AuthZEN-Compliant Authorization
Native implementation of the OpenID AuthZEN API specification
OpenID AuthZEN
Authentication has been a solved problem for some time. We have mature specifications such as SAML, OAuth 2.0, and OpenID Connect, which have given rise to many developer services that provide out-of-the-box standards-compliant authentication.
Authorization, however, has not yet had its "OIDC moment". OpenID AuthZEN aims to provide the answer.
Why OpenID?
The OpenID Foundation was founded to drive interoperability in the identity & access space. The OpenID Connect (OIDC) specification has become the ubiquitous protocol for signing into any website on the internet. It is fitting that OpenID is the home for the effort that will bring this level of interoperability to the authorization world.
How is Aserto involved?
Aserto was one of the co-proposers of the working group to the OpenID Foundation board in October 2023. We've actively participated as co-chair of the WG, co-editor of the PEP-PDP spec, and primary authors of the AuthZEN interop scenario, which was first demonstrated by 12 interoperable implementations in May 2024 at the Identiverse conference.
How can you participate?
OpenID is an open standards organization. To join the AuthZEN WG calls, you can sign an IPR agreement on the OpenID website, and join the video calls. The call-in information is posted on the AuthZEN WG page.
Resources
- OpenID AuthZEN WG page
- AuthZEN API implementer's draft
- AuthZEN interop website
- Todo Interop scenario
- Todo application
- Aserto interop results
- Topaz interop results
- Aserto AuthZEN interop deployment
- Topaz AuthZEN interop deployment
- KubeCon 2024 session video
- Identiverse 2024 AuthZEN interop read-out slides
- Identiverse 2024 AuthZEN interop read-out session audio
- Gartner IAM 2024 interop demo: