LOS ALTOS, California – October 16, 2023 – Descope, the drag-and-drop customer authentication and identity management platform, today announced the availability of deep identity federation capabilities that enable organizations to centralize user identity management across all customer-facing applications irrespective of their configuration or makeup.
Identity management gets complex quickly. A typical enterprise has disparate customer-facing applications such as support portals, learning management systems, certification systems, partner portals, and supplier applications. These apps usually have different authentication and user onboarding requirements, resulting in patchwork identity systems that are either built in-house and tough to maintain, or are a combination of identity providers (IdP) with limited interoperability across SAML and OpenID Connect (OIDC) flows. Moreover, if customers have multiple login IDs across applications, organizations lose the 360 degree view of the customer journey.
Descope helps IT teams and developers add authentication, authorization, and identity management to their apps using no / low code workflows. With the newly added identity federation capabilities, Descope acts as an Identity Federation Broker to enable connections between any permutation of client and IdP. Admins can visually define bespoke user journeys for each application including authentication methods, information collection, and MFA logic.
“The complexity of managing customer identities often grows as the business grows,” said Yaron Levi, CISO at Dolby. “New business units, custom apps, off-the-shelf software, and M&A activity all lead to customer identity silos that teams can spend months reconciling. Poor visibility into user onboarding and auth flows also breeds security gaps that attackers can exploit. Descope’s approach to federation backed by no-code workflows can enable IT teams to easily personalize user journeys per application while ensuring a consistent, secure, and frictionless end user experience.”
Descope as Identity Federation Broker
As an Identity Federation Broker, Descope can act as an identity provider or a service provider based on the situation. The broker can run in three modes:
If the broker is the IdP, applications can connect to it for authentication.
If the broker sits in front of one or many IdPs (via both SAML and OIDC), applications can authenticate with any of the IdPs.
If the broker is in hybrid mode, it can act as an IdP for some applications and enable the connection to other IdPs.
Once the broker is set up, customers can leverage Descope’s drag-and-drop workflows to create custom user journeys for each application as well as easily iterate on them with time. These workflows can also weave in data and actions from third-party connectors to implement use cases such as fraud prevention, localization, and identity verification.
The flexibility of Descope’s broker and workflow capabilities can help with a wide variety of scenarios. For instance, if an organization’s IdP supports OIDC but a client only supports SAML, Descope can “broker” the connection between a SAML client and an OIDC IdP.
Descope can also securely merge user identities across authentication methods while bridging SAML and OIDC connections. For example, if an app accepts both personal and work email addresses, Descope provides a merged view of the user while still allowing the user to log in with either email ID.
“Customer identity silos and fragmentation is not something that just affects the Fortune 1000,” said Slavik Markovich, Co-Founder and CEO of Descope. “With so many disparate digital interfaces between the user and the business, getting a complete view of the customer is easier said than done for organizations of any size. Descope’s identity federation capabilities can help even lean IT and developer teams take control of their customer identities.”
Learn more about identity federation with Descope.
Video demo of identity federation with Descope.
Book a demo with a Descope identity expert.
Descope is a drag-and-drop customer authentication and identity management platform. Our no / low code CIAM solution enables developers to easily create and customize their entire user journey using visual workflows – from authentication and authorization to MFA and federation. Founded in 2022, Descope is backed by Lightspeed and GGV and is a member of the FIDO Alliance.
Offleash for Descope