KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
More and more organizations use CIAM for B2B use cases as such combination can help companies position themselves on the market. While no one argues that user experience journey for the B2B Customer is just as important as any other customer, they most certainly need a relatively different set of features.
More and more organizations use CIAM for B2B use cases as such combination can help companies position themselves on the market. While no one argues that user experience journey for the B2B Customer is just as important as any other customer, they most certainly need a relatively different set of features.
Good afternoon, ladies and gentleman, welcome to our Ko cold webinar. All the roads lead to the sea paved with B2B. This webinar is supported by AEL. The speakers today are Marco Auti, who is vice president product management at IEL and me Martin Ko I'm co-founder and principal Analyst at before we start some quick information about keeping coal and some housekeeping information for the webinar, and then we'll directly Trump into the topic of today's webinar. A coal is an global Analyst company.
We deliver content and services around anti access, cyber security and artificial intelligence and adjustment areas through our reports, such as executive use leadership, combust documents through Analyst, inquiries, webinars, advisory projects, conferences e-learning, and auto types of services. In our research, we deliver a variety of formats. Some of these are for instance, our leadership compass, where we compare vendors in certain defined market segments. Our executive view reports, which look at specific vendors. The advisor knows backgrounds around trends and other topics.
And our very short leadership briefs, very condensed information about certain topics. We also do advisory. We are strictly vendor neutral, but support our customers in strategy definition in portfolio management, in technology selection and in project guidance with our strategy compass portfolio compass technology compass compass. And as you probably know, aside of our webinars, we have a number of other events which include for instance, digital finance world, the blockchain enterprise days, our consumer identity events and our cybersecurity related events.
So look at these events in the autumn of 2019, there will be many, many interesting new events regarding the webinar, a little bit of housekeeping to do here. So, so one thing is audio controlled. You are mute centrally. So we are controlling these features and, you know, don't need to mute on mute yourself. We are recording the webinar and we will provide slides for download, and there will be a Q and a session by the end of the webinar. However you can, the questions at any time using the go to webinar control panel, let's have a look at the agenda.
The agenda for today is split into three parts. In the first part, I'll talk about the changing focus of identity and access management across businesses from moving more from a traditional on premise employee perspective, towards a ex focused consumer and other types of users, partner centric perspective in the context of the digital transformation. So why is this changing and why do you need to resing and align your various initiatives around traditional enterprise or employee identity management, consumer and business partner, identity B2B identity management.
In the second part that Marcou to who is the vice president product management, that ICOM will talk about how I welcome supports these use cases, which bring together B2B and consumer identity so that yours can manage intermediaries such as agents, leaders, after sales support and moving forward in that space. The third area then will be the Q and a session where we will try to provide answers to the questions you have.
As I said, the more questions we have, the more lively interesting the discussion will be. So let's start with a very simple perspective. Let's look at the digital transformation. It's a not really new term. When I bring up something I created a while ago, which is around how this evolves, what we are doing. And a lot of these things are related to today's webinar business. So this digital transformation has a lot of external drivers and some of these drivers include things like the dynamic partnerships. So our business models and the business partnerships are changing.
So to serve our customers, we need to support these ever-changing partnerships. Also the changing competitive landscape, some might be competitive today, and your partners tomorrow are being both in some way. We have other things like innovation to shift from product to service, et cetera, but allow these two things, partnerships and landscape show that it's essential to support both the consumer and also the partners behind the business model behind. So from an organizational key capability perspective to succeed in this transformation, it's about innovativeness.
So really deliver the new services the right way. It's about agility. So all this is far quicker, far faster than it ever has been. So it's not about taking years to construct a new product. It's about an agile evolution within these products and services you deliver to the market. And it's about the organizational flexibility. When you're agile, the organization also must be agile. We have this area of the business transformations as the next element. These business transformations are the things which then are sort of the big changes in the way we do business.
And when we look at these big changes, then as collected three, one is the internet of things. So everyone, everything becomes connected. We have the smart manufacturing. So really the full integration of our supply chain. And we have this, this notion of know your customer in a very broad sense.
Well, beyond the regulatory aspect of know your customer towards really knowing your customer, understanding your customer, serving your customer in perfect way. And this is also where the customer comes in. So it's the partners, it's the customers. We need to work differently. When we look at internet of things, it's all about also working with partners. It's not only you who built the internet of things, your things connect with other services with other apps, etcetera. And that is what you need to support in the things you do.
And amongst these things, which are sensors and blockchain and cognitive AI, there's identity and there's security and privacy and identity and security and privacy are essential to make your business succeed in this transformation. And today we have a webinar around identity and why it's important to work with consumers, customers, partners. And I'd like to start with a perspective that I take from the identity in the mind of the consumer. So what is what a consumer and customer, so the consumer hopefully becomes the customer surf by you and your partners. What does he really expect?
And there are a couple of things he expects. So in the mind of the customer or the consumer, it's, he wants to use few identities. He wants to decide on which identities to use when he wants to work everything from every device. And when he switches his device, his life should digital life should continue seamlessly privacy and security, all easy and simple. So it must be secure. So if it's doesn't work as secure as it is expected, you are guilty. On the other hand, it should be super simple.
It's a little bit difficult that area, but at the end, you need to support for that because sometimes that's the expectation. Oh yes, there are payment and commerce aspects, seamless access. So go get rid of KYC, processes, cumbersome registration, and allow people to work in their, their, their connected way. So it's not that there's specific specifically from device perspective. There's not that much the divergence between work and life anymore. It is converging.
It's not always easy to do specifically with regulations, security in mind, but from an expectation of the consumer, it doesn't element heat tendency. The other aspect to look at in this context is how do we deal with our partners in business?
And this, I think becomes, it's one of the areas where it's important to, to really sort of PA the road to your consumer consumer, with support for your partners. It's not about locked data anymore. So also the data you have from your services, it's not locked. You will work with the data also with partners, with your customers, with everyone. So it's about they from one hand, look at what, what your users want. Not every user is the same. So there are some who look very much at privacy artists.
Don't ensure that you can serve that ensure that you comply with regulations when you deal with the data, but also be able to work with the data in a well sought out manner. Very important thing is that lock in is not relevant.
And that, that, that of interest to your business partners, because if you or someone else owns too much of the data with a tendency to becoming a monopoly, then he's a risk for all the other businesses. It's a matter of balance of power. And we need to work with partners. We need to support the partners, exchange the partners. And we also will have things where, where data becomes more autonomous, which means we need to be able to deal with the data in a way where we are not even in a user, a is connecting user B is connecting style, but where, where it's even more complex.
And so we need to manage all these entities in this, which are part of this true transformation of this connected universe in a way which goes beyond just saying, okay, I have a customer login. It's more, it's significantly more. There's a lot of change. Some of these aspects go beyond the identity piece. Some of them are a bigger story, but it is what is happening.
And so when we look at how identity is evolving so many years ago, we had this per system, user management, we then introduce sort of first identity management, very technical, very administrator driven, synchronized accounts between various systems, cetera. We had already 15 years or so, even a little more ago, the first Federation standards appearing. So how can you federate with your business partners? That was sort of the first time really going broadly beyond the internal use cases. We had a consumer identity management, and right now it's even more shared.
It's really sinking in the share thing that means bring together these things, bring together all these types of identities work with different identity providers, but also allow all of these identities in your context would be well managed. This sort of evolution is, is going forward, and we need to get better on that. Getting a little more technical, so to speak. So going back a little, we end up as a perspective, which is more around what, what does it mean for standard identity and access management? It means we are going beyond IGA.
So for whatever reason, PowerPoint displayed two errors at the beginning. But traditionally we had a very strong perspective on this. What I tend to call deploy time identity measurement. So we create an account. We give them entitlements grant entitlements. We approve the entitlements. We have governance on these entitlements. So that is the one thing it's really the IGA part, but we are increasingly focusing on that's what we see amongst our advice for customers increasingly focusing on, around on, on runtime identity management.
So the authentication piece in the context of the user, should it happen? Should it, shouldn't it happen? How strong dust the authentication needs to be.
So, and adaptive authentication, also authorization. And what happens in the context? What does the user really do? So user behavior, monitoring analytics, is there something going wrong? So the context is shifting and it's interesting. The more we move from employees where it's about complex entitlements and the still strong focus on the deploy times, the more we move towards the consumers matters, the more we shift from a deploy time emphasis to a runtime emphasis, and we need to get better on that.
Our identity management is changing, and that is I think, where, where the bigger evolution, how can we enable that all these various priorities, all these various entities can access the data they need. And if you want to build consumercentric solutions, it's not only about the consumer. It's about modern the consumer. There's the thing on the one end or the device of the consumer he's using, there's the partner who supports the consumer. There are to some extent, even your employees.
So from a, from a strategic perspective, and that is not that it's, that's a single tool. It is, is about a concept where you say, how can you really serve that from an it perspective? It's about connecting everyone to every server.
So we, we tend to call this an identity fabric, which is a logic concept, which allows to connect every one with all this, the devices and syncs, etcetera, to every service. So your consumers, your partners, your employees, which need access to a variety of services, and the partners are important element there, they have a different role there, different notion, you have different challenges. So the one is for consumers, bring your identity, external IDs for the partners it's Federation. It might be also partner platforms.
You build specifically or extended management platforms, directory services, and you federate out, or you use traditional technologies. It's not that that everything needs to be supported from one tool, but obviously you need to deliver a platform over time, which delivers the access management capabilities for your consumers, your partners, and integrates what usually is there your employee perspective. So you need to do access management. You need to also manage the accounts, which is easier for the partners, et cetera.
And you need to also do the content handling privacy and, and other things for all this, which is obviously more important for consumers than for others.
So it's a set of services and you need to go beyond the enterprise identity management, and you should take a perspective, which is how can you deliver this set of services in a, an integrated banner based on a set of services where consumers and partners are, are sort of one part of the play while the sort of the employee and the legacy are a little bit of different part of the play from business perspective, it's a little bit of different perspective, but again, it's about what are, what do you need?
And that is really where these things, again, come together, how can you efficiently and successfully deliver digital services? And that means when you want to serve your customers and your consumers, it's not only about creating one, whatever Porwal for them.
It's more, it's about integrating services that are provided by your partners. For instance, it's about orchestrating stuff, using reusing identities. And again, the partner comes into play the consumer. It's not only the consumer and you have cloud services, you have your AI services, you have legacy stuff. You need to connect to build these new services. You also provide services to your partner. They provide services to you for all the digital services you are delivering to your consumers.
So consumers brings the revenue and the data, the partners to channel, but also the additional service. He is delivering services to you in different forms. These services come together so that you can construct the digital services UX and the capabilities, but specifically, also the identity. So the onboarding and the access of the customer and the consumer, but also managing all the proper services in an academic way, sharing also that allowing access to the partner, service, all the other stuff, which is part of that. And then you can use and monetize these services finally.
So to create digital services for a digital business, you need a strong identity begging, and this identity begging must support more than a pure consumer or part of perspective that can be constructed. And that was the idea of fabric in a, a variety of different ways. So if you really think about your use cases of the capabilities and the services and the, the, the functional building blocks be an as a service or an on-premise solution, then these are different levels.
So you can construct it in different ways, but you need to take a perspective which goes beyond the singular focus on only the employees or only the partners, or only the consumers. You need to think bigger and will not succeed with your consumers and customers when you don't serve your partners.
Well, because we are living in a connected world, it's all connected, and it means you are working with partners. You are sharing services, you are using shared services, and this is something you need to bring together to for success in your digital business. And an essential element of that is doing the identity for consumers and partners, right?
With that, I hand over to Marco, who is the second speaker. Absolutely.
Thank you, Martin. And thank you all for joining us today. I am Marco Vanu and indeed I am product manager today. Welcome apart from having spent or a few years today. Welcome already. I have a fairly long experience in the identity segment for the last 15 years. I've been working in various product company in capacity of presales, all the way to product manager, but an identity management identity governance, and now consumer identity management.
But today, and the spoil is already in the title. We're gonna talk around how we do address B2B specific use cases, and specifically the three key questions there will address over the next 20 minutes, or so are first of all, what are the core B2B needs? What is B2B defined? Like what kind of capability are required to properly address those scenario? And finally, how can we, as a welcome, can help in those circumstances?
So, first thing, first identity is a very diverse and, and different thing, depending on the kind of scenario we're facing. There's no such a thing as a single type of identity, but rather a multitude of them ranging from employees, which can be already broken down in different, in different types, but including then contractor, business partner, or broker dealers, and finally customer and consumer the customer and consumer is what we call the C star.
And each of these identity type involve specific processes, dedicated life cycle and specific interaction and relationship that are required to properly serve them with the kind of digital experience they, we want to deliver to them to make things a bit course grain. And in a way also recapping a bit of history. Everything basically started with what can be defined as workforce identity management, where the user are in the range of the thousands with very low fluctuation in terms of number and well simple to predict in terms of how frequently and how much they will will change over time.
At opposite side of the spectrum is what we call the consumer and the customers, which can be in the range of the millions. And by definition, they add much higher fluctuation and much harder to predict there is an in between of course, which is the business partner, which is in between, in many ways in between, in terms of magnitude meaning numbers in terms of fluctuation and in terms of predictability.
Now, when it comes to these use cases, let me just give you a couple of example of what I mean with the, in between picking ordinary scenario that we assisted in industry, such as for instance, the insurance one where you have the insurance that is of course, is of course featuring different types of customers, such as retail, customer, and business customer. And apart from featuring services devoted to those specific customer.
There are intermediaries such as agents and brokers, where agents are just working for a single, a single insurance company while broker of course have a similar relationship with multiple insurance company at the same time. So that is already an example of an in between type of persona.
That is well in a way, is a customer to the insurance, but is a, is a provider to the final good customers that insurance is providing a more layered example with a few more identity types can be pulled from the manufacturing B2B ecosystems, where the company is providing good goods again to retail customers or business consumers and those services. And those goods are reaching those individual through a layer of agents, which are then funneled through distributors and wholesale. And of course are involving dealers, which are the one having the final count.
And as a services and goods might require, there is field services also involved. We here already another four, five types of different types of persona, which are again in the middle, in the kind of digital experience that links the company to the final users of the good and services provided.
So my, my sub my claim here is that basically the notion of consumer is something relatively something that flows all along the chain of different types of persona involved in those scenario. So to make that short and sweet, basically everybody can be consider a C meaning a customer, meaning a consumer to somebody else upstream. Okay. And in that light, we can paint more, more types of scenario apart from the two that I just depicted with different way to call them. Right.
So here, just in the, I'm just trying to enumerate a few more examples. For instance, at times we see that call as B2B access. So meaning again, basically the example I just gave such as broker delegation, for instance, specifically in the industry, in the insurance sector, or even customer care, which is a variation, which is involving business users, delivering services to customers. So it's a B2C explicit use case scenario. Temporary user are not a good example.
And finally, again, multi-brand and shopping shop nesting, which can, is another, is another notion of layered customers leading to a final layer of consumer. So all this kind of scenario, add something in common, all those flavors of sea of sea star, again, consumer or customer, those inter intermediate party are sharing some, some need some problems, right?
Such as the fact that they are often offered a fragmented experience and maybe not necessarily provided with a unified way to sign in and not manage in a consistent unified fashion, more as they are not part of the company, they are subject to GDPR rights, right? And that is often addressed on a per application base. So in a siloed fashion with replicated control and with lack of a centralized ledger. So all this aspect are less than ideal, and they're bringing to a specific side of needs, which is a bit more, a bit broader than what the workforce or the consumer identity typically require.
And I will be more specific about them in a, in a minute typically needs. There are a blending of what traditionally is defined identity management and access management. So B2B is very much a combination of the two pretty much all the time and even wording wise and the way it's, it's called, we assist it to a, still a bit of different way to refer to that, including delegation, relationship management, B2B identity management, but not limited to them.
Now, that being said, okay, what are the key needs? What are the key requirements, which are meant to be addressing those needs? So historically we assist, we assisted before. And that's definitely also related to where we are at today to very mature solutions to address the workforce identity in the consumer space, they are dedicated solutions and they do a very nice job, a multitude of, of software in the cloud.
And on-prem to address those, those kind of needs it worth mentioning that there is no such a thing as off today is a single player, a single solution that spans thoroughly the entire spectrum of use cases and needs ranging from those originated from the employee community all the way to the, to the consumer. So it's very much of a segmented thing yet, while at the same time hybrid scenario, meaning with coexistence of different types of identity is increasingly frequent, if not the normal rating.
So all in all that boils down to very frequent types of requirement, which I thought it would've been good to capture in a real life example. So what I'm giving you now is an excerpt from NP, of course not the entirety of it, just a few liners, but just to get the gist of it, we assist more and more to explicit B2B scenario, right where the B2B is again, B2B, but also B2C at the same time in this case is a manufacturing company with thousand of dealers and then a rental company also in the thousand and a network of direct represented, even selected country.
And they explicitly, they have two major types of relationship that they want to maintain the B2B and the business to consumer. What is that meaning? What do they expect from an identity management solution to address those needs? It is a long list of requirement as usual, but what deserves attention for the purpose of our conversation today? If we look at, for instance, role eight and nine, there is a notion of layering.
There is a notion of hierarchy of structure of multiple entity that are in chain in leading the path to the final customer, that what is here defined as multi-layered user management, or can I manage hierarchy? Right. Another interesting thing that worth mentioning is related to row 10 and 11, and is about, well, those are not employees. I need to register them. How flexible is your registration process? Can I provide some sort of validation around those identity? This is very typical scenario that we assist in B2C too.
Again, the reason for bringing this up is just to express clearly what I, I think would've been good to capture in the slide that I'm now projecting, which is in a way comparing the three major types of identity management that we currently see. So I thought about, well, what define workforce identity management along the line of the search service capability that need to be provided the user manager?
So the, the, the man, the managers, other people capability, and what kind of integration, what kind of delivery model? Well workforce is really about access request management, access approval integration with HR system, of course, because it's workforce identity and very much, because very often because of the complexity of the integration, because of the fine grain access control that they wanna have on application is very much of an on-prem base place still these days.
Well, if we look at the B2B, which is, well, maybe is expected to be fairly close, well, actually it's not at all. When it comes to B2B out of the example, it just deliver. It's very much of a self-registration play think that you don't usually have at all in workforces around profiling consent preferences management is around managing the registration process in a flexible way and integrating possibly with CRM solution. And if we are integrated with application as often, the case is, is in a course grain fashion, right?
And to the point that frequently we assist to customer addressing B2B needs with a joint adoption of identity governance and access management or identity governance and consumer solution. Now, if you look at what consumer is like, the proximity with the B2B space is, is significant much closer the consumer to the B2B rather than the B2B to the workforce, which is in a way, at least worse to me counterintuitive, right?
Again, this is another way to say what I started off with a business user is nothing but a consumer to somebody else. Now, key capability now getting to the next level, what it takes to do a good job in addressing the needs for identity management in a B2B scenario.
Well, basically the key thing is that B2B partners are company themself, meaning they have their own employees and contractor, and they require a flexible registration process because they need to be onboarded somehow. And they're not coming from the HR system by definition. They are subject to GDPR because they're not contractually bound to our company, right? And so they need to be able to express consent on what we're doing with their personal data and to withdraw with that.
They need to be provided with secure access, secure authentication, not really sensing or being scared about password strength, or level of security, but rather to prevent other what otherwise would be a likely attitude in sharing account. And we don't wanna have that for sure. Finally.
Sorry, not finally, but delegation is also very important delegation model and the way we manage the layers of delegation of who can do what on home is, is extremely relevant by definition. And finally, Tero UI, there are so many different persona in our manufacturing example, before they were four types already that flexibility in what type of capability we offer to the various type of individual is extremely important.
Now, how can I welcome help in these cases? Well, I welcome is an iden, a consumer identity management solution, or at least this is the main way that we are identified with, although, worth mentioning that we actually do two things. We do consumer identity management and B2B identity management because of what I just said because of the proximity that there are among the two worlds, right?
And in that light, we are providing our customers with a master record for identity and consent to provide our star and consumer and customers secure and frictionless experience where we manage their right, their consent and their preferences. Of course, we can integrate with the various application and we can relieve those application in the backend from the otherwise required, need to manage identity and consent complexity.
So back to the key capabilities, the five key capabilities that, that I enumerated a couple of slides ago, let's have a quick look at what we mean with a bit more detail with those sort of thing. So one after another, the first one being the interaction flow, meaning again, we are onboarding business users or customers.
Well, that means that there's a number of possible processes that need to be following the way I maybe invite them, or maybe I have them self registering or through social network, or, or maybe with some activation and validation processes that are involved. There's a big diversity out there. So a key capability in a B2B solution is to have flexibility in addressing those scenario and maybe sample scenario, sample flow with the most common one. Okay.
In again, managing that, all those possible interaction worth mentioning that this kind of complexity is unexisting in, in, in the workforce identity because you don't have that problem.
You don't need to manage self-registration at all capability, which is GDPR and consent management consent means that we need to, and we need to, and we need to empower the user to express their acceptance of terms and condition, for instance, which is what we usually call course grain consent management, meaning on a document I consent or am not, I agree or do not agree and opposed to fine grain consent management, which is on an individual attribute base.
We manage the two of them and we can have for each and every attribute, a number of that we have already, I've got the boss controls to represent and managing the UI and through API user consent. But also that can be extended. Should there be any need to represent other notion of preferences? There are relevant for a specific customer. Okay.
But in general, again, consent management is now required, which is not the case again, in the consumer, in the, in the workforce space, third capability, multifactor authentication, again, as I said before, is of course intrinsically valuable per se, for obvious reason, which is, I believe everybody would agree about, but maybe not so intuitive is that the core reason to adopt MFA in a scenario like this one is not really to, to, to, because we don't like password or because we find them not secure enough. It's not about that. It's not about security. It's about habit. It's about discipline.
It's about preventing and avoiding people from sharing accounts. If I'm delegating a broker to create other people, other broker working for him is very likely and very convenient for him to share his account, to get access to maybe the mother insurance company system. If it wasn't that now having a mobile phone where you need to push and swipe to log in, that can no longer be the case. So main reason is preventing shared account.
Of course, in that case, we mean that we can provide a mobile app. They can be rebranded to reflect the corporate image capability, number four dedicated delegation model. This is maybe among the various ones that I just enumerated the most complex one in terms of where complexity resides. Okay.
Again, we saw before there are multiple layers of customers. There are multiple way by which I could possibly group them up and offload the otherwise overwhelming overhead, managing people, part of those organization, which are again, company by themselves.
So I need to be able as a master company to empower user, which are power users and delegate them on specific action and on specific fraction of other user population so that they can create possibly and invite or register other user, they can profile them, not necessarily limited to deliver application access can be all sort of thing, changing attribute value or triggering specific action on other platforms. So there's a big spectrum of option in what profiles means. And finally, more importantly, those power user can delegate other power user downstream.
So to create this notion of multiple layers of delegation that is crucial in complex scenario, 50 capability, tailor UI, different type of people, of course might require different type of persona. When users are in the thousand change management training as an impact, I don't want to spend money in training. The user interface need to be leaked and tailored to, to, to really what, what is really required. So power user are not that many might be offered and usually are a richer UI with more options.
But other types of user might be fairly limited for instance, in just having a readonly access to KPIs, or maybe just to change and reset password of customers and others are maybe just limited to have a dashboard with tile support, specific application. They can get access to with that. I'm getting to the final slides of my presentation today.
So again, why I welcome can help? Well, because two reasons first we provide capabilities in the consumer space, which has been extended over time to better serve the B2B needs, not incidentally, but because of the customer we had the, the, the, the lack to serve in terms of emerging requirement. And we have been addressing this sort of needs for quite some time now.
So is, is something that organically emerged out of some recent experience. And in general, with the solution we provide, we are optimizing and announcing the B2B journey to those customer whenever they have needs that are involving a combination of identity access management requirement for users, which are not coming from an HR system, but again, other sources, or maybe just registering themselves extensive delegation, registration, and validation processes. And with that, Martin, I would give it back to you and I would open up four questions.
Thank you very much, Marco, for all the information provided and the insight and your perspective on these use cases. And I think there are really many use cases, as I said, where these things overlap. So we need to think this bigger. And with that, I want to switch over to our Q and a session. We already have a couple of questions here, and maybe we, we go through this step by step. So market first one appears we, we targeted to you, which is, do you provide application provisioning and how do you enable access for users? Okay. Yes. Good question. Absolutely.
Yes, we do offer application provisioning as part of the product capability. Again, we are coming from a consumer solution, right? So we do two things we provide just in time provisioning.
And that, that is, I would say absolutely expected. And we do have standard support for skim to manage provisioning. And also we have subscription API to allow third party adapters to consume the changes that are originating in our platform.
What I mean with that is that we do provide just in time provision, which is course grain provisioning on target application, but we also allow third party identity management solution or adapters that the company might already have to be reused, pulling the changes that are originated from our platform to be propagated on target application on both directions. Okay. Another question I have here is, would, ICOM also support approval workflows to validate self-service access requests. Okay. Yeah. Good question.
Well, we do support approval flow and we, as I think I clarified before we have approval flow as part of the registration processes, we do have options to configure the approval flow associated to access requests. Although at the moment are fairly, there are two, three examples of a pre-canned approval flow, but we do not allow customization of those approval flow. Okay.
So just to make it clear, we can have the manager approval, or we can have the out approval, but we don't yet allow for instance, to have three nested level of approvals that kind of complexity is in our case, more belonging to the registration processes and validation. Yeah.
And, and frequently it's for you that just say, okay, there's one person who approves as I would say, a very, very common scenario. So another question here, that's maybe one which, which is relevant to both of us. And you might start with that. That question is for customers who manage B2B relationships today in a legacy way, EA using a standard legacy promoting approach, what is the recommended path to transition to runtime or real time access?
Oh, that's a very interesting question. Meaning that, shall I rephrase Maybe? Yeah.
So, so it's really about, you know, currently you might just do I have a standard provisioning workflow I create and you B2B user, and that is really perspective. He has an account on that, but if you want to do it more, more in a, in a, or add the, the access perspective and, and do registration more flexible, more self-service style, what would be the recommended migration path or, or maybe also extension path, it might be also more an extent the current scenario path for these users. Yeah. Yeah.
I would probably start from access, meaning that traditionally B2B scenario assisted before are very much addressed in the identity management, the identity governance side of the, of the use cases a is not so much. So probably that would be the first angle I would approach it with maybe providing the, the B2B users with a unified entry point with, with a launchpad, for the application. They can get access to assuming that is not already there. Of course. Right.
And that would be the first step in an ordinary, in a, in, in a traditional scenario would assume that there are onboarding process is managing some other form, which I can only guess here very frequently outta what we assisted before is very frequently about uploading periodically list of users, or maybe pulling them from some active directory specific node or things like that. That would be the second part of it. Maybe I would go there in doing a different job in the way the onboarding is, is accomplished as a second step.
That would be, again, an approach that I would recommend, but is definit is in detail, right. Probably would be very interesting to have well, a conversation with whoever about that to, to, to provide more recommendation, more specific recommendation. Yeah.
So, so Marcus, thank you for that part of the answer, I believe it is really, so my perspective would be look at really this bigger identity management piece. So when you think in this identity fabric context of really connecting everyone to, to everything, what do you already have? What are the things which are missing, which are the, how can you sort of which so which capabilities are you lacking, which first services do you need and what can be done with your existing services, how to compliment this. So really build, create this, this architecture picture.
So we have more granular ones than dev one. I had show Matt what you have to that on a capability or a little deeper on a technical service level, look at the building blocks and then think about how, how to deal with that. So are there things you can continue to use, which you just compliment with or extend with something new? Are there things you need to fundamentally replace? What is your strategy on that? So really starting with a, with a, with a well sort out and, and very structured process on, on creating the picture and them adding as markets capabilities you need.
So that answer sort of brings me directly to another question, which was directed to me, which was on my slide 13 and 14. So the ones was the identity fabric.
So Martin, where do you see the role of identity hubs fitting into the connection between business partners and services? So sometimes their, their, their identity hubs, which which create, for instance, connections between different B2B entities and companies or to services. It depends a little on the notion of what, what is meant by an identity hub, but that could be for instance, something, if it's more the identity provider perspective, it would be something which I would see in, in sort of in the next level of granularity beyond that slider had been showing.
So the next level of granularity for instance, includes something such as a IDP in there. So the IDP is something which sits in between various types of entities and the, the sort of the identity fabric supporting all of these. And so I think this is more, more matter of granularity in within this concept. Hope that answers the question, which then I would move to the next one, which is again, one which is directed to Marco.
Marco, do you see scenarios where a contract management database would be the source for identity specifically the B2B identities, maybe you even have already implementations of something like that? Well, I don't have implementation specifically of contract management solution, but again, it is an example that applies in general to potential integrating with CRM solution with contract management solution, with any sort of our solution that can be the alternative source for identity.
So specifically on contract, I don't have any specific case that I assisted before, but I have other scenario for, well, in one case was a document management system that the close that I can think of where we were pulling identity information. Okay. Meaning ative source or where it was initiating the journey of the digital identity representing the user. Okay. That is Again, in my post follow up workflow implication for the validation, just like any other source. Okay. Of Course. Yeah.
Marco, what do you mean with tailor the UI? Can it be rebranded or change somehow? Can I build my own UI? Cool. Yeah.
Better, good information. Yeah. I could have clarified that better tailor UI means two things. Indeed. First that can be tailored, meaning that there is a lot of configuration option to show or I capabilities depending on the type of persona show, all I meaning core grain capability, but also of course, which fraction of data the user can actually see in there.
It can also be rebranded to refract the corporate, the corporate style and very re frequently, but that is belonging more to the consumer rather than to the B2B we assist to customer, which are just leveraging the API to build ground up their own customer experience. Okay. Because again, the entire thing is also FLA by API potentially to customize the, the, the, the way that the user experience like. Okay.
But again, this is more really, really see meaning consumer rather than the extended notion of C, which is also customer and B2B party. Okay. We have some more questions already. Another one again, about this integration with what you already have.
So, so how would you integrate with an existing identity lifecycle for B2B users? So sometimes there, there is some lifecycle of that, so it's not as much self registration, but it's someone coming in. How would you integrate with that? So not mimicking or duplicating and existing lifecycle, but just integrating. Okay. So lifecycle to me means that we already, I'm assuming here, I'm just guessing, okay. That is already in place a life cycle in terms of onboarding provisioning and profiling and onboarding. Yes.
Is that the case, the missing bit might be the, the, the runtime experience in getting access to those applications. Okay. So in a way, I'm going back to the same similar question we got before. I will probably look at that first, I'm making a better job in the way I deliver is smoother and frictionless everyday experience. So allowing the user to have a single, a single pan of glass for the various application can get access to having it to a FA access and allowing him to request from their incremental access.
That would be the first thing, but doing that, of course, I would need to still to consume existing identity for an existing repository. That would mean an integration to be achieved through the protocols and standard that I defined before. So it was scheme and subscription API to keep in sync the identity data with the existing infrastructure component. Okay. Another question here that might be a slightly out of scope, but maybe you can give some sorts around that.
So we more to focus on B2B identities today, but on the other hand, there are devices and things as well, which need to be managed, which need to sort of access self registration content, etcetera. Are, are these things you, you are looking at? How do you address these scenarios? I'm sorry, which scenario, why Some, why some things which are connected.
Oh yeah, yeah, yeah, yeah. Sorry. Yeah. Yeah.
Well, it's indeed. There's something we haven't covered today, but a way there is, there's also, I haven't gone that deliberately in this presentation, right.
Just to, to look only at the carbon based being, but even the Silicon based being have some similarities, there is indeed, and is applicable the notion of device onboarding and device delegation. Very similar to what we can do on people, of course, with limited set of action and with limited attribute that are making sense.
So again, I haven't been expressing anything specifically about that during the presentation today, but we do actually have both B2B, sorry. I would say B2 T business to thing and C2 T and consumer to thing, use cases that we address with our platform, where we have device onboarding, binding with people and in the B2C, in the B two T case also delegation of device control across different individual. In many ways, there are similarities of course makes no sense to talk of UI when you talk thing and just API. Okay. I think we have room for one, maybe two more questions.
And one I have here is totally different angle. Do you provide two FAS, two factor authentication also with other solutions than your own? So do you integrate this technologies?
Yeah, yeah, yeah, yeah. Again, we have a plugin approach. And so we integrate already with different, with different providers or third party popular, I would say to a FA solution. The reason why we also have our own one is to provide a one stop shop option for, for customers. But let me be clear. We offer to a FA for the B2B scenario, we do not offer, or usually we don't do that for a consumer for the C scenario, because in that case, probably there are solutions which are well more better suite than our one to address that sort of specific use cases and the need for an SDK for B2B use it.
We, we do have our, our Tofe that being said again, we have multiple integration with different providers. Okay.
Thank you, Marco. I think we are done with all the questions. We had a new number of questions today. Thank you very much for providing the answers. Thank you for your presentations. Thank you to all the attendees for listening to this call. Webinar. Hope to have you soon back again in one of our upcoming webinars. Thank you. Thank you very much. Bye.
