Challenge
A company, with both private and business customers, publishes a number of applications to give them an overview of subscriptions and invoices, as well as give customers the opportunity to buy more services from the company.
In order to be able to log into the application easily, but at the same time securely, the company wishes to have a central authentication solution, regardless of customer type.
The authentication solution must deliver:
For private customers:
Login for private person with BankID
Be able to act on behalf of another person within the family.
The private person authenticates himself with BankID and gets to choose who in the family he will represent in the application.
Be able to act on behalf of the customer. A support person within the company logs in as themselves and chooses which customer they should represent in the application.
For business customers:
New users must be able to self-register an account using a BankID or one-time code and be linked to a company, automatically or semi-automatically
Larger corporate customers must be able to provision and federate users to the company's system from their own login solution. For example, Entra ID, Google, ADFS, Okta or another SAML2 or OpenID Connect compatible solution.
Users must be able to authenticate with BankID or one-time code
Users who represent several companies must choose which company they represent when authenticating
The service must be able to look up the company's CRM:
To link social security number to customer number
To connect customer number to family relationship
To connect social security numbers to business customers
The company wishes to operate the service itself in one of its cloud platforms (Platform-As-A-Service, PAAS).
Solution
With Fortified ID Integrity and Control, the company can meet all challenges and at the same time maintain simplicity, security and flexibility, regardless of target group: customer, support or company administrator.
Fortified ID Integrity is used as the central authentication solution for the various target groups and its authentication methods and flows for each category of people.
Fortified ID Control is used for self-registration and provisioning.
Both services are operated as Docker containers in the company's PaaS.
The solution is very flexible and cost-effective:
Requires minimal administration in the organization
Standardized integration patterns
Low-code / no-code configuration for maximum flexibility
Infrastructure-as-code
Container-based installation for easy operation and updating
Easy to integrate new authentication needs, when new possible requirements arise
With products from Fortified ID, the company can get a simple, flexible and flexible CIAM solution.