u/flywhee007

Hey all
Attending soon Okta’s conference as a partner.

Theme as shared by them: AI agents as first-class identities, governing and securing them the same way you would a human workforce identity or existing service/technical accounts.

A few Qs I have in mind:
Handling lifecycle for AI agents today or is it still ad hoc like robotic accounts we are seeing in some implementations?

Where does the IGA layer fit when the identity has no HR record?

What are implementing consultants here seeing that existing IAM vendors are not talking about yet?

Curious to hear what others are seeing in their IAMs already.

I have been on both sides of IAM interviews as a candidate early in my career and as the person asking the questions for the last 15+ years. I am curious what others with similar experiences can add.

Most guys show up with a list of products they have used at work and a certification or two. however, for me, a resume with github link would help.

Not polished code. Not a perfect lab. Evidence of implementation thinking.

• Screenshots of a working Joiner workflow with a README explaining what each component does and why
• A decoded JWT with annotations on what each claim means or a SAML assertion captured in SAML-tracer with notes on what the IdP is doing
• Errors faced while configuring JML or access certification processes in your IGA lab
• A short write-up of what broke during a lab and how you fixed it

The troubleshooting notes are often more impressive than the working screenshots. They show you understand what is happening under the hood.

See comment below for free IAM labs you can use to build this out if you are starting from scratch.

I have been reading this subreddit for months. The same problem comes up constantly - people who understand IAM conceptually but have never touched a real implementation. No lab, no demo, nothing to show in an interview.

I built two free lab environments to fix that in my free time. Posting here because this community is exactly who they are for. Tell me what breaks - I will fix it. [Link to labs in comments]

Lab 1 - IAM (IGA) with full working IAM with one target app and one HR app (OVA download)

A pre-configured VirtualBox VM with a full open-source IGA platform, LDAP as target system, and a simulated HR system already wired together. You import the OVA, start the VM, and you have a working Joiner and Leaver pipeline running on your laptop in under 20 minutes.

• Add an employee in the HR system
• Run reconciliation in IAM/IGA
• Watch the LDAP account appear automatically in ou=people
• Terminate the employee
• Watch the account move to ou=inactive

This is the JML lifecycle that every IGA implementation is built around. You build it yourself, you own it, you can enhance it further to demo it in interviews based on job profile.

Lab 2 - Access Management (CIAM) with Auth0

A separate hands-on classroom covering OIDC, SAML federation, and B2C identity flows using Auth0 (from okta). Built for people who want to understand the access management side and CIAM - SSO, token inspection, real protocol flows, which compliments learnings of Enterprise IAM from Lab 1.

Both classrooms are free inside the SimplifyIAM community on Skool.

Not a course, but a lab you build, together with IAM community.

Note: Not affliated to any of the tools mentioned. All of them are free to use or open-source.

I have been in the IAM space for about 18 years in various roles. I am part of technical interviews for junior to mid experience roles, and the landscape seems completely different now. When I talk to guys trying to transition to IAM, I see a massive divide. Some are learning Microsoft SC-300 or Okta or open source IAM home labs.

For those of you trying to get your first IAM role right now, what is your actual path? Curious what the learning curve looks like for you today.

Also curious to hear from what other veterans in the space are seeing in the interviews.