About This Talk
One of the main challenges facing e-government initiatives is to safely perform an accessible authentication of users as citizens, that can provide both public and private entities with the necessary personal and security information in an open and standard fashion to enable more digital interactions.
After consideration of existing alternatives, the national Uruguayan government opted to build its own single-sign-on and in the pursuit of flexibility, security and support for different protocols and integrations, trusting us and Django to do it.
While creating this product and in the still ongoing work, some interesting challenges were tackled, such as support for OpenId Connect and SAML, the introduction of unusual auth factors such as digital signature services and a strict security-by-design approach while developing.
As we go through the technical cornerstones of the project, we will show how it became a case study for both tech and business folks, as the framework successfully delivered on its promises making possible an agile, fast paced construction of a state of the art solution that is versatile, scalable and has become the backbone for authenticating an entire nation.