Seamless authentication for 1,500 applications across 500 microservices APIs and 100 UIs
If you’ve ever ordered customized products from National Pen, Drukwerkdeal, Pixartprinting, Printi, Vistaprint, or WIRmachenDRUCK, you’ve worked with a Cimpress business. Cimpress’ strategy of investing and building customer-focused businesses allows them to retain their autonomy while accessing strategic support that enables customization at near mass production efficiency. Through more than 40 e-commerce sites their customers can access a huge product catalog from apparel to marketing materials to drinkware and personalize their product in ways meaningful to them.
Alongside its organic growth, Cimpress has acquired a number of new businesses in the last five years. These businesses often maintain multiple domains and marketing sites across different geographies. Forcing all the businesses to take the same approach could harm their end goal of growth.
“The big shift that we’ve made in terms of interacting with the e-commerce activities of all these businesses over the last five years is to treat the core Cimpress platform as the connective tissue, but to allow every business to continue to operate independently. So we’ve diligently pursued autonomy in each of those business units,” says Ryan Breen, Director API Management at Cimpress.
For this business model to be successful, a fast-expanding organization like Cimpress needed to ensure that connecting new companies with diverse systems to its technology capabilities happens quickly and seamlessly.
However, full autonomy in the technological arena didn’t lead to the best user experience. Because of the scale and complexity of Cimpress’ global technology capabilities, Cimpress hires devs with a need to be thorough. “When they attack a problem, they attack it all the way,” says Michael Murphree, Principal Software Engineer, API Management. Usually a benefit, that need to create a trusted solution meant that devs were repeatedly solving authentication from scratch, including Single Sign On (SSO) and federation and SAML integration – each of them solving it a bit differently. “There are certain areas where giving everybody autonomy to decide how somebody should authenticate with their APIs just leads to all of your customers having to remember that there are 20 different ways to call different APIs and having different credentials for each one. We started exploring Auth0 to replace complexity with simplicity and speed,” says Breen.
The Auth0 solution would take Cimpress from using basic authentication methods such as sharing credentials in the form of usernames and passwords for specific APIs and IP whitelisting restrictions to authentication for their approximately 500 microservices APIs while increasing data security. Although not mandatory, the solution saw rapid adoption. Within months of switching Auth0 for microservices authentication, Breen and his team also offered Auth0 for their 100s of UIs resulting in swift onboarding.
Using Auth0, Cimpress’ latest acquisition, BuildASign, was able to connect to and access the tools within the Cimpress mass customization platform in five minutes, delivering an IAM platform that is rolled out quickly, is well-documented and easy to manage across the various independent units.
“It was very much a wow moment for these two fairly large companies to be able to integrate our e-commerce technologies that quickly. We’re internally contrasting that against five years ago when that kind of stuff took a huge amount of time and energy. BuildASign has been a fantastic story to showcase why we’re using Auth0,” Breen says.
In addition, having a consistent IAM solution that offers multi-factor authentication (MFA) and Auth0 Rules Management to access services and manage a growing number of APIs is saving developer time and resources.
“Auth0 enables us to focus developer time on actual innovative work in the mass customization space. Every second that a developer doesn’t have to worry about how their callers are going to authenticate brings value to the organization,” says Breen.
Combining technological and business flexibility with a rigorous IAM solution is not easy, especially when it comes to large and continuously expanding organizations like Cimpress. Auth0 has made this possible and has been a valuable partner throughout this journey.
“For a company of our size and scope, it is hard to imagine not having Auth0. I don’t think we would be able to operate as effectively as we do if we didn’t have this type of IAM solution. We are using Auth0 and its technology to support our growth and continued success,” explains Breen.
Auth0, a global leader in Identity-as-a-Service (IDaaS), provides thousands of customers in every market sector with the only identity solution they need for their web, mobile, IoT, and internal applications. Its extensible platform seamlessly authenticates and secures more than 2.5 billion logins per month, making it loved by developers and trusted by global enterprises. The company’s U.S. headquarters in Bellevue, WA, and additional offices in Buenos Aires, London, Tokyo, and Sydney, support its global customers that are located in 70+ countries.