The AuthZEN Working Group shares highlights from Gartner IAM London, including what practitioners' questions revealed about enterprise readiness.

Gartner IAM London in earlier this month brought together enterprise IAM practitioners, analysts, and standards bodies. For the OpenID Foundation's AuthZEN Working Group, it was a revealing few days. Co-chairs Atul Tulshibagwale, Alex Olivier, and David Brossard attended and participated in two sessions, each of which drew strong audiences and pointed to the same conclusion…authorization is firmly on the enterprise agenda.

The first session, delivered by Atul Tulshibagwale alongside Gartner analyst Erik Wahlström, examined how identity standards help enterprises build future proof IAM architectures. The conversation reinforced a theme that echoed throughout the event. Standards are no longer a nice-to-have. They are the connective tissue that holds an identity fabric together.

The second session, delivered by Alex Olivier (read more from Alex here) and David Brossard (read more from David here) alongside Gartner analyst Homan Farahmand, put AuthZEN front and centre. The working group gave an update on the specification and a demonstration of the latest interoperability results. What struck the team most was the change in the room. A year ago, the questions were "what is this?" This time, they were "how do I implement this?" It is a meaningful change. Practitioners are no longer weighing up whether AuthZEN is worth attention. They are working out how to put it into production.

The standard's presence at the event went beyond those two sessions. Three independent Gartner analysts, across three separate sessions, referenced AuthZEN unprompted. This is a clear sign that the analyst community sees AuthZEN as a standard worth watching.

The conversations around authorization also reflected a broader urgency. Attendees were asking questions along the lines of: "How do we do authorization for agents when we haven't even finished doing it properly for humans?" It captures a tension that many enterprise teams will recognise. This is why externalized, standardized authorization is not just good practice.

AuthZEN Working Group Co-Chair David Brossard said: "The conversations at Gartner IAM London confirmed what we have been seeing for some time. Enterprises are ready to move on authorization, and AuthZEN gives them the standard to do it on."

About the OpenID Foundation

The OpenID Foundation (OIDF) is a global open standards body committed to helping people assert their identity wherever they choose. Founded in 2007, we are a community of technical experts leading the creation of open identity standards that are secure, interoperable, and privacy preserving. The Foundation’s OpenID Connect standard is now used by billions of people across millions of applications. In the last five years, OAuth2 - the FAPI standard for interoperable, high security - has become the standard of choice for Open Banking and Open Data implementations, allowing people to access and share data across entities. Today, the OpenID Foundation’s standards are the connective tissue that enable people to assert their identity and access their data at scale, the scale of the internet, enabling “networks of networks” to interoperate globally. Individuals, companies, governments and non-profits are encouraged to join or participate. Find out more at openid.net.

To learn more about conformance testing and self-certification, please visit the OpenID Foundation’s FAQ section.