Job Summary:

Shift timing: 12:00 PM to 9:00 PM

5+ years in functional/security testing
- Test identity migration scenarios (login/logout, MFA, SSO)
- Regression testing post-migration
- IAM testing frameworks
- Okta test utilities
- Policy enforcement validation

 

Role Overview

Core IAM Concepts

Authentication & Authorization protocols: OIDC (OpenID Connect) – flows, ID token handling OAuth 2.0 – grant types, scopes, refresh tokens PKCE (Proof Key for Code Exchange) – why and how it’s used Session Management: Session creation, renewal, and termination Handling session timeouts and re-authentication Token Handling: Access token vs ID token vs refresh token Token validation and expiration strategies Login/Logout Flows: Standard login/logout Universal Logout (single sign-out across apps) Single Sign-On (SSO): Inbound SSO – integrating external identity providers (e.g., Okta as IdP) Outbound SSO – enabling apps to act as IdP for other services Federation concepts (SAML, OIDC) Security Best Practices: CSRF, XSS prevention in login flows Secure storage of tokens (browser vs server)

 

Additional comments

Implementing secure login/logout flows in SPAs or web apps Handling redirects for OIDC/OAuth flows Integration with Okta Sign-In Widget or custom login pages Handling SSO flows (inbound and outbound) in UI Error handling for authentication failures

Preferred (Not Mandatory)

Familiarity with Okta platform (Sign-In Widget, SDKs, API) Experience in migration projects from legacy IAM systems (e.g., SiteMinder)