Participation/Projects/Identity Access Management
Identity and Access Management (IAM)
Vetting and implementing a new authentication solution as a replacement to existing EOL one (auth0 replacing persona and OKTA). Combining identity data from LDAP and mozillians.org in a unified system. Amend info using Workday data. Creating self-serving IAM functionality (groups, automations etc) for all users.
Update and unify IAM properties across Mozilla, with a focus on equally serving employees and volunteers
Alignment With Mozilla Goals
Mozilla becomes a radically participatory organization
Fragmentation of identity and authentication across Mozilla was detrimental to metrics, management and UX of users. A combined unified approach that holds all users equal (employees and volunteers) alleviates lot’s of participation and inclusion pain points.
Have a single source of truth about identity across core Mozilla properties, and give users self-serving functionalities for IAM tasks
- 28th Sept- Sign Auth0 contract
- 14th Oct - Underlying code pieces in place for auth0 transition
- 21st Oct - Mozillians.org implements Auth0
- 28th Oct - Rest of participation properties roll over to auth0
- 14th Nov - Data flows from Workday to mozillians.org
- 28th Nov - LDAP and mozillians.org work as one system
- End of year - All core IAM functionality is implemented in the new system (password management, 2FA, ssh keys etc)
- Pierros Papadeas,
- Henrik Mitsch
- the Development team
Link to key resources/strategy
List by heartbeat i.e.:
Work To Date
List any finished work, decisions, report-backs, metrics etc to show progress.
How to get involved
- [Join our Gitter Channel/Discourse Topic and say hi]