Prabath Siriwardena is a developer, architect, an author, and a blogger. Prabath has more than 17 years of industry experience in designing and building critical Identity and Access Management infrastructure for global enterprises, including many Fortune 100/500 companies. He spent most of his time in last 14 years with the WSO2 IAM team, in leading the development of the open source WSO2 Identity Server, which is used by hundreds of top companies and more than 500 Universities globally, and also within the open source communities. In 2020 Forrester CIAM Wave, WSO2 Identity Server was named as a top Strong Performer and in 2020 KuppingerCole CIAM Leadership Compass, Identity Server was named as Leader.

As a technology evangelist, Prabath has published seven books, including Microservices Security in Action (Manning) , Advanced API Security (Apress) and Microservices for the Enterprise (Apress). He blogs on various topics from blockchain, PSD2, GDPR, IAM to microservices security. He also runs a YouTube channel.

Prabath has spoken at RSAConference, Identiverse (Cloud Identity Summit), European Identity Conference (Keynote 2015), Consumer Identity World USA (Keynote 2018), API World (Advisory Board 2018), Microservices World, API Strategy & Practice Con, QCon, OSCON, LASCON, Cloud Security Alliance, Block World, Ellucian Live and WSO2Con (Keynote 2018) - and travelled the world conducting workshops/meetups to evangelize IAM communities. He is also the founder of the Silicon Valley IAM User Group, which is the largest IAM meetup in the San Francisco Bay Area.

• LinkedIn: https://www.linkedin.com/in/prabathsiriwardena/
• Twitter: https://twitter.com/prabath
• Blog: http://blog.facilelogin.com
• YouTube: http://vlog.facilelogin.com
• Stack Overflow: https://stackoverflow.com/users/804637/prabath-siriwardena
• Quora: https://www.quora.com/profile/Prabath-Siriwardena
• Instagram: https://www.instagram.com/prabathsiriwardena/
• Amazon Author Page: https://amazon.com/author/prabath

• OpenID Connect in Action (2021, Manning)
• Microservices Security in Action (2020, Manning)
• Advanced API Security 2nd Edition (2019, Apress)
• Microservices for the Enterprise (2018, Apress)
• Advanced API Security (2014, Apress)
• Mastering Apache Maven 2 (2014, PACKT)
• Maven Essentials (2015, PACKT)
• Enterprise Integration with WSO2 ESB (2013, PACKT)

• API Days (2021)
• WSO2 Summit (2021)
• Microservices Conference (2020, Turkey)
• Ellucian Live (2020, Orlando | 2019, New Orleans)
• Microservices World (2019, San Jose)
• The Millennium Alliance - CISO - WEST (2019, Las Vegas)
• WSO2 Integration Summit (Oct 2019, San Francisco | Sept 2019, New York)
• RSA Conference (2018, San Francisco)
• Identiverse (2018, Boston)
• Consumer Identity World (2018, Seattle (Keynote))
• Block World (2018, San Jose)
• API World (2018, San Jose | 2017, San Jose | 2016, San Jose)
• Cloud Security Alliance (2018, Seattle)
• LASCON (2018, Austin | 2016 Austin)
• WSO2Con (2018, London | 2018 San Francisco (Keynote) | 2017, London | 2017, San Francisco | 2015 San Francisco | 2015, London| 2014, San Francisco | 2014, Barcelona | 2014, Colombo| 2013, London | 2013, San Francisco | 2012, Colombo | 2011, Colombo)
• Cloud Identity Summit (2017, Chicago | 2016, New Orleans)
• GSMA Mobile World Congres (2017, San Francisco)
• Global Software Architecture Conference (2017, Santa Clara)
• Internet Identity Workshop (Oct 2016, Mountain View | Oct 2015, Mountain View)
• Google Summer of Code Mentor Summit (2016, Mountain View)
• European Identity Conference (2015, Munich (Keynote) | 2014, Munich | 2012, Munich)
• QCon (2015, Sao Paulo)
• Google Developer Group (GDG) DevFest (2014, Colombo)
• API Strategy & Practice (2014, Amsterdam)
• ApacheCon NA (2013, Portland | 2011, Vancouver)
• Open Source Developer Conference (2013, Auckland, New Zealand)
• IdentityNext (2012, Netherlands)
• FOSS Security, Sri Lanka CERT (2011, Colombo)
• OSCON (2009, San Jose)
• Apache Roadshow Asia (2009, Colombo)

• Gartner Identity and Access Management Summit (2018, Las Vegas)
• Internet Identity Workshop (April 2019, Mountain View | Oct 2017, Mountain View | May 2017, Mountain View | April 2016, Mountain View | April 2015, Mountain View )
• Borderless Cyber US (Oct 2018, World Bank, Washington DC)
• ID2020 Summit (June 2017, United Nations, New York)
• CERT Vendor Meeting (Feb 2017, San Francisco | Feb 2016, San Francisco | April 2015, San Francisco)
• Structure Security Conference (Sept 2016, San Francisco)
• TiECon (May 2015, Santa Clara)
• Strata + Hadoop World (Feb 2015, San Jose)
• Cloud Identity Summit (July 2011, Colorado)

• Strong and Adaptive Authentication for your Enterprise (December 2019, Mountain view, California)
• API Security Best Practices and Guidelines (Novermber 2019, Fort Lauderdale, Florida)
• API Security Best Practices and Guidelines (Novermber 2019, Orlando, Florida)
• Strong and Adaptive Authentication for your Enterprise (Novermber 2019, Tysons Corner, Virginia)
• Strong and Adaptive Authentication for your Enterprise (Novermber 2019, New York, NY)
• API Security Best Practices and Guidelines (October 2019, Chicago, IL)
• Strong and Secure Authentication for Enterprises (Fedbruary 2019, O'Fallon, IL)
• Architecture Bootcamp - Kicking Your Enterprise Security Up a Notch with Adaptive Authentication (December 2018, Boston)
• Securing Microservices (Oct 2018, Orlando)
• Identity Federation and Strong Authentication with WSO2 Identity Server (July 2018, Virginia)
• Building a customer-centric enterprise with CIAM (June 2018, New York)
• Building a customer-centric enterprise with CIAM (June 2018, Mountain View)
• API Security Best Practices & Guidelines (June 2018, Singapore)
• API Security Best Practices & Guidelines (May 2018, Chicago)
• API Security Best Practices & Guidelines (May 2018, Orlando)
• Securing Microservices (May 2018, Columbus)
• The Role of Privacy in Your CIAM Strategy (May 2018, Toronto)
• Building a Customer-centric Enterprise with CIAM (April 2018, Montreal)
• Identity Management for Identity Architects (Jan 2018, Colombo)
• Identity Management for Web App Developers (Jan 2018, Colombo)
• OAuth 2.0 for Web and Native (Mobile) App Developers (Jan 2018, Colombo)
• Identity Management for Identity Architects (Nov 2017, Brentwood)
• Identity Management for Identity Architects (Oct 2017, Salt Lake City, Utah)
• Identity Management for Web App Developers (Oct 2017, Salt Lake City, Utah)
• Identity and Access Management in the Era of Digital Transformation (July 2017, Colombo)
• Identity and Access Management in the Era of Digital Transformation (June 2017, Chicago)
• Identity and Access Management in the Era of Digital Transformation (June 2017, New York)
• OAuth 2.0 for Web and Native (Mobile) App Developers (March 2017, Mountain View)
• Solution Patterns with the WSO2 Identity Server (March 2017, Vancouver)
• Solution Patterns with the WSO2 Identity Server (Feb 2017, Toronto)
• Identity Management for Web Application Developers (Feb 2017, Mountain View)
• API Security Best Practices & Guidelines (Dec 2016, Mounatin View)
• Solution Patterns with the WSO2 Identity Server (Sept 2016, Mounatin View)
• API, Integration, and SOA Convergence (April, 2015, Sao Paulo)
• API, Integration, and SOA Convergence (March, 2015, Brasilia)
• API, Integration, and SOA Convergence (March, 2015, Rio)
• API, Integration, and SOA Convergence (Feb, 2015, Mountain View)
• API, Integration, and SOA Convergence (Feb, 2015, Los Angeles)
• Federated Identity & Access Management (May 2014, Munich)
• WSO2 Integration Platform Discovery (Oct 2013, Auckland, New Zealand)
• WSO2 Integration Platform Discovery (Nov 2012, Netherlands)
• WSO2 Integration Platform Discovery (Sept 2012, Dubai)
• Carbon and Stratos: Understanding Cloud-enabled Modular Middleware (Nov 2011, Canada)
• Security in the Cloud (Oct 2011, New York)
• Security in the Cloud (Aug 2011, Palo Alto)
• SOA Security and Identity (March 2011, Dallas)
• SOA Security and Identity (March 2011, New York)
• SOA Security and Identity (March 2011, Washington)
• WSO2 SOA Workshop (Nov 2009, Santa Clara)
• WSO2 SOA Workshop (Sept 2009, Colombo)

• Customer IAM Trends, Challenges, and More (June, 2021)
• Why is CIAM pivotal to a digital business (July, 2020)
• CIAM & Digital Transformation (April, 2021)
• Ethos Identity & WSO2 IAM for secure, seamless access (October, 2019)
• The Future of Digital IAM (February, 2019)
• How Blockchain Facilitates Self-Sovereign Identity (April, 2018)
• General Data Protection Regulation (GDPR) for Identity Architects (December, 2017)
• Identity and Access Management in the Era of Digital Transformation (March, 2017)
• Securing Access to SaaS Apps with GSMA Mobile Connect (Nov, 2016)
• WSO2 Security Platform: Vision and Roadmap (May 2016)
• Connected Identity: Benefits, Risks & Challenges (May 2015)
• Borderless Identity: Managing Identity in a Complex World (April 2015)
• OpenID to OpenID Connect Migration (Dec 2014)
• Security in Cloud (Nov 2014)
• The Evolution of Enterprise Identity (July 2014)
• Bring Your Own IDentity (BYOID) with WSO2 Identity Server (April 2014)
• Patterns and Practices in Mobile SSO (March 2014)
• Enterprise Integration with WSO2 ESB (February 2013)
• Access Control Patterns and Practices with WSO2 Middleware Platform (Nov 2013)
• Introducing the WSO2 Platform - Leading you to a Connected Business (Oct 2013)
• Identity in the Cloud (March 2010)
• Securing RESTful Services (Jan 2011)
• Fine Grained Authorisation Policies Making Your Head Spin?? XACML to the Rescue! (April 2011)
• Introducing the WSO2 Security & Identity Gateway Solution (June 2011)
• Security in the Cloud (Oct 2011)
• Securing your Cloud Application using StratosLive (Nov 2011)
• OAuth 2.0 : The Path to Heaven from Hell? (Aug 2012)
• Securing APIs (Nov 2012)
• WSO2 Identity Server 2.0 Introduction (June 2009)
• Identity as a Service (October 2008)
• Understanding OpenID (June 2008)

• Silicon Valley IAM User Group
• JAVA Colombo

• Securing gRPC Microservices with Istio Service Mesh (July, 2020)
• Single Logout Dilemma #IAM4Developers Meetup (Bangalore, Colombo, Sydney, Singapore (May, 2020)
• Securing Single-page Applications with OpenID Connect (May, 2020)
• OAuth 2.0 Internals and Applications (April, 2020)
• Controlling Access to Your Microservices with Istio Service Mesh (April, 2020)
• JSON Web Token Internals and Applications (Silicon Valley/London/Toronto #IAM4Developers Meetup) (April, 2020)
• Software Technologies Research Institute Meetup (Jan 2020), Ankara, Turkey
• Microservices Security Landscape (July 2019) API Craft San Francisco
• PSD2 Security Patterns (Nov 2018), Societe Generale Open Banking Community Event, Paris, France
• Microservice Security Landscape (Oct 2018) : Microservices, APIs and Integration - Silicon Valley Meetup
• OAuth 2.0 Security Landscape (Aug 2018) : Defense Industrial Base Technical Architecture Working Group, Boeing
• Securing Microservice (May 2018) : WSO2 Sri Lanka Meetup
• General Data Protection Regulation for Identity Architects (Nov 2017) : GDPR Meetup - London
• Introduction to Blockchain and Bitcoin (Nov 2017) : Biocomplexity Institute of Virginia Tech
• Identity on Blockchain (July 2017) : Computer Society of Sri Lanka (CSSL) Tech Talk
• API Security Patterns and Practices (Nov 2015) : Silicon Valley IAM User Group
• WSO2 Identity Server (Sept 2015) : Science Gateways Symposium
• Best Practices in Building an API Security Ecosystem : SLAC National Accelerator Laboratory, Stanford University
• The Evolution of Internet Identity (April 2015) : Silicon Valley IAM User Group
• Deep Dive into Java Security Architecture (July 2014) : JAVA Colombo
• OAuth 2.0 and XACML (June 2012) : IAM Working Group and COE Concall at the Bank of America
• Ethical Hacking (April 2012) : OWASP Sri Lanka Chapter

• Identity Architect Ground Rules: Ten IAM Design Principles
• Connected Identity: Benefits, Risks, and Challenges
• Building an Ecosystem for API Security
• WSO2 Security and Identity Gateway Solution (with Asanka Abeysinghe)

• How to use OpenID Connect for authentication (2022)
• Five Things Every Business Needs To Know About Storing and Protecting Their Customers’ Information (2021)
• Prabath Siriwardena of WSO2: Five Things Every Business Needs To Know About Storing and Protecting Their Customers’ Information (2021)
• Interview: CIAM; Challenges, opportunities and utilising it to meet evolving customer needs (2021)
• Three key customer IAM trends for 2021 (2021)
• Multi-tenant SOA Middleware for Cloud Computing (2010)

• IETF RFC 7662 : OAuth 2.0 Token Introspection
• OASIS Identity Metasystem Interoperability

• Legacy Code Rocks: Microservices Security with Prabath Siriwardena and Nuwan Dias (Jan, 2021)
• Microservices Security in Action with Prabath Siriwardena (Dec, 2020)
• The State of Identity Podcast by One World Identity, Episode 149 (Jan, 2020)
• The Newstack Context: Microservices for the Enterprise, Docker’s Latest Vulnerability (May, 2019)

• How we built multi-regional routing at the edge @ DevRev
• Securing north/south and east/west traffic @ DevRev
• What Went Wrong? Facebook is in Crisis Again!
• Build Your Own Blockchain
• 51% Attack!
• The Mystery Behind Block Time
• Bought It! Read It! Love It! Satya Nadella’s New Book, Hit Refresh
• Identity on Blockchain (Part — II) Identity/Naming Systems
• Identity on Blockchain (Part I) Blockchain Fundamentals
• Why Not All IAM Projects Cross The Finish Line?
• Turning the Bank into a Platform (Part II) Open Banking
• Turning the Bank into a Platform (Part I) Payment Services Directive 2 (PSD2)
• Customer IAM (CIAM) ~ Turning Identity Data Into Gold!
• Ten IAM Design Principles
• General Data Protection Regulation (GDPR) for Identity Architects
• Understanding General Data Protection Regulation (GDPR)
• Better Aadhaar with Blockchain
• Monetizing and Spam-filtering Public APIs with Bitcoin
• OAuth 2.0 Token Binding
• Nuts and Bolts of Transport Layer Security (TLS)
• OAuth 2.0 Threat Landscape
• A Deeper Look Into Bitcoin Internals
• The Starfish and the Spider
• The Role of Identity and Access Management in the Era of Digital Transformation
• IDENTITY is the NEW MONEY
• The Age of the Platform
• Building Microservices
• Short-Lived Certificates @ Netflix
• JSON Message Signing Alternatives
• JWT, JWS and JWE for Not So Dummies! (Part I)
• GSMA Mobile Connect vs OpenID Connect
• Thirty Solution Patterns with the WSO2 Identity Server
• Securing Microservices (Part I)
• WSO2 Identity Server ~ The Inside Story
• Identity Broker Pattern ~ 15 Fundamentals
• Borderless Identity ~ Managing Identity in a Complex World
• Securing the Insecure

• DevRev Value Award, 2024, DevRev
• Outstanding Contribution Award, 2017, WSO2
• Most Valuable Person (MVP), 2016, WSO2
• Outstanding Contribution Award, 2015, WSO2
• Outstanding Contribution Award, 2014, WSO2
• Outstanding Contribution Award, 2013, WSO2
• Outstanding Contribution Award, 2012, WSO2
• Outstanding Contribution Award, 2011, WSO2
• Customer Delight Award, 2010, WSO2
• Outstanding Contribution Award, 2009, WSO2
• Outstanding Contribution Award, 2008, WSO2
• Best Blogger Award, Nov/2008, WSO2
• Best Tech Evangelist Award, Sept/2008, WSO2

• Empathy (HBR Emotional Intelligence Series), Daniel Goleman, Annie McKee, Adam Waytz
• Exploding Data: Reclaiming Our Cyber Security in the Digital Age, Michael Chertoff
• INSPIRED: How to Create Tech Products Customers Love, Marty Cagan
• Powerful: Building a Culture of Freedom and Responsibility, Patty McCord
• Hit Refresh: The Quest to Rediscover Microsoft's Soul and Imagine a Better Future for Everyone, Satya Nadella, Greg Shaw
• WTF?: What's the Future and Why It's Up to Us, Tim O'Reilly
• The New Kingmakers: How Developers Conquered the World, Stephen O'Grady
• Connecting the Dots: Lessons for Leadership in a Startup World, John Chambers
• Sprint: How to Solve Big Problems and Test New Ideas in Just Five Days, Jake Knapp
• Nonviolent Communication, Marshall B. Rosenberg
• Measure What Matters: How Google, Bono, and the Gates Foundation Rock the World with OKRs, John Doerr
• The Power of Customer Misbehavior: Drive Growth and Innovation by Learning from Your Customers, Kalle Lyytinen
• Fail Fast, Fail Often: How Losing Can Help You Win, Ryan Babineaux
• Crushing It!: How Great Entrepreneurs Build Their Business and Influence-and How You Can, Too, Gary Vaynerchuk
• Dear Founder: Letters of Advice for Anyone Who Leads, Manages, or Wants to Start a Business, Maynard Webb, Carlye Adler
• Principles: Life and Work, Ray Dalio
• Identity is the New Money, David Birch
• Steve Jobs, Walter Isaacson
• Losing My Virginity, Richard Branson
• Think Big: Make It Happen in Business and Life, Donal Trump
• The Starfish and the Spider, Ori Brafman, Rod A. Beckstrom
• Platform Revolution: How Networked Markets Are Transforming the Economy - and How to Make Them Work for You, Geoffrey G. Parker, Marshall W. Van Alstyne, Sangeet Paul Choudary
• More Books...

• United States (California, Virginia, Washington, Utah, Nevada, New Jersy, Conneticut, Illinois, Akansas, Texax, Arizona, Maine, New York, Florida, Colorado, Massachusetts, North Carolina, Tenesses, Nebraska, Idaho, Louisiana, Michigen, Missouri, Minnesota, Pennsylvania, Ohio, Georgia, Kentucky, Wisconsin, Maryland)
• Canada (Vancouver, Toronto, Montreal)
• Brazil (Rio, Brasilia, Sao Paulo)
• England (London, Cambridge)
• Netherlands (Amsterdam)
• Germany (Munich, Stuttgart)
• Spain (Barcelona)
• France (Paris)
• Turkey (Ankara, Istanbul)
• New Zealand (Auckland)
• China (Guangzhou)
• Thailand (Bangkok)
• Malaysia (Kuala Lumpur)
• Singapore (Singapore)
• India (Bangalore)
• Malidives (Male)
• UAE (Dubai)
• Sadui Arabia (Riyadh)
• Sri Lanka (Almost everywhere)

• Summer Scamper, Stanford, 10k (June, 2019)
• Giant Race, San Jose, 5K (June, 2019)
• The Sugar Rush, San Jose, 5k (May, 2019)
• Walk, Run, Fun! Sister County, Martial Cottle County Park, San Jose, 5k (April, 2019)