Skip to content
View embesozzi's full-sized avatar
✍️
✍️

Organizations

@twogenidentity

Block or report embesozzi

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
embesozzi/README.md

Martin Besozzi

AI Security Architect · IAM Architect · CTO · Founder

Digital Identity · Authentication · AI · Authorization · Identity Standards · OSS

LinkedIn Blog Twitter Gmail

Important

Looking for the latest research and technical deep dives?

All articles, conference slides, and research papers listed below have been migrated to the new centralized repository.

👉 Martin Besozzi's Technical Articles, Research & Insights

Technical Reference Index

The archives below are preserved as a convenience for direct access to original platform announcements and original project previews.

Agentic AI Security, Agents & MCP
Resource Scope / Type Core Architecture Context
Agent Native Intent Authorization for Agentic Profiles (ANIA-AP) Architecture Framework Zero trust cryptographic proof of intent at agent runtime
Agent Native Authorization (ANA) Architecture Framework Agent Native Authorization with Human in the Loop
Passkeys JIT Authorization for AI Agents LinkedIn Announcement Native authorization framework implementation
JIT Authorization for CLI AI Agents LinkedIn Post Claude Code and GitHub Copilot CLI native OAuth experiences
AuthZEN MCP Gateway LinkedIn Post Context aware authorization and FGA live demonstration
First Secure Keycloak MCP App LinkedIn Post Application protection following zero trust principles
Agentic AI Platform for Enterprise IAM Medium Article Secure agent driven governance architecture via Keycloak MCP
Keycloak MCP Server LinkedIn Post Managing Keycloak infrastructure using LLMs and natural language
MidPoint MCP Server LinkedIn Post Identity Governance and Administration management via AI agents
Speaking & Publishing
Resource Scope / Type Core Architecture Context
Authenticate 2025 — FIDO Alliance Conference Talk Native Authentication and Passkeys for Apps and Agents
KeyConf25 Conference Presentation Agentic AI for Enterprise IAM
KeyDev25 Conference Talk Mastering Access Control: Low Code Authorization with ReBAC
Cloudland 2025 Conference Talk Addressing Modern Authorization Challenges through Open Standards
KeyConf24 Conference Presentation Enhancing User Experience with Native Authentication in Keycloak
Keycloak for Modern Applications, 2nd Edition Technical Reviewer Focus areas included OIDC, OAuth 2.0, and application security
TwoGenIdentity Blog Archive Collected company articles on IAM and identity standards
Standards & IETF
Resource Scope / Type Core Architecture Context
OAuth 2.0 Agents Native Authorization IETF Draft Draft specification for authorization via structured elicitation
Authentication, Passkeys & Verifiable Credentials
Resource Scope / Type Core Architecture Context
Passkeys 360 Product Launch Unified surface security framework for applications and agents
Deep Dive: Native Auth & Passkeys in Keycloak Medium Deep Dive Comprehensive architectural review of native implementations
Passwordless Experience & Autofill (Conditional UI) Technical Workshop Step up authentication workflows with biometrics
Step-Up Authentication Challenge Protocol (RFC 9470) Technical Workshop Protocol implementation mechanics
Step-Up and MFA for Web Apps and APIs Medium Article Core security patterns and API enforcement
Microsoft Verifiable Credentials Workshop Code Repository Practical interoperability patterns for managing identity claims
Authorization
Resource Scope / Type Core Architecture Context
OpenID AuthZEN for API/AI Gateway LinkedIn Announcement Implementing standardized AuthZEN Policy Enforcement Points
Mastering Access Control Medium Article Low code authorization relying on ReBAC and decoupling patterns
Keycloak Integration with OpenFGA Medium Article Fine Grained Authorization at scale utilizing Google Zanzibar concepts
Building Scalable Multi-Tenancy Auth Medium Article Unified architectural approach combining Keycloak, OpenFGA, and Apache APISIX

Pinned Loading

  1. keycloak-openfga-workshop keycloak-openfga-workshop Public

    Keycloak integration with OpenFGA (based on Zanzibar) for Fine-Grained Authorization at Scale (ReBAC)

    JavaScript 139 32

  2. twogenidentity/microsoft-verifiable-credentials-workshop twogenidentity/microsoft-verifiable-credentials-workshop Public

    Interoperability Workshop Microsoft Verifiable Credentials for Identity Claims

    HTML 15 6

  3. keycloak-workshop-stepup-mfa-biometrics keycloak-workshop-stepup-mfa-biometrics Public

    Keycloak Workshop for Step Up with MFA Biometrics Authentication (Passkeys) and Passwordless experience with Passkeys

    JavaScript 58 17

  4. keycloak-openfga-event-publisher keycloak-openfga-event-publisher Public

    Keycloak OpenFGA Event Publisher enables event integration between Keycloak and OpenFGA for Fine-Grained Authorization (FGA) using the OpenFGA SDK.

    Java 60 15

  5. keycloak-openfga-multitenancy-workshop keycloak-openfga-multitenancy-workshop Public

    Keycloak integration with OpenFGA and Apache APISIX for multi-tenancy authentication and authorization at Scale

    Lua 17 2

  6. twogenidentity/apisix-authzen twogenidentity/apisix-authzen Public

    APISIX plugin supports AuthZEN specification

    Python 1