Providing services to customers in multiple countries, we had the challenge of connecting to more than 25 different eID providers across Europe. These providers use many different kind of connections, and we needed to make one simple API for our customers working cross-border. This resulted in using OpenID Connect as the customer facing API.
The presentation will give an overview of the architecture, as well as showing the process we went through to get our current solution. I will present the challenges and lessons learned from this process.
Implementing OpenID Connect at a large enterprise in 2020 is something of a unique experience as you have to chose between some relatively established off-the-shelf solutions, some established frameworks, and even some SaaS offerings. The flexibility and openness of the OpenID Connect and OAuth specifications also gives challenges in how to adopt the standards but also gives you the ability to tailor the solution to your specific use case.
Our process is further complicated by the fact that the product already has relatively high usage: more than 25 different eID providers across Europe, more than over 1000 active customers, and we have over 1 million transactions per day.
The presentation will cover the following:
* How did we approach OpenID Connect the first time we tried?
* What lessons did we learn from this attempt and why did it fail?
* How did we then approach OpenID Connect the second time?
* What did we do?
* How did we decide on a way forward to implementation?
* What has been some challenges?
* What lessons have we learnt?
* Way forward with OpenID Connect