With Identity Management, Start Early for Less Tech Debt

Photo by Drew Dizzy Graham on Unsplash

First published on The New Stack.

A problem starts to reveal itself. The team has finished a minimum viable product’s (MVP) business features, and user personally identifiable information (PII) has merged into the same domain as other core objects. Social logins bring their own attributes that need to be captured but don’t line up. User privacy becomes a concern, and your app hasn’t requested consent to store all the user information

Your dev team starts to implement the advanced identity and access management (IAM) features but needs extra time to do proper research since these aren’t out-of-the-box capabilities in the development framework. The team has to pay back all of the tech debt taken to get the MVP out on time.

The user is at the center of any new project. The lowest-effort user implementation comes with limited capabilities. Building early features on top of a simple structure will lead to design choices that will require updates to those core structures.

When stronger security, observability or improved user experience is a requirement later in the roadmap, there will be challenges adapting the existing identity systems. Disconnected user silos and workflows will all need to be updated.

Starting with a robust identity and access management (IAM) solution will give new projects a head start on the competition. Users will have access to more features earlier. Additionally, no growing pains also mean no tech debt.

Any new project has challenges right from the start. Finishing the MVP is a high priority. Planning meetings to outline necessary features and requirements can suffer from scope creep. Every shortcut taken to deliver on time borrows against the future. Tech debt is a known cost, and many startups take on a significant amount.

As any app needs users, it eventually will come down to planning the features and structures needed. Everyone is a user themselves, so it’s easy to come up with a variety of useful features. Single sign-on, social logins and multifactor authentication are all conventional IAM features included in the project scope and planned out for customers. Features and domain knowledge are designed around what the team thinks a user will need. A user’s footprint within your app gets built out in forms and user profile pages. Business data and user data are stored together.

The plan is set and now it is time to implement it. Your team is confident because the new framework has user authentication built-in. The samples are followed to the letter and the first working prototype is finished. Nothing fancy, but just the bare minimum. A user can log in with an email and password just fine. It has all those nice IAM features and requirements for onboarding and stacking up against the core business domain needs. The team can move to the backlog to be addressed when they are needed.

There is a better way!

Integrating a standalone identity platform requires slightly more effort upfront, but will save on tech debt later. The benefit to your project starts on the first day of planning and through the life of the application. All the user authentication stories are handled by the identity platform and only need to be configured. This will ensure you start the app with a clear understanding of a user’s privacy. Your app will need user consent to access PII, making certain that domain data doesn’t get mixed in. The application is built around a user identified by a unique ID that meets privacy guidelines.

Your MVP will not be delayed, and your user will have the standard IAM features that your team didn’t have to write. When the time comes to improve the user experience with single sign-on, social logins and multifactor authentication, there is no tech debt to pay back. Your team doesn’t need to become experts, but rather follow clear documentation to add these features.

With a small investment early into a proven identity platform, your team will have a clear picture of how to interact with users, and your users will have more features on launch. Improving user experience happens easily as the need for increased security grows. Your users aren’t siloed, and additional applications can be integrated with ease with your existing user base.

If this sounds interesting, we encourage you to try out the early adopter version of Asgardeo, an identity as a service (IDaaS) solution that enables developers without security expertise to easily embed customer identity and access management (CIAM) features into their apps within minutes.

You can also follow us on Twitter or join the IAM4Devs community. Alternatively, if you’re looking for an enterprise-grade, API-driven, open source solution that can manage millions of user identities without spiraling costs, please check out WSO2 Identity Server.