Dec 6–8, 2022San Francisco


VMware Tanzu AppSSO: Building a K8s-Native SSO Experience, Powered by Spring

Track: Platforms and Stacks

Identity management is hard. Enterprise IT requirements are thorough—but complex to implement in practice. How can dev teams comply without having to understand multiple identity protocols, filing many tickets to obtain access, in a nutshell—with minimal friction?

Platform ops understand the nitty-gritty details of identity management and the enterprise requirements around those. The Spring ecosystem is perfect for building a secure, robust, and extendable Auth Server, without exposing its complications.

App developers, on the other hand, want SSO to work out of the box, with the simplest possible API—a single K8s custom resource.

In this talk, you’ll learn how we composed a federated Identity Provider using Spring Authorization Server, the challenges we faced to make the dev experience K8s native, and the detours we took in the Go world—using best of both worlds.