From a philosophical perspective, something (identity) that is not a core value proposition for the business (the application) should not become a blocker. Instead, the most important value identity can bring is to become incorporated into the application FAST so the application can be launched.
But since when has it been easy to fit ANY technology into another ecosystem? And since when have identity vendors focused specifically on lowering complexity and increasing speed to implementation?
Unfortunately, historically, customization in identity has been required for elements which cover just about every real identity scenario in a corporation, including:
What if… more of the elements that today require customization came as OOTB (Out-of-the-Box) options? And any customization efforts that were still required were possible within a guided framework on top of a stable and completely flexible customization platform?
This is the primary idea behind the concept of ‘OOTB and extensibility’ – a concept we have found effective at increasing customers’ speed with identity and their applications.
‘OOTB and extensibility’ is not a new concept. Many SaaS vendors and even identity solutions have customization options, and Auth0 has offered a ‘OOTB and extensibility’ option for years with Rules, Hooks and Extensions.
The key question to ask is, ‘do these customization options make you faster?’
We think that ‘OOTB and extensibility’ should enable speed. That means customization should help speed identity’s incorporation into an application and quickly add business value to that application. . .as defined by the builder. On the flip side, customization should not be required to achieve most standard identity use-cases (federation, etc.).
Where customers want to add something custom or unique into the authentication flow, an ‘OOTB and extensibility’ option can make this possible quickly. Take, for example, the flow for the first login of a new user. One customer was onboarding new employees and the helpdesk provided any new employee a temporary password. The company didn’t want anybody – not even the help desk – to have access to the new employee’s password, so they used a Redirect Rule with Auth0 to prompt the user to immediately create a new password upon first login with the temporary password.
In another example of a customer adding something unique to the authentication flow, a trucking logistics app had users who were sometimes truck drivers, sometimes store managers, and at other times performed other roles. They wanted to control when and how a user would be allowed access into the logistics app depending on the role at any given moment. Hence, they created a custom permissions scheme and fed the output of that scheme, using the Custom Webhook with ASPNet WebAPI2 Rule, into the Auth0 login flow.
Customization can also increase speed if it allows for identity to fit better within an existing ecosystem; for example, connecting with older identity providers that can be more challenging to integrate. One company had both older and newer apps it wanted to connect to Auth0, but for the older apps it was already using OpenSSO (an Oracle solution) as the identity provider. The goal of connecting to Auth0 was to achieve SSO across both the new and old apps without ripping out OpenSSO. Leveraging Auth0’s Custom OAuth Connection rule it was possible to connect Auth0 to OpenSSO and the older applications through a custom SSO bridge that sat in the customer’s environment. The end result was SSO across the old and new applications without a large rip and replace of the current ecosystem in place.
Lastly, customization can help implement identity across multiple devices and experiences quickly. One of our customers has over one hundred different applications connected to Auth0, with different specific Auth0 implementations to provide a unique login experience suiting each app. They also have central visibility of those users and implementations and are able to differentiate between each user at a central level using simple conditional logic in Rules.
To see what others are saying or for a follow-up story around specific customization options available with Auth0, contact us below for Part I and Part II of the ‘It’s All About Speed’ series:
Part I: It’s All About Speed: The Identity Speed Equation
Part II: It’s All About Speed: A Practical Example of ‘OOTB and Extensibility’