Participation/Projects/Identity Access Management: Difference between revisions

Home | Community Gatherings | Projects

Project Name:

Identity and Access Management (IAM)

Description:

Vetting and implementing a new authentication solution as a replacement to existing EOL one (auth0 replacing persona and OKTA). Combining identity data from LDAP and mozillians.org in a unified system. Amend info using Workday data. Creating self-serving IAM functionality (groups, automations etc) for all users.

Objective:

Update and unify IAM properties across Mozilla, with a focus on equally serving employees and volunteers

Alignment With Mozilla Goals

Mozilla becomes a radically participatory organization

Why

Fragmentation of identity and authentication across Mozilla was detrimental to metrics, management and UX of users. A combined unified approach that holds all users equal (employees and volunteers) alleviates lot’s of participation and inclusion pain points.

Success:

Have a single source of truth about identity across core Mozilla properties, and give users self-serving functionalities for IAM tasks

Timeline

• 28th Sept- Sign Auth0 contract
• 14th Oct - Underlying code pieces in place for auth0 transition
• 21st Oct - Mozillians.org implements Auth0
• 28th Oct - Rest of participation properties roll over to auth0
• 14th Nov - Data flows from Workday to mozillians.org
• 28th Nov - LDAP and mozillians.org work as one system
• End of year - All core IAM functionality is implemented in the new system (password management, 2FA, ssh keys etc)

Team

• Pierros Papadeas,
• Henrik Mitsch
• the Development team

Internal Stakeholders

Resources

• Parsys Wiki
• Presentation

Link to key resources/strategy

Meetings

Roadmap

Github Issue(s)

List by heartbeat i.e.:

Work To Date

List any finished work, decisions, report-backs, metrics etc to show progress.

How to get involved

• [Join our Gitter Channel/Discourse Topic and say hi]