Job Location : Chennai, Hyderabad, Pune, Noida, Kochi, Bangalore, Trivandrum

Experience : 4 Yr

CTC Budget : 2400000 to 2400000

Posted At : 02-Jan-2026

---

Candidate should have very good expertise in Oauth2.0, API Development, and for backend should be good in Java or NodeJS 

 

Job Summary

 

Building      secure APIs that validate tokens (JWT verification)

Implementing      OAuth 2.0 flows for      server-side apps

Token      introspection and revocation endpoints

Handling      session vs token-based authentication

Supporting      SSO integrations (SAML/OIDC federation)

Knowledge      of Okta APIs (preferred but not mandatory)

Implement      PKCE in an SPA

Handle      universal logout across multiple apps

Validate      tokens in an API gateway

Configure      inbound and outbound SSO for multiple applications

 

Core IAM Concepts (Mandatory)

Authentication & Authorization protocols:

OIDC (OpenID Connect)  flows, ID token handling

OAuth 2.0  grant types, scopes, refresh       tokens

PKCE (Proof Key for Code Exchange) – why       and how it’s used

Session Management:

Session creation, renewal, and termination

Handling session timeouts and re-authentication

Token Handling:

Access token vs ID token vs refresh token

Token validation and expiration strategies

Login/Logout Flows:

Standard login/logout

Universal Logout (single sign-out across apps)

Single Sign-On (SSO):

Inbound SSO – integrating external identity       providers (e.g., Okta as IdP)

Outbound SSO – enabling apps to act as IdP for       other services

Federation concepts (SAML, OIDC)

Security Best Practices:

CSRF, XSS prevention in login flows

Secure storage of tokens (browser vs server)

 

Shift timings - 12:00 PM to 9:00 PM

 

Preferred (Not Mandatory)

Familiarity      with Okta platform (Sign-In Widget, SDKs, API)

Experience      in migration projects from legacy IAM systems (e.g., SiteMinder)