Today, the authorization world is fractured - each vendor supports its own APIs & protocols. But this is quickly changing.
AuthZEN, a new OpenID Foundation working group, was created in late 2023 to establish much-needed authorization standards. OIDF is the home of OpenID Connect, the most ubiquitous interoperability standard for federated login, and that’s where we’re setting our sights.
With AuthZEN, IAM teams can confidently externalize and standardize authorization across their application estate without being locked in to a proprietary API.
In this talk, the AuthZEN WG co-chairs will describe the current state of modern authorization, including the policy-as-code and policy-as-data approaches. We'll also share the progress we’ve made on AuthZEN 1.0 since our first interop event at Identiverse 2024, and show a demo of 15 interoperable implementations.
Finally, we'll discuss our goals for 2025 for a Final Specification, and solicit feedback on which additional areas we should focus on.
