SAP announced on September 24, 2017 that they plan to acquire customer identity management company, Gigya, at a reported valuation of $350 million. Gigya will be integrated into SAP’s Hybris Profile Service, which offers data matching and enrichment capabilities.
This announcement is one of many we have seen this year in the accelerating identity space:
- August 2016 – Ping acquires UnboundID
- March 2017 – Okta acquires Stormpath
- September 2017 – SAP acquires Gigya
- September 2017 – Google Cloud acquires Bitium
- October 2017 – Mitek acquires ICAR
Forrester states that 81% of enterprises are planning to implement or expand the use of CIAM systems. By acquiring Gigya, SAP further validates the CIAM space.
What’s Next for Gigya?
Stormpath was acquired by Okta and the API was shut down entirely. It is currently unclear if Gigya’s offerings and APIs will remain in service once the acquisition is complete. There are no details expanding upon the integration strategy referenced in the press release for current customers to evaluate. Will price increase? Will Gigya remain an independent platform? How will the speed of innovation be impacted?
Naturally, this can create uncertainty for current Gigya customers much like it did for Stormpath customers after the Okta acquisition. As details continue to be released around SAP’s plans for the Gigya platform, it is smart to take the time to consider all possibilities and reassess your options.
Inversoft Passport is a Customer Identity and Access Management (CIAM) platform that adds authentication, authorization and user management to any web and mobile app with modern REST APIs. It enables businesses to secure applications for their users and focus on revenue driven efforts.
Passport is a great alternative to Gigya. Out of the box, it delivers:
- Easy to use RESTful APIs
- Client Libraries written in Python, Ruby, PHP, Node.js, Java and C#
- User registration and login
- User management interface
- OAuth 2.0
- JSON web tokens
- Single sign-on
- Configurable password encryption
- Two-factor authentication
- Custom user data and user data search
- Localized email templates
- Transactional webhooks and custom events
- Reporting & analytics
Our goal is to provide a CIAM platform that is simple for developers and seamless for end users. Most importantly, we understand the pains of migration and know how to mitigate the risk. We’ve already been through this process with our customers.
DataStax successfully migrated off Stormpath to Passport with minimal downtime, zero friction and no user password resets. DataStax was able to repeatedly test the Passport migration with a single click import prior to the live switch to reduce the risk of a failed migration and build confidence. To learn more, see our DataStax Case Study.
If you don’t already have an account with Inversoft, sign up for a free trial of Passport. Once your account is setup, you can review our documentation to learn about our APIs.
Gigya has documented an export procedure that provides a method of transforming and exporting user data to match a target schema.
IdentitySync is Gigya’s ETL solution (Extract, Transform, Load) that offers an easy way to transfer data in bulk between platforms. Use it to transfer user data from Gigya to a third-party platform or vice versa, or even from one Gigya database to another.
Follow the instructions in the IdentitySync documentation. Export your transformed Gigya user data in JSON format and import that file using our API. The Passport Import API will consume this JSON data allowing you to easily bulk import your existing users into Passport.
The Import API helps to minimize export/import time, reducing the risk of a large scale outage or customer interruption. When switching to Passport, our customers have see results including:
- Reduced latency
- Improved performance
- Increased security
- Reduced IT overhead
We are also available to build a custom migration tool on your behalf to minimize the effort needed to import your users from Gigya to Passport.
Are you an existing Gigya customer and don’t want to move to SAP?
Please contact us at firstname.lastname@example.org to start your migration to Passport.
Today our team is excited to announce a few enhancements we have made to the Passport UI to improve user experience and efficiency.
First, we’ve updated the look and feel of the system. We have enhanced the aesthetic in order to reinforce function. New, modern font and style choices – guided by Material Design concepts – are not only pleasing to the eye, but allow you to perform the same functions and tasks, with less effort.
Inversoft’s new UI utilizes your OS system font to increase performance and decrease latency.
Passport’s default color palette provides a variety of contrasting hues and shadows to help establish a seamless sense of depth and separation.
Static, bordered tables are a thing of the past. Space and simplicity is emphasized, in place of harsh contrasting colors, to create separation within tables. Utilizing full width display allows for more information and functionality.
Buttons and icons are uniform across the new dashboard. You will always know what actions and tools are available to you no matter where you are within Inversoft’s new UI. Consistency highlights the workflow and allows our users to develop usage patterns through familiarity.
While giving you the same features, the new UI provides:
- Dashboard overview providing metrics and usage at a glance
- Responsive mobile and desktop screen usage
- Omnipresent user search bar for fast access to your user data
- Sidebar navigation
- Customization options (i.e. brand logo and hex code selection)
Our hope is that Passport is not only easy to use, but with our new UI you look forward to using it. Keep an eye out for new updates and enhancements.
JSON Web Tokens (JWTs) are a popular authentication mechanism for good reason. JWTs are designed to be stateless, portable identities making them ideal for consumption by web applications and extremely mobile friendly.
While the stateless benefit of a JWT is great, it does come with a problem: Once a token has been issued to the user, that access token is valid until it expires. This time window poses a security concern.
So how do you revoke JSON web tokens if you need to?
Inversoft has figured out how to revoke JSON Web Tokens with little impact on a security token’s portability. That’s why we’re teaming up with IBM developerWorks for a live coding webinar on Thursday, July 27.
Tune into the webinar to learn:
- What is the JWT security concern?
- Why token revocation is necessary?
- Traditional JWT revocation methods.
- How Passport solves this issue.
The webinar is free to attend and there will be a Q&A after to ensure you get the JWT answers you need.
Don’t miss this live coding event, register today.
Inversoft’s founder and CEO, Brian Pontarelli, will be speaking about Authentication & User Management at WeWork Union Station.
Authentication is perhaps the single most common requirement of any application. Being able to quickly and easily register for or log into a service can make a huge difference for the user experience.
Authentication, authorization and user management are often required from the start. Not only is this time consuming and costly to build, but even a minor mistake can be disastrous. Turnkey user management and authentication providers can help companies focus on core business and application features rather than boilerplate infrastructure.
Brian will walk you through the paramount build vs. buy decision and answer questions along the way.
Date: Tuesday, April 11, 2017
Time: 12:00PM – 1:00PM (MST)
WeWork Union Station
1550 Wewatta St
This Lunch & Learn is free to attend and Illegal Pete’s will be provided!
We hope to see you there! Please pass along the link to any of your colleagues who might be interested in attending the event as well.
Stormpath customers are experiencing first hand the repercussions of using a multi-tenant cloud hosted API. The company was acquired and users have to get data out, fast. By 8/17/2017 to be exact.
A recent article by ProgrammableWeb discusses the dangers of using third-party APIs, however they fail to mention ways to avoid this danger. The answer is not to stop using cloud APIs, nor is it to only select API’s from tech giants like Amazon, Google or Microsoft. Before choosing your identity and user management provider consider the deployment options.
Despite increasing cloud popularity, many companies still prefer (or require) an on-premise solutions.
Certain organizations face regulatory requirements that demand an on-premise solution. Regulatory controls and legal requirements vary depending on the industry, but many companies fall into this category. A third-party cloud vendor may not fit the compliance requirements for a particular organization within the finance or pharmaceutical sector.
An on-premise solution can insulate you from issues Stormpath customers are now faced with. By installing the software on your servers (real or cloud-based) you gain control over:
- User data
If the company shuts down or is acquired, you can likely continue using software since it is running on your servers. If this is not the case, the user data is yours and can easily be removed at your discretion.
How do you protect your data? How do you ensure that you are the only one seeing your user data?
Multi-Tenant vs. Single-Tenant
Multi-tenant is an architecture where multiple companies store their data within the same instance. With single-tenant, each company has their own individual instance. With a single-tenant solution you receive maximum privacy. The risk of another business accidentally receiving data that doesn’t belong to them is eliminated. Each customer’s user data is separate and secure.
When considering cloud solutions, it is always important to prepare for the worst-case scenario. You should think about how you will get your data out of the cloud, before you ever put it in there. In the event of an API shutdown, data recovery is much easier when each customer’s data is isolated in a single-tenant cloud.
Flexible Hosting (with a pitch)
Passport offers on-premise or single tenant cloud hosting. With these options, you have the ability to choose which deployment best meets your business or application needs. In addition, you have the flexibility to change your mind down the road.
Start Migrating from Stormpath to Passport today. Or sign up for a free Passport trial.