Blog
-
Anatomy of a Password
Password authentication remains a cornerstone of Customer Identity and Access Management (CIAM) systems, but to be effective, it must be done securely. Passwords should never be stored in plain text, proper encryption, hashing and salting techniques must be employed to protect them, regular monitoring to ensure safety, and periodic auditing is essential to keeping stored password data secure.
-
Architecting a CIAM Solution
The architecture of modern CIAM includes several core components all working together to deliver a seamless and secure experience for users. By adopting best practices in security, privacy, and user experience, B2C and B2B SaaS developers can build trust with their customers while ensuring compliance with evolving data protection regulations.
-
An API-First Approach to CIAM
Managing Customer Identity and Access Management (CIAM) involves addressing a variety of scenarios in an increasingly complex digital landscape. Adopting an API-first approach offers several advantages, particularly when it comes to integrating with your existing management systems particularly in the context of Continuous Integration (CI) and Continuous Deployment (CD).
-
WordPress, OpenFGA, and Keycloak
Building a SaaS application with CIAM integrated as a DIY option can be a challenging prospect. In this article I’m going to explore how I’m using WordPress, Keycloak and OpenFGA to build a B2B SaaS solution network with a comprehensive CIAM integration.
-
B2C and B2B SaaS Authentication Architectures
The CIAM requirements for B2C and B2B SaaS differ significantly due to the varying needs for security, complexity, and user experience. B2C platforms emphasize ease of use and scalability, where B2B SaaS platforms focus on the addition of enterprise-level integrations and adaptive processes that provide greater flexibility, granular access control, and robust security.
-
Passwordless OTP and Magic Link Scenarios
Passwordless authentication methods like Magic Links and OTPs provide substantial benefits in terms of user experience, security, and scalability in numerous workflow scenarios. By eliminating passwords, these methods reduce the risk of phishing and credential theft while providing seamless access to users.