Posted on

Why Developer-first IAM, and Why Okta’s Auth0 Acquisition Matters

In the article, The Next TCP/IP Moment in Identity, I discussed why the enterprises will demand developer-first IAM. As every company is becoming a software company and starting to build their competitive advantage on the software they build, the developer-first IAM will free the developers from inherent complexities in doing Identity integrations.

The announcement came yesterday on Okta’s intention to acquire Auth0 for $6.5B, which is probably 40 times the Auth0’s current revenue, which is a true validation of the push towards developer-first IAM. However, this is not Okta’s first effort towards developer-first IAM. In 2017, Okta acquired Stormpath, a company that built tools to help developers to integrate login with their apps. Stormpath soon got absorbed into the Okta platform, but yet, Okta’s selling strategy didn’t change. It was always top-down.

Posted on

The Next TCP/IP Moment in Identity

Loved reading the book Ask Your Developer: How to Harness the Power of Software Developers and Win in the 21st Century by Jeff Lawson.

Jeff says in the book that every company is on a journey to becoming a software company and everyone is starting to see the world through the lens of software. He defines the term software person. A software person is not necessarily a developer; it’s anybody who, when faced with a problem, asks the question, How can software solve this problem?

Posted on

Microservices Security in Action

The book Microservices Security in Action, which I authored with Nuwan Dias is now available to buy online from Amazon and Manning. Nuwan and I spent last 27+ months writing/re-writing the book. It was a marathon effort, but yet a great experience, and we both are very glad to see how it came out at the end! This is the story, which lead us to write the book.Microservices security in action cover

While working at WSO2 for more than a decade, we’ve seen how the integration domain evolved over time from SOAP-based services to JSON/RESTful services and then to microservices. We spent most of our early days at WSO2 contributing to the Apache Axis2 project, which was a popular SOAP engine in those days, and to the Apache Rampart project, which implements many Organization for the Advancement of Structured Information Standards (OASIS) standards for web services security.