To be or not to be, that is the question. “Who am I” is an important philosophical question, but it is also an important technical question, especially in the online world. Identification and context play a key role in deciding who gets access to what resource. TrustBuilder.io Suite just made it a whole lot easier for companies to connect with various Identity Providers (IdPs), who can uniquely identify a user.
Uniquely identifying a user is one of the basic functions in any Identity and Access Management (IAM) system, together with airtight authentication and authorization. When your IAM system is used only for employees, identification is fairly simple: you just connect to the organization’s Active Directory (AD). When you are rolling out a Customer Identity and Access Management (CIAM), AD will not do. You can use your own identity store (TrustBuilder Repository, for instance), but you may also need to connect to external identity sources. Examples of such sources are social identities and government-driven identities.
The rise of social identities
Who does not have an account with a social media platform such as LinkedIn, Facebook, Google or Apple? Increasingly, organizations are allowing users to identify through these social identities. This gives consumers easy access to web resources, for instance for low sensitivity scenarios. An example of such a low-sensitivity scenario is making a simulation when configuring the options of a car, making a calculation for a loan you are considering, etc. As soon as the user wants to access more sensitive information, step-up authentication is required, e.g. by completing an onboarding process, or by using a government-driven identity.
Authorities all over the world are providing their citizens with digital identities. These government-driven identities can be used to access government services (for instance to fill out tax forms, calculate your pension, request official documents), but are increasingly used in a commercial context too, e.g. to gain access to banks’ mobile apps or complete an onboarding process. Last year, McKinsey noted 165 digital ID schemes set up by governments globally. In Europe, there’s at least one of these digital identities per country, sometimes even more. For instance, in Belgium, you can use itsme, your eID card or even BOSA/CSAM to access official websites.
IAM needs to connect to multiple Identity Providers
Organizations that want to make identification and authentication as easy as possible for their users will often allow them to use either social identities or government-driven identities. Allowing ‘Bring Your Own Authentication’ (BYOAuth) means building connections to all these different IdPs. It also means updating these connections whenever there’s a change on the IdP side.
To make life easy on developers, TrustBuilder has developed a Service Catalog that bundles all these connections. Not only to a large number of IdPs that you may want to connect to, but also to applications. The service catalog is available on TrustBuilder.io and can be used in a pure cloud installation on TrustBuilder.io as well as in hybrid environments where the on-premise TrustBuilder IDHub connects to TrustBuilder.io.
Some advantages of using our Service Catalog:
- We constantly update this catalog and add new IdPs and applications on a regular basis. This continuous delivery is independent of the versioning updates of our orchestration platform TrustBuilder IDHub.
- As a customer, you only pay for the connections you use. While the catalog offers multiple IdPs and applications, we only charge for the connections in use.
- Adding online support for a new IdP is easy, all we need to do is open the connection for you. If you are expanding to a new country, we simply activate the local IdPs that you require.
An ecosystem of services
Any company requiring external connections can benefit from the TrustBuilder.io Service Catalog, whatever your level in the IAM Maturity Model. As soon as you want to enhance customer experience by allowing consumers to use their authentication of choice, simply connect to external IdPs via the Service Catalog. As you move up the maturity model and build out an ecosystem of third-party services, you can also start using the Service Catalog to connect to a bunch of applications. Adding extra services to your offering turns you into a one-stop-shop for customers. This increases both customer experience and customer loyalty.
We are constantly updating the Service Catalog with extra IdPs and applications. All IdPs that are currently supported in TrustBuilder IDHub are already available or will be available soon. The same applies to the applications that TrustBuilder IDHub already connects to. That way, we are building out our Service Catalog into an Ecosystem-as-a-Service. The catalog allows our customers to deploy new IdPs and applications in a fast, reliable, and secure manner. In a few simple steps, new IdPs are activated and connected to your applications. New applications are activated with an easy-to-use wizard.
Interested in finding out more? Request a demo today!