Lead I Software Engineering
Share
Job Location:
Monthly Salary:
Posted on:
7 hours ago
Vacancies:
1 Vacancy
Job Summary
Job Summary
-
Buildingsecure APIsthat validate tokens (JWT verification)
-
ImplementingOAuth 2.0 flowsfor server-side apps
-
Token introspection and revocation endpoints
-
Handlingsession vs token-based authentication
-
SupportingSSO integrations(SAML/OIDC federation)
-
Knowledge ofOkta APIs(preferred but not mandatory)
-
Implement PKCE in an SPA
-
Handle universal logout across multiple apps
-
Validate tokens in an API gateway
-
Configure inbound and outbound SSO for multiple applications
Core IAM Concepts (Mandatory)
-
Authentication & Authorization protocols:
-
OIDC (OpenID Connect)- flows ID token handling
-
OAuth 2.0- grant types scopes refresh tokens
-
PKCE (Proof Key for Code Exchange)- why and how its used
-
Session Management:
-
Session creation renewal and termination
-
Handling session timeouts and re-authentication
-
Token Handling:
-
Access token vs ID token vs refresh token
-
Token validation and expiration strategies
-
Login/Logout Flows:
-
Standard login/logout
-
Universal Logout(single sign-out across apps)
-
Single Sign-On (SSO):
-
Inbound SSO- integrating external identity providers (e.g. Okta as IdP)
-
Outbound SSO- enabling apps to act as IdP for other services
-
Federation concepts (SAML OIDC)
-
Security Best Practices:
-
CSRF XSS prevention in login flows
-
Secure storage of tokens (browser vs server)
Preferred (Not Mandatory)
-
Familiarity withOkta platform(Sign-In Widget SDKs API)
-
Experience inmigration projectsfrom legacy IAM systems (e.g. SiteMinder)
Required Skills:
JavaSpring 2.0
Key Skills
- Administrative Skills
- Facilities Management
- Biotechnology
- Creative Production
- Design And Estimation
- Architecture
