History shows that most enterprises grow today via acquisitions, mergers, and partnerships. This exposes their systems to more external users. Research done by analyst firm Quocirca confirms this. In Europe, 58% transact directly with users from other businesses and/or customers and for the UK alone that figure is 65%.
What does this mean for enterprise identity management? You would have to work with multiple heterogeneous user stores, authentication protocols , legacy systems, and more. Standards like SAML, OpenID, OpenID Connect, and WS-Federation all support identity federation and cross-domain authentication. But can we expect all parties in a federation use case to support these standards?
Another problem you might face is that most federation systems we see today are in silos. It can be a silo of SAML federation, a silo of OpenID Connect federation or a silo of OpenID federation. It’s difficult to communicate between silos and this is a common challenge in identity and access management.