Job Responsibilities Minimum 5+ years of relevant experience in backend development (Java, Spring Boot, Node.js) Implement authentication & authorization using Okta APIs Migrate SiteMinder policies Handle token/session management Familiarity with SAML, OIDC, OAuth 2.0 Integrate with various platform services Experience in REST API design Strong experience in backend-focused software development projects Experience in unit, integration, system, and regression testing Hands-on coding experience with: Java (including Java 17) Spring Boot RDBMS & MongoDB Azure, Kubernetes Splunk and Datadog Experience with frameworks: Spring Boot Spring MVC Java Spring Experience with software development tools: Jira, Confluence, Git, SVN, Jenkins Experience and interest in designing and building cloud solutions using Azure, AWS, or GCP Strong interest in continuous technical skill development Ability to think innovatively and function as a resourceful and collaborative problem solver Qualification Degree in Computer Science, Technical Science, or related field BE, MCA, or equivalent Experience, Skills, and Competencies Proven experience in backend development Experience in unit, integration, system, and regression testing Strong hands-on development experience in: Java (Java 17) Spring Boot RDBMS, MongoDB Azure, Kubernetes Splunk, Datadog Experience in: Spring Boot, Spring MVC, Java Spring frameworks Jira, Confluence, Git, SVN, Jenkins tools Experience and interest in cloud platforms: Azure, AWS, GCP

Role Overview

Core IAM Concepts

Authentication & Authorization protocols: OIDC (OpenID Connect) – flows, ID token handling OAuth 2.0 – grant types, scopes, refresh tokens PKCE (Proof Key for Code Exchange) – why and how it’s used Session Management: Session creation, renewal, and termination Handling session timeouts and re-authentication Token Handling: Access token vs ID token vs refresh token Token validation and expiration strategies Login/Logout Flows: Standard login/logout Universal Logout (single sign-out across apps) Single Sign-On (SSO): Inbound SSO – integrating external identity providers (e.g., Okta as IdP) Outbound SSO – enabling apps to act as IdP for other services Federation concepts (SAML, OIDC) Security Best Practices: CSRF, XSS prevention in login flows Secure storage of tokens (browser vs server)

 

Additional comments

Implementing secure login/logout flows in SPAs or web apps Handling redirects for OIDC/OAuth flows Integration with Okta Sign-In Widget or custom login pages Handling SSO flows (inbound and outbound) in UI Error handling for authentication failures

Preferred (Not Mandatory)

Familiarity with Okta platform (Sign-In Widget, SDKs, API) Experience in migration projects from legacy IAM systems (e.g., SiteMinder)