There is fierce competition amongst members of Ping's CTO team around who can pull in the largest audiences for the webinars we give. Well, to be precise, there is fierce competition amongst other members of the team in trying to match my audience numbers - I justÂ Â continue to set records.
But a recent Star Wars themed webinar from Pam Dingle on "SAML & OAuth enabled identity" shook me a bit from my comfortable complacency. Pam had the nerve to pull in a not insignificant audience. Even if almost all that audience were subsequently IP-tracked to a single kangaroo petting zoo in Australia, clearly I needed to step up my game accordingly and give a 'Webinar 2.0' when next my turn.
I planned accordingly:
- Research told me that 'mobile' was right up there with 'bieber' as hot search terms amongst the all-important 'teen daughters of enterprise CISOs' demographic.Â
- Knowing that these very CISO's are feeling the pressure of BYOD [bring your own device], I reasoned that SaaS providers, in a sense an extension of their enterprise customers, must also be feeling the BYOD pressure, even if indirectly. As part of BYOD is the expectation of employees to be able to interact with business applications just as they do with their personal applications, by extension, those employees will expect to interact with SaaS applications on their phone via native applications.
- While OAuth 2.0 has emerged as the default standard for authenticating native mobile applications to their APIs, there is no small amount of confusion as to how to actually implement OAuth 2.0 (e.g. how to authenticate the user, which grant type to use, how to deliver parms to the application from the browser, etc) for such clients.
The result? Like an '80s boy band, a webinar so targetted to its intended audience it could not help but set new records - one that explores the choices that SaaS providers must make in using OAuth 2.0 to secure a native mobile application. One that provides sample iOS and Android code by which a native application launches a browser to authenticate the user, obtains access tokens from an Authorization Service, uses the tokens to call a SaaS API, and then refreshes the tokens when they expire. One that doesnt so blatantly cater to IT geek culture with a Star Wars theme.
And most importantly, one that re-establishes me as the unchallenged leader in Ping Identity CTO team webinar audience numbers race.
(Ed. - Listen to Paul's webinar "Got Mobile Support." Log-in or social log-in required.)