Eyal Liebermann

Identity & User Management in the cloud, is my passion and area of focus for the last 8 years. I am the solution architect for the Identity Usermanagment in Customer Experience Service (CXS), SAP Inteligent Enterprise.

Previously I led the Federation Services team, of a multi tenant, cross region Customer Identity and Access Managment Platfrom. My team has implemented a multi tenant SAML and OpenID Connect services custoemors could reuse, both as IdP/OP and as SP/RP. Our userbase at the time was over a billion users across five regions.

I wrote my first program over twenty years ago and was developing, leading and architecting software ever since. I am eager to learn.


Program Architect of SAP Identity & User Managment

SAP SE, Berlin

Changing the way end-users interact with SAP services in the cloud.
Creating a single identity per person that brings together all her related accounts and assets.
I lead the architecture of Universal ID, the new Identity Provider to which all services would connect.
I work closely with architects and teams across SAP and particularly those of our CRM & ERP systems and the administrative consoles to change SAP business processes and reflect the new created concepts across all services.
I work in English, gradually adopting German as a second professional language.

Federation Authentication Services Team Lead

SAP Customemr Data Cloud (Gigya), Tel-Aviv

Developing and maintaining scalable, secure Customer Identity Management (CIAM) services in the public cloud. Managing over a billion identities, using numerous services running on hundreds of servers, in a hyper concurrent environment.
As the federation team lead, I was personally reponsible for the development of Gigya's federation services, SAML as SP and Idp, and OpenID Connect as RP and OP.
I was personally leading the migration of over a billion identities from an sql database to a sharded document based mongodb database.
The technologies my team as developed in or interacted with include C#, javascript, Memcached, MySQL, MongoDB, Elastic Search, Kibana, Flume, RabbitMQ.
I was very proud of my team inovvation and agility. We were the first to adopt docker, the first to deploy microservices in the organization. We've developed the ability to react in a matter of a single sprint or two to to business requirments and issues coming from our customers.

System Architect

NCR Retail - Retalix

Took part in an ambitious rewrite of Retalix retail management system. Analyzed requirements based on behavior of existing code and discussion with product management. Negotiated a multiphase solution that would enable fast delivery without contaminating the new design with legacy implementation constraints. Guided & supervised software engineers and team leads during development.

Server Development Team Lead

NCR Retail - Retalix

Managed a scrum team of eight developers and QA engineers communicating with product in the UK and an offshore team. Developed customer specific features for a strategic partner as part of the company's leading retail product. Used C# .NET with nHibernate over SQL database and WindsorCastle for IoC. Managed quality relying on C# unit tests, Fitnesse functional tests and our own QA lab.

Recording Decisions Server Development Team Lead

NICE Systems

Developed and maintained business critical recording servers with a wide installation base over multiple live versions.
Recruited and built a team of six developers. Introduced quality methodologies that were adopted by the entire development groups and have led to substantially improved quality.
Put a clear plan for a gradual rewrite of a system, adding features, simplifying usage, and cutting on code.
Increased both performance and capacity in two orders of magnitude, to meet IP-Telephony requirements.
Used C#, C++ CLI, C++, COM, SQL, WinForms Windows Server, onsite debugging tools.


OpenID Connect (OIDC)

Federated Identity Authentication on top of OAuth 2.0

We've implmented the protocol, developing Gigya's OIDC Identity Provider (OP) and Relying Party (RP) features. We've developed a series of services, OpenID Provider, Relaying Party, and JWT service that enable sites which do not share a database, to create a seamless SSO experience for the end user. I actually came to appreciate this protocol.

SAML - Security Assertion Markup Language

Federated Identity Protocol

We've implmented the protocol, developing Gigya's SAML Identity Provider (IdP)and Service Provider (SP) features. SAML is a robust yet complicated protocol. We were facing challenges integrating it with our existing authentication flows. Our partners were required to intgrate with existing and to verify it's compatible with leading industry services. In order to overcome these challenges my team and I have developed our expertise in the protocol and its flows.

Microsoft Azure

Public Cloud Service

I am currently persuing a Microsoft Certified Azure Solutions Architect Expert certification (AZ-300 & AZ-301). Our services have moved from AWS to Azure on 2019, and in my role as our program's solution architect I am deeply inolved with the transition.

Amazon Web Services

Public Cloud Service

AWS Certified Developer - Associate. AWS was the first platform we've used as a program. It is also the platfrom on which this website is hosted.

Docker Containters


I've led the effort from the R&D side to deploy our microservices within container. I've learnt it used it, gone down to the Dockerfile to understand how we build our image layers. And then we dumped it because C# on a linux docer was premature the time. Still it's the most exciting piece of techonlogy I've met recently.


Document-Oriented Database

We've migrated the entire identity base, some billion users over a few thousand tenants, into a sharded multi-indexed mongodb database. We gained insite as two how to do sharing effectively and how to search with multiple global indexes in a sharded environment. I later took an online course to solidify my knowlwdge.


Programming Language

I admire the pace in which it evolves. We were using Task Parallel Library (TPL), lambdas, Object LINQ, and even some yield return.


Programming Language

It's complex and amazing and it's the fastest innovating language at the moment. We've used it as a switchbaord on the client side in order to check session state and call on the server endpoints. I've been learning it and using it sparsly over the last few years.


Programming Language

We started using that for proof of concepts intiaited by the architecture group. I am learning...