|Cute picture of RESTing lion |
The client, permission granted, can then in turn update or create a new object in the same way, by sending a new JSON object via a PUT or POST request.
What's This Got To Do With IAM?
Identity management has often been thought of as an enterprise or organizational problem, focussing on the the creation and management of company email, mainframe and ERP system accounts. This process then brought all the complexity of business workflow definition, compliance, audit, system integration and so on. Access management on the other hand, has often been focused on single-sign-on, basic authorization and web protection. IAM today is a much more complex and far reaching beast.
Organizations are reaching out into the cloud for services, API's and applications. Service providers and applications are becoming identity providers in their own right, reaching back out to consumers and businesses alike. For once, identity management is on the tip of the tongue of the most tech-avoiding consumers, concerned with privacy, their online-identities and how they can be managed and consumed.
A RESTful Future
These new approaches to identity and access management require rapid integration, developer adoption and engine-like API's that can perform in an agile, scalable and secure fashion. Identity and access management services for consumers, such as being able to login with their Facebook or Twitter account using OAuth or OAuth2 without having to create and manage multiple passwords for the other sites they interact with, not only increases user convenience. It also puts pressure on business security strategies as they can struggle to cope with the ability for employees to bring-their-own-identity to many of the now popular business services such as Webex, Dropbox, Salesforce and the like.
As identity management is no longer solely concerned with siloed, business unit or organisational boundaries and looking more to being fully connected, integrated and focused on consumerization, developer adoption has never been more important. Security in general, has never been a high priority for application builders, who are more centred on features and end usability.
Identity and access management is making a big change to that area with many access management systems being easy to externalize from application logic using RESTful integration.
By Simon Moffatt
 - Image attribute Stock.Xchng http://www.sxc.hu/profile.big_foot