Episode 151.75 - GluuFederation/identerati-office-hours GitHub Wiki

Title: KubeCon Live: Token Exchange Trends

• Host: Mike Schwartz, Founder/CEO Gluu
• Guest: Marc Boorshtein

Channels

• Linkedin Event
• Youtube Video

Description

Chat with Marc Boorshtein at KubeCon 25 about new trends in token exchange and his thoughts on Kubnernetes SIG Auth session:

Takeaways

• ⚡ Token Exchange helps achieve the promise of "down-scoping" tokens to achieve least privilege.
• ⚡ Transaction tokens define a new token exchange flow that can help prevent stolen tokens (see Episode 116), and prevent a swath of attacks.
• ⚡ Kubernetes is starting to build in token validation features--for example it can validate JWTs from multiple issuers, and map claims to Kubernetes entities.
• ⚡ Kubernetes Dynamic Resource Allocation (DRA) opens interesting new possibilities for runtime authorization.

Read Marc's Book

• Kubernetes – An Enterprise Guide

Livestream Audio Archive

here