Eric Olden

Every time you click "log in with" a button and skip past a password screen, you are walking across a bridge Eric Olden helped pour the concrete for. He co-authored SAML, the federation standard that lets a person move between secure websites without logging in again. Most people never learn the acronym. They just never notice the seam. That is the whole point.

Today Olden is co-founder, chairman, and CEO of Strata Identity, based in Boulder, Colorado. The company builds Maverics, a platform for what it calls identity orchestration: the work of stitching together identity systems that were never designed to talk to each other. Kroger runs on it. So do Navy Federal Credit Union, Publix, and Annexus. When a retailer with thousands of stores needs every login to keep working during a cloud migration, this is the layer that has to not break.

The thread running through his career is a stubborn idea: identity should not be locked to a vendor. An access policy written for one cloud should move to another the way a shipping container moves between trucks and ships. That conviction has now produced four companies, two open standards, and a reputation summed up in a phrase that follows him around the industry - the father of modern identity management.

It started in 1995. Olden was a student at the University of California, Berkeley when he and his best friend from high school looked at the young internet and noticed the part nobody had finished: security. That hunch became Securant Technologies, where Olden served as president, CTO, and founder. Securant's ClearTrust product was the first enterprise web access management tool - the first real answer to the question of who gets to see what on a website. RSA Security acquired it.

He did not stop founding. In 2006 he launched Symplified and built the first Identity-as-a-Service single sign-on company, moving the login problem off corporate servers and into the cloud before "the cloud" was a marketing word everyone trusted. Symplified, too, was acquired by RSA. The same buyer, twice. His LinkedIn vanity URL is a dry little punchline about exactly this: boughtnotsold.

Between and around the companies came the standards work. Co-authoring SAML put his fingerprints on the way the entire web handles federated login. Years later he would do it again with IDQL, the Identity Query Language, and Hexa, an open-source project hosted by the Cloud Native Computing Foundation. The pitch is vivid: "Just as Kubernetes transformed computing by allowing applications to transparently move from one machine to another, IDQL enables access policies to move freely between proprietary identity systems." Hexa translates a single policy into whatever dialect each cloud provider speaks, so the rule you write once works everywhere.

Before Strata, Olden ran the big version of the problem from the inside. He led Oracle's global identity and security division as senior vice president and general manager of cloud security and identity management. Sitting at one of the largest software companies on earth, he watched lock-in from the vendor's side of the table - and then left to build the thing that undoes it. That is a particular kind of conviction: leaving the platform to fight the platform's instinct.

Strata, founded in 2019, is the synthesis of all of it. The Maverics platform was the first multi-cloud identity orchestration and continuity system. Continuity is the operative word. Olden's deeper argument is that identity has become a single point of failure - if your identity provider goes down, your whole business goes dark - and that resilience means never depending on one system to stay up. "IDQL and Hexa eliminate identity silos in the cloud and on-premises," he has said, "by creating an intelligent, distributed identity system with one brain."

The industry has noticed. Gartner named Strata a Cool Vendor. It earned a SINET16 Innovator award and was runner-up for Most Innovative Company at the 2021 RSA Conference. Olden writes for the Forbes Technology Council, speaks at events like the Montgomery Summit, and in 2024 did the most on-brand thing a category creator can do: he published the book. "Identity Orchestration for Dummies" exists because, when you invent a category, somebody eventually has to explain it to everyone else - and it might as well be you.

Twenty-five-plus years in, the pattern is unmistakable. Olden spots the missing piece, names it, writes the standard, and then builds the company to deliver it. Securant. Symplified. Oracle's division. Strata. The category keeps changing shape, and he keeps showing up at the front of it - patient, faintly amused, holding thirteen patents and a quiet certainty that identity is supposed to be invisible. When his work is doing its job, you will never see it. You will just log in, and keep going.