None
ηΩϡϦςΟΤϯδχΞͱͯ͠ • Կ͕ى͖͍ͯͯɺԿΛ͙ͷ͔ΛѲ͍ͨ͠ • ⚠ Ϣʔβʔ͕10Ҏʹผͳࠃ͔ΒϩάΠϯ ɹɹ ϑΟογϯά߈ܸΛݕग़ • ⚠
ଞͷࠃͷIPΞυϨε͔ΒϩάΠϯ ɹɹ Credential Stuffing߈ܸΛݕग़
ཧऀͱͯ͠ • ৽نސ٬৭ʑͳཁٻΛ͍࣋ͬͯΔ • ྫ ) ৽͍͠πʔϧͷಋೖɺ৽͍͠ϩάΠϯํࣜͷಋೖ • அଓత /
ܧଓతʹൃੜ͢Δӡ༻ • ྫ ) σόΠεฆࣦɺAPIͷೝূใͷऔಘ • Auth0͕IFͱͳΓɺ֤IDཧऀࣗͨͪͰ࣮ࢪ͢Δ
࣮ऀͱͯ͠ • ඞཁͳݶΓγϯϓϧʹɺͦͯ͠ύϫϑϧʹ • ͱͯ؆୯ʹελʔτͰ͖Δɺγϯϓϧ͞Λอͭ • ඞཁͰ͋ΕConnection, Hook, RuleͳͲͰ֦ுͰ͖Δ
Features
ۙͰՃ͞Εͨػೳ Authentication & Authorization • Sign in with Apple •
LINE • Enterprise OIDC Connections Service Management • Log Search Filtering
ۙͰՃ͞Εͨػೳ • Explorer • શͯͷઃఆΛ ϏδϡΞϥΠζ
ۙͰՃ͞Εͨػೳ • AWS Session Tag with Auth0 as SAML Provider
• SAML Provider͔ΒSSO͢ΔࡍʹΞαʔγϣϯΛ͚Δ ͜ͱͰResourceͷTagͰABAC (Attributed-Based Access Control) Ͱ͖Δػೳ https://dev.classmethod.jp/cloud/aws/session-tag-auth0/
Coming next (Q4 to 2020) • Universal LoginͷΧελϜςΩετ • ϋογϡࡁΈύεϫʔυͷΠϯϙʔτʢ֦ுʣ
• ύεϫʔυϨεͷωΠςΟϒ/όοΫΤϯυΞϓϦͷαϙʔτ • ϦϑϨογϡτʔΫϯͷϩʔςʔγϣϯ (for ITP2 session interruptions) • On-Behalf-Of-Flowͷαϙʔτ IN PROGRESS
Coming next (Q4 to 2020) • νʔϜΞΧϯτͷμογϡϘʔυͷΞΫηείϯτ ϩʔϧ • 3rd
partyͷΑΓϦΞϧλΠϜͳϩάग़ྗ • ෆਖ਼ϩάΠϯΛܰݮ͢ΔͨΊͷ৴པείΞϦϯά IN PROGRESS
Coming next (Q4 to 2020) • MFAͷཁૉΛબ͢Δػೳ • Native FacebookϩάΠϯ
• RBACͷͨΊͷϓϩόΠμιʔε/ϗετάϧʔϓػೳ • 3rd Party APIͷΞΫηείϯτϩʔϧ PLANNED
Coming next (Q4 to 2020) • ॺ໊Ωʔϩʔςʔγϣϯ • ඇΞΫςΟϒޙͷϦϑϨογϡτʔΫϯͷߋ৽ •
ϩάͷҰ؏ੑͷվળ • Management APIͰͷHooksͷཧ PLANNED
Coming next (Q4 to 2020) • Universal Loginͷ͞ΒͳΔΧελϚΠζ • Web
AuthNͱॺ໊ΩʔͷͨΊͷMFAαϙʔτ • ConsentͷΧελϚΠζͱϩʔΧϥΠζ • ؆୯ͳΞϓϦϚΠάϨʔγϣϯ CONCIDERING
Coming next (Q4 to 2020) • Ϣʔβʔ͕ϒϩοΫ͞Εͨཧ༝ͷอ • ύεϫʔυϦηοτϑϩʔͷΧελϚΠζ •
߹ཧԽ͞ΕͨB2B SaaSͷOrganizationཧ • Credential Stuffing߈ܸ (bot attack) ͷอޢ CONCIDERING
Coming next (Q4 to 2020) • σόΠε͝ͱʹΞΫςΟϒηογϣϯΛ੍ޚ͢Δػೳ • ηογϣϯͷνΣοΫˍRevoke͕Ͱ͖ΔAPI •
HooksͷContextualͳΤϥʔϋϯυϦϯά • ςφϯτͷ࡞ɺཧ͕Ͱ͖ΔAPI CONCIDERING
Summary • Auth0ͷϏδϣϯUXͱDXΛͱʹߴΊΔͱ͜Ζʹ͋Δ • UXͱͯ͠ɺ ϫϯΫϦοΫͰ҆શʹΞΫηεͰ͖ΔΑ͏ʹ͢Δ • DXͱͯ͠ɺγϯϓϧΛอͪɺࣗ༝ʹ֦ுͰ͖ΔΑ͏ʹ͢Δ
"VUIύʔτφʔͱͯ͠ Resell Consulting Development "84ͱͷ Έ߹ΘͤͰ ͓҆͘ܖ ೝূγεςϜͷઃܭ ߏஙࢧԉΛ௨ͯ͠ εϐʔσΟʹಋೖ
"VUIΛͬͨ ΞϓϦέʔγϣϯΛ νʔϜͰ։ൃ