Tips and tricks

The problem with CIAM and how simple tools can help you manage it

Brian Pontarelli
© Shutterstock / Andrey Suslov  

Is CIAM a complicated, yet critically important part of app development? Yes, it most certainly is! If you are struggling to find a tool that could help you navigate around the hurdles, Brian Pontarelli has some tips.

Customer Identity and Access Management (CIAM) is an important gateway mechanism that deals with both developers as well as intended customers of a said developed product. Developers need a way to capture and store user information like the identity of customers and various other profile details. At the same time, the idea is to open up or unlock a certain number of features or options within the application while keeping others locked out.

In itself, CIAM is a rather complex part of app development. There is the issue of privacy and storage as users are often asked for private information in order for them to access the app. This can range anywhere from e-mail, social networks, and in some cases, even banking information. At the era of data leaks and mismanagement, it is not far-fetched to think of data privacy as a hot-button issue. However, developers are well aware of the fact that, in order to offer a high level of customer utility and to have applications work like it was tailor-made for each individual user, a lot of data about individual users is required.

In the year 2018—one of the most data leak-prolific years so far—there were at least 20, high-profile data leaks that affected hundreds of thousands, if not millions of people around the world, reports Business Insider.

Surveys have shown that customers are gladly willing to leave a service that does not manage their data well and, at the same time, are more than willing to pay extra for better service.

Apart from just data management, CIAM covers a number of services and each of them is a veritable pain point for developers. Starting with simple registration, it goes on to account management, consent management, and multi-factor authentication, to name a few. To add to this list, end users need to experience a seamless transition in the way the application works across platforms, be it mobile or on the web. Scaling is another issue related to performance that just cannot be ignored.

What makes a strong CIAM system?

There are a number of pointers that are often seen as the cornerstones, or pillars of great CIAM:

  • Security
  • Scalability
  • Privacy
  • Performance
  • Compliance

While CIAM is often seen as a bit of a stumbling block for new developers, it need not always be so. There are tools available in the market that take care of most, if not all of the above pain points effectively. Tools like FusionAuth have been created specifically to help developers ease into CIAM without giving up scale, data privacy while offering user management that is not just flexible, but also unlimited in volume.

To be fair, FusionAuth is not the only such tool in the market right now. Having said that, they are a service that offers unique solutions for developers, the main one being it is 100% free for unlimited users. Unlike open access platforms that usually have limited options and mass market alternates that have hidden costs attached to certain features, FusionAuth has all its features open to unlimited users.

 SEE ALSO: How to estimate programming time

Here is a quick rundown of a few alternates to FusionAuth:

Auth0—an expensive alternate

Okta—just as, if not more expensive than Auth0

Firebase—limited in scope, with nearly no features and a cog in the great Google machine

Cognito—nearly featureless and a part of the Amazon juggernaut

KeyCloak—open source, but limited features

Passport.js—another bare-bones open source alternative

In comparison, FusionAuth’s features include stable scalability, user management segmentation, detailed reporting, capable of running on most active platforms, over any kind of framework. The main focus, however, remains its CIAM capabilities, all that with inbuilt email localization.

Is CIAM a complicated, yet critically important part of app development? Yes, most certainly. Does it have to be a slow, expensive, and a security threat to both users and developers? No, most certainly not.


Brian Pontarelli

Brian Pontarelli is a successful technology entrepreneur currently focused on solving login, registration, and user management challenges. Brian works with startup to Fortune 500 organizations struggling to address the complexity of secure CIAM as their businesses requirements evolve and user base scales from a handful of users to millions. He has an extensive knowledge of coding strategies as well as a hands-on understanding of the business needs of growing companies. Before Brian bootstrapped both FusionAuth and its sister company CleanSpeak, he studied computer engineering at the University of Colorado, Boulder. After graduating, he solved complex technology challenges for companies like Orbitz, BEA, US Freightways, XOR and Texturemedia.

Inline Feedbacks
View all comments