About Dimitri
French
Native or bilingual
Experience
- viaTransitIAM Architect & Technical LeadSOFTWARE PUBLISHINGMarch 2026 - April 2026 (1 month)Lyon, FranceSaaS MaaS Editor: a ticketing partner to integrate, with the requirement to call its API on behalf of the user without storing their credentials on the client side. In-house auth does not cover this case.I designed the end-to-end delegated authentication flow — the user logs in once, the backend calls the partner API on their behalf without ever holding their access. Logout propagated in both directions.Delivery of a Docker Compose POC executable in one command, reproducible in each region subject to legal data localization constraints (US, Canada, Europe).Flow validated in staging. Zero partner credentials stored. Team autonomous in IAM at the end of the service.Identity Access Management - Identity Governance and AdministrationStack: IAM - Keycloak 25, OAuth2, OIDC, RFC 8693, Docker Compose, Express.js.
- Cloud Management Platform - Hébergeur cloud souverainArchitect & Developer (architecture, compliance, development)SOFTWARE PUBLISHINGNovember 2025 - April 2026 (5 months)Lyon, FranceFor an HDS-certified cloud provider on Nutanix infrastructure, clients could not manage their VMs directly: any modification required a support ticket, with a delay of 48 to 72 hours.As an architect and developer, we designed a multi-tenant CMP platform: strict isolation by organization, native OAuth2 PKCE security with MFA TOTP/WebAuthn via Keycloak, transversal audit trail on all write operations, and asynchronous polling of the Nutanix Prism API for real-time feedback. I also delivered the DAA and the ISO 27001 / HDS compliance file, validated by the compliance teams.Result: resource modifications went from 48-72 hours to a few minutes, in full self-service, with documented and validated compliance.Stack: .NET 10, CQRS, FastEndpoints, Keycloak, IAM/OAuth2/OIDC, PostgreSQL, Vue 3, TypeScript, OpenTelemetry.
- SOGETSolution Architect / API ManagementSOFTWARE PUBLISHINGJuly 2022 - October 2023 (1 year and 3 months)Le Havre, FranceSOGET was launching an API offering to expose ~10 services to two distinct audiences: end customers via OIDC login, integrator partners via API key. The constraint: to co-manage these two flows in Azure APIM in a consistent and maintainable way.I acted as a solution architect. I defined the exposure architecture, designed the Azure APIM policies to independently validate Keycloak JWT tokens and API keys while applying the same downstream security rules, and set up OpenAPI documentation via Bump.sh. I also supported two developers on four functional modules of the project.Result: portal deployed, dual authentication operational, team autonomous at the end of the mission.Stack: Azure APIM, Keycloak, OIDC, OpenAPI, Bump.sh, .NET Core, Azure DevOps.
Reviews
Recommendations
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Master I, Information Systems ArchitectureCNAM Angers2013Master I, Architecture des systèmes d'informations
- Computer Science Degree in Design and Development, Computer ScienceContinuing Education CNAM Angers2012Licence informatique Conception et développement, Informatique