How to manage feature flags in ASP.NET Core apps with Azure?
No matter how simple or complex an application is, choosing the right configuration provider right at the start will mak...
Your organization likely operates using dozens or even more different applications. Those services are meant to be used by your customers and partners, but also by employees.
So, you need a functionality that would identify those users and give them the necessary access. Securely.
But as you likely already know, it can be difficult.
Providing secure access to systems is not just about handling usernames and passwords. You need the right balance between the convenience of the user and the safety of your data. It needs to be an automated, but 100% failure-proof process.
Why? Because the average cost of a data breach for businesses is $4.24 million. And lack of significant security layers will result in a data breach in almost every case.
Achieving the right level of protection is getting harder with the growing number of users with different access permissions.
With many services available for clients and partners, eventually comes a need for a single, secure and convenient platform. A platform that will be used to log in to any of these services.
And that was exactly the need of one of our clients – a giant manufacturer, with over 50 different systems, used daily by different groups of users (over 100 thousand users in total).
We helped them solve this problem with the Multi-Access Identity Platform.
MIP is a service that aggregates identity and access functionalities to all your applications and makes them accessible via a single login box.
No more multiple sets of credentials to remember. No more additional burden for your customer service, or your app developers.
Here is an overview of how it works:
The platform supports 3 types of users: customers, partners, and employees. Each of these groups can use different applications, but they all log in through the same platform.
Applications know that if a user has come from the platform, then they are fully authenticated. Therefore, the platform has a big responsibility – hundreds of applications trust it. That’s why implementing the right security measures was the highest priority during its development.
The MIP provides key functionalities that make users’ life easier:
What does it mean?
The platform enables users to securely authenticate with multiple applications using just one set of credentials. Additionally, customers can sign up, sign in, edit their profile, edit or reset their passwords. This way there is no need to engage IT teams in case of access issues.
Thanks to the integration with external identity providers (e.g. Google, Facebook, Twitter), users can also access the apps more easily, using their existing accounts. The same applies for partners who can register using their company e-mail, with no need for a separate account.
TIME & COST SAVINGS
The platform is built using Azure AD, as well as Azure AD B2C, provided by Microsoft. Their key functionalities are as follows:
Therefore, Azure AD B2C makes it possible to create a single authentication gateway for all types of users – employees, partners, and customers.
Now, what about the authorization? With secure access guaranteed for anyone who may need it, we also have to make sure they can only access the services they are permitted to.
To do that, Azure AD B2C needs to connect with the data source (in this case provided by Cosmos DB) where all the permissions are stored. Database returns the users’ data so that the application can decide whether they should have access to specific functionality or not.
User data appears in the database when they sign up for the first time. After successful login, anyone using the MIP can see the list of applications they can access on the personalized dashboard.
Consumer identity and access management solutions (CIAM) provide an additional layer of protection to your company’s network. CIAM prevents your customers’ data from falling in the wrong hands, and the consequent data breach.
Without a proper platform in place, tracking user information and related anomalies can become a complex matter. On the other hand, you don’t want to make life difficult for your customers and partners, but simply supply them with safe access to the right resources.
With the right approach to the CIAM, your customers and partners get easy login and you can reap your own rewards – reliable safeguards against data leakage.
Wondering how to provide simplified access for your users? Read about our Multi-Access Identity Platform. We can help you design and build the right authentication solution for your business.
Read similar articles