In October 2024 the IPSIE Working Group was chartered at the OpenID Foundation to develop interoperability and security profiles of existing specifications that enable secure identity management within the enterprise. Simply put, implementing identity standards is difficult due to the volume of standards and the number of options available for implementers. Common identity specifications enable capabilities that far exceed the needs of most implementations. Others are loosely specified leading to incompatible implementations. Worse, specifications can be implemented in an insecure manner. All of these issues make the work of developing interoperable, secure by default enterprise Identity Providers [IdPs] and SaaS applications/relying parties [RPs] difficult. In turn, this increases the challenge for enterprise customers to identify solutions that meet their needs and migrate to new platforms as their needs evolve over time.

In this panel session we will discuss topics including:

• How IPSIE profiles will benefit enterprise customers, IdPs, and RPs.
• Leveraging admin time, runtime, and event-based data with IPSIE to develop modern IAM architectures.
• Making sense of the standards word salad: DBSC, JSON, OAuth, OpenID Connect, SAML, SCIM, Shared Signals CAEP & RISC, WebAuthn
• The challenges of bringing IPSIE compliance to existing IdPs and applications [also known as, “SAML isn’t dead… yet”].
• Current state of the IPSIE WG and progress on profile development.
• Looking to the future: Planning an IPSIE interoperability event