Building a Customer IAM Platform At Schweizer Alpen Club With Single Sign On
Integration of over 500,000 identities and over 140,000 user roles in one seamless identity management platform
- Implement a single sign on (SSO) solution for members and website visitors to manage customer identities
- Integrate the numerous user identities, user roles, access rights, and identity providers into one identity management system
Industry: Travel and Leisure
About Schweizer Alpen Club
Since its foundation in 1863, the Schweizer Alpen Club (SAC) has been involved in the development of the Alpine region and alpinism. The SAC connects people interested in the mountains, promotes mountain sports as an experience for everyone, and is committed to the sustainable development and conservation of the mountains. At present, SAC has approximately 160,000 members, oversees 111 local sections, and manages 153 mountain huts.
SAC has a website that provides a wide range of services for mountain sports enthusiasts. These include reservations for overnight stays in Alpine huts, course registrations, mountaineering products, insurance, etc. Statistically, SAC needs to manage over 500,000 identities and over 140,000 user roles. User experience is a key component of this website and SAC wanted to build a simplified one time registration and authorization mechanism that their website users can use with ease.
In order to build an identity management system and implement SSO, the team at SAC had to consolidate the various user stores and authorization systems. There were many existing ERP access rights that had to be integrated with the new system, along with additional identity providers.
Deployment and Approach
SAC needed a solution that was both open source, owing to greater flexibility, freedom from vendor lock-in, and the speed by which they can respond to any challenges or business requirements. Working together with Avintis SA - the WSO2 Value Added Reseller in Switzerland - SAC decided to use WSO2 Identity Server to implement their SSO solution. The API-driven WSO2 Identity Server enables enterprises to implement SSO and identity federation, and provides strong and adaptive authentication. This identity management solution comes with a central user store where all identities can be managed, thereby eliminating the requirement for distributed user management. Furthermore, WSO2 Identity Server is highly extensible and includes out-of-the-box protocols such as SAML 2.0 and OpenID Connect that simplify the integration of identity providers.
- SAC successfully used SSO to greatly improve customer IAM (CIAM), giving users a system-independent identity.
- Integration of over 500,000 identities and over 140,000 user roles in one seamless identity management platform.
- The resultant one login for everything facilitates user authentication, registration, membership applications, account activation, password resets, service subscriptions, accommodation bookings, and provides access to any other online service available.
- The SSO solution removed data silos and data management is now more efficient and transparent.
Identity management was the key element to enable SAC portals to migrate to a unified user experience. WSO2 provided not only flexible and reliable integration with the existing ERP, but also delivered out-of-box modern login protocols with federation to a vast number of identity providers. The unified login mechanism allows the members and customers to have a unified experience on all SAC portals. With the next expansion to integrate other partners, the user base can be vastly expanded and new business services can be offered to the customer.”
Philipp Brügger, lead architect at Avintis SA
What are your enterprise challenges?
We can help!