Three Use Cases, Millions of Users
ecobee needed a versatile IAM solution that could handle authentication for three classes of users: individual customers, commercial space owners, and its own support staff.
B2C: End customers make up the largest segment of ecobee’s users, with millions of customers and in-home sensors. These customers may use ecobee’s mobile app, web app, or third-party integrations, so ecobee accommodates them by employing a variety of Auth0 auth flows. “We’ve really relied on the Rules and custom database capabilities to do things like enforce a requirement for MFA for anyone who has a camera in their home,” says Jonathan Harlap, ecobee’s engineering director for platform.
B2B: These users own commercial properties or multi-tenant residential spaces but often need to share control of their ecobee products with property managers or tenants. Auth0 has allowed for these control restrictions. Explains Harlap: “You can have a building manager control the environment in all of the empty units of their building, while the tenants who are using the B2C apps control their local environments individually.”
B2E: Customer support staff use Auth0 for administrative access to customer devices. This can include getting system logs off an individual device to debug it, deploying firmware, and guiding customers through self-service solutions. “The simplicity and the risk reduction is amazing for us,” Christensen says. “Previously, the off-boarding process was very cumbersome and very risky. Now, we don’t have that problem anymore.”