A customer identity and access management (CIAM) system is a required component of a successful software application, whether you have a single webpage or multi-channel site that spans across multiple sites and devices. There are quite a few CIAM solutions to choose from, but which one is the best fit for your application? Use these tips to help narrow down your search, and then check out the comparisons below. Continue reading
Whether for a single webpage or across multiple sites and devices, a customer identity and access management (CIAM) system is a required component of a successful software application. CIAM used to be easy. A junior developer could build a simple registration form to capture a customer’s email and password, save the data into a user table and the application is ready to launch. Those days are long gone. Today, identity and access management is a complex mix of use cases and security issues touch every aspect of a business.
If your inbox looks anything like mine, it’s currently full of messages from companies updating their privacy policies and terms of service. This is mainly due to a newly adopted EU regulation, the General Data Protection Regulation or GDPR, which goes into effect on May 25, 2018. The GDPR grants a set of “digital rights” to EU citizens, including a “right to erasure.” Basically, this means a user can request that their data be deleted, and there can be substantial fines if a company is not able to honor these requests.
In this post, we’ll show how to set up webhooks in Passport to delete all of a user’s data when they delete their account. In Passport, webhooks are used to subscribe or listen to events in the system, so we’ll create a webhook that listens to the
We’ve seen a lot of news lately about Auth0 and we are happy to see it. Auth0 and Passport are competitors in the customer identity and access management (CIAM) space and it is exciting to see a company that we respect be recognized by the wider community. Strangely, if I say this at the CIAM events we attend I get a few curious looks. Why would we want them to get attention? Doesn’t Passport want clients?
Despite being a European regulation, the global reach of internet business will ensure the GDPR impacts US companies and European firms. Unfortunately, few US firms are aware of the regulations and restrictions that become enforceable after May 25, 2018. With the recent high-profile data abuses and breaches, it should be a topic on every company’s mind. In the most basic terms, the GDPR defines a set of “user’s digital rights,” and changes how businesses can collect, store and control customer data. It also imposes steep fines for companies that are found in violation. Do you know if you are at risk? Are your data partners compliant? (To get started, read our Developer’s Guide to the GDPR.)