youtube image
From YouTube: UAA Feature Updates and 2017 Roadmap


UAA Feature Updates and 2017 Roadmap [I] - Sree Tummidi, Pivotal

In the past year, multiple features have been introduced in UAA which have accelerated its adoption in the CF ecosystem.

OpenID Connect Enhancements:
Multiple enhancements around OpenID Connect have been introduced for UAA as an Identity Provider and Relying Party including support for discovery profile, custom user claims in id_token and /userinfo , account chooser, authentication method reference and much more.

Keys and Secrets Rotation:
At last year’s CF Summit Justin Smith introduced his vision for Cloud Native Security with three R’s( Now UAA supports canary style rotation of signing keys and OAuth clients secrets and will soon add support for rotation of SAML Keys.

Opaque Tokens:
UAA since its inception has supported JSON Web Tokens which has the advantage of offline validation. However with the the addition of stateful opaque tokens UAA now supports on-demand token revocation.

In addition to this Sree Tummidi will also provide a sneak peek of the UAA roadmap for FY 2017 with features like Multi-Factor Authentication, additional token exchange flows and fine grained authorization support.

Sree Tummidi
Staff Product Manager
San Francisco
Sree Tummidi is the Product Manager for UAA (User Account and Authentication Service) on Open Source Cloud Foundry since the past 2 .5 Years and drives the Identity and Access Management products for Pivotal. She brings in more than 12 years of experience in the security domain. Prior to joining Pivotal she held multiple Product Management & Engineering positions at CA Technologies. She holds a Masters of Business Administration from Boston University & Bachelors of Engineering in Computer Science from Jawaharlal Nehru Technological University. She has spoken at multiple sales & customer conferences about Identity & Access Management related topics and products. Most recently she spoke at Spring One Platform 2016 about UAA and Cloud Identity (link here :