Identity and Access Management (IAM) Services

Expert IAM consulting, implementation, and custom software development - Ping Identity, OpenID Connect, OAuth2, SAML, and Amazon Cognito

Deep IAM expertise, grounded in standards

SBOSOFT was founded by a former Ping Identity employee and former OpenID Foundation certification team member. That background means we understand IAM at every level - from the protocol specifications that define how OAuth2, OpenID Connect, and SAML actually work, down to the configuration details of enterprise IAM products and the custom software that ties it all together.

We have hands-on experience in large-scale enterprise IAM projects, having served as a subcontractor on a major IAM deployment for a UK bank, where we both configured Ping Identity products and developed custom Java and Spring Boot integration software.

What we can help with

Ping Identity

PingFederate, PingAccess, and related products. Configuration, custom adapters, integration with existing systems, and troubleshooting. From initial deployment to complex federation scenarios across multiple organizations.

IAM standards and protocols

OAuth2, OpenID Connect (OIDC), SAML 2.0, FIDO2/WebAuthn, SCIM, and related specifications. We can design and implement standards-compliant integrations, review your existing IAM architecture for compliance gaps, and guide your team through protocol-level decisions.

Amazon Cognito

Integration of Amazon Cognito user pools and identity pools into your applications. SSO configuration, social identity provider federation, custom authentication flows, and Cognito-to-enterprise IdP federation using SAML or OIDC.

Custom IAM software

Custom Java and Spring Boot development for IAM integration scenarios - custom Ping Identity adapters, OAuth2 resource servers, OIDC relying parties, and identity broker components that connect your existing systems to modern IAM infrastructure.

Single Sign-On (SSO)

Design and implement SSO across web applications, APIs, and enterprise systems. Whether you are consolidating multiple login experiences, federating with a partner organization, or enabling SSO for a SaaS product your customers will use, we can help plan and execute the integration.

IAM architecture review

An independent review of your current IAM architecture - token lifetimes, scope design, consent flows, refresh token handling, and how your setup maps to the relevant specifications. Useful before a security audit or when onboarding a new development team.

Why standards knowledge matters

Most IAM problems are not product problems - they are protocol problems. OAuth2 flows misunderstood, OIDC token validation done wrong, SAML assertions with subtle configuration errors, or SSO sessions that behave unexpectedly in edge cases. A consultant who knows the specification can diagnose these quickly; one who only knows the product admin UI cannot.

Having been part of the OpenID Foundation certification team, we have reviewed many implementations against the specification in detail. That experience translates directly into faster diagnosis and more robust integrations.

Technologies and products

  • Ping Identity - PingFederate, PingAccess
  • Amazon Cognito
  • OAuth2 / OpenID Connect / SAML 2.0 / SCIM
  • Java, Spring Boot, Spring Security
  • JWT, JWK, JWE, JWS (JOSE specifications)

Need an IAM consultant who can both write the code and understand the specifications? Reach out at info@sbosoft.net to discuss your project.