Choosing between multi-tenant and single-tenant IDaaS solutions comes down to an organization's business objectives and requirements. Which trade-offs are you willing to make? Is security most important, or is cost your primary driver? Learn the differences here.
Learn everything you need to know about authentication, authorization, identity, and access management from our team of industry experts. Jump start your development and get back to building something awesome.
Articles on Identity Basics
Identity and access management is complex and can increase your risks if incomplete or wrong. Use this expert advice to help implement secure and efficient identity solutions for your applications.
Signing up for accounts is something we're all familiar with. It's a gateway to the applications we want and need. But it's not really fun. Or pleasant. After all, we're signing up because we desire access to the application, not because we want to set up yet another username and password.
A slow migration can be an effective way to move user data when upgrading your auth system. Migrating each user when they authenticate lets you lower risk and decrease downtime. Additionally, such a phased migration requires less understanding of the legacy system.
IDaaS provides out-of-the-box capabilities enabling engineering teams to focus on building features valuable to business rather than spending time and resources on reinventing the wheel of securing application access. But outsourcing isn't as simple as it sounds. Vendor management is time-consuming and can introduce significant risks to the business if due diligence isn't performed.
With password hashing, you get better security at the cost of a performance hit. More robust security often means changes to how scalable your solution is. To be a responsible and effective software engineer, you need to know how to deal with these scalability concerns while keeping your application’s authentication secure. In this article, you’ll get some tips on how to scale your authentication functionality and make sure it can meet the demands of your customers.
Sometimes, despite a salesperson overcoming all your concerns or a landing page perfectly crafted to speak your language in every bullet point, there's a lingering fear that the product you're looking at just might not be what you're looking for. Everyone has experienced buyer's remorse at some point in their life, and most people I know don't want to go through it again.
Some auth providers make the source code for their solutions available and others keep their source code proprietary. Choosing one of these types of authentication providers over the other is not always a cut-and-dried decision. Support, release frequency, relicensing capability, maintenance, who is responsible for security, and cost are all factors you should consider.
Auth is a necessary part of any software product, but how you implement auth is not necessarily always the same. Careful consideration is needed, because your decision to outsource will not only impact speed of development, but also long-term product maintenance.
Your authentication system is one of the areas of your software system that you absolutely have to ensure is secure. A poorly implemented authentication system could cause a loss of customer trust and have negative implications for your company's finances, reputation, and regulatory compliance.
Software applications regularly need access to data from other services on behalf of their users. How can you make sure your systems are giving proper access to other systems and verifying access requests from other applications? Are there easy and trusted ways to build these integrations?
Authentication is an integral part of your application, and as such the acquisition of your auth vendor isn't like other acquisitions. When it happens, who knows what might change? Will your new provider give you the same support? Pricing? Integration options? All of these might change for better or for worse. Learn about possible changes and how to mitigate the risks.
Years ago your team decided to use a third-party authentication system to avoid the time and cost of building one in-house. But now a better option has hit the market and you're wanting to make the switch. Except, hold on, your old system is so deeply ingrained into your organization that you're practically locked-in to your current vendor. Learn how to mitigate the risk of vendor lock-in.
Learn the various types of authentication systems: DIY, drop-in and full-fledged. Each of these has advantages and limitations and might suit your application in different ways. How can you choose?