A cloud based, microservice or IoT architecture requires architects and developers to rethink authentication and authorization. It is not feasible to have everyone log in separately for different systems, using a different username and password for each. The goal is to have a single identity that can be authenticated once. A common approach is to use some sort of single sign-on (SSO) solution. SAML and OpenID Connect both provide capabilities in this area that can be leveraged for the cloud as well as IoT. This talk will provide you with all you need to reach this goal in all your Java based applications. Stefan Reuter As a member of the enterprise architecture group of Deutsche Postbank Stefan Reuter was resposible for multi-channel integration middleware. Currently he provides on-site coaching for engineering teams to design future proof systems and implement efficient development processes. As a participant of the open source Java community he enjoys sharing his expertise and contributing to various projects. Thomas Kruse Thomas Kruse started to work as a freelance consultant in 1998. Today he is the CEO of trion development GmbH offering services as architect and coach for projects based on Java technology. His main focus lies on Java based web applications, HTML5 web front ends and performance optimization. In his spare time he is engaged in OpenSource projects and organizes the Java user group in Muenster, Germany. [OFC-6030]