WSO2’s Asgardeo IDaaS Lets Developers Seamlessly Embed CIAM Capabilities within Apps

WSO2 wants to make it easier to manage user access to client-facing apps. The new Asgardeo cloud-based IDaaS lets teams encode security policies and standards directly into company apps.

Tags: CIAM cloud, IDaaS, identity, WSO2,

WSO2 is looking to make it easier for non-security developers to build customer identity and access management into their apps.


The company’s Asgardeo a cloud-based identity-as-a-service solution launched this week with built-in Customer Identity and Access Management (CIAM)  features, best practices and workflow. 


With the Asgardeo IDaaS, WSO2 intends to cut the complexity out of managing user access to client-facing applications, according to WSO2's CTO Eric Newcomer. 


"Organizations are accelerating their digital initiatives, but they often lose traction when applications fail to meet the company's security policies," Newcomer noted." "With Asgardeo, enterprises can now encode their security policies and standards to reduce development time and transform security reviews into simple check-the-box exercises."


WSO2's Asgardeo IDaaS empowers developers – even those without security expertise - to embed advanced CIAM features into their apps within minutes easily. 


Asgardeo's 'as-a-service' cloud architecture has built-in CIAM best practices and workflows, templates and no code/low code options. Deployment in minutes, Asgardeo can empower developers to seamlessly embed CIAM capabilities into applications - so cybersecurity posture is kept top-of-mind throughout the development process, Newcomer added. 


In addition, the cloud-native infrastructure of Asgardeo is optimized to deliver scale, reliability and privilege access control capabilities needed for cloud-native projects.  

When an application is registered in Asgardeo, a client ID is generated as its identifier. When registering a traditional web application, a client secret is generated in addition to the client ID.

In specific, Asgardeo lets development teams more quickly and easily deliver a number of IT and business benefits, including 

  • Deliver safe, secure and robust cloud-native digital applications that give customers confidence their data will be protected. 
  • Simplify customers' experiences by letting them use the same log-in credentials no matter what part of the system they connect with. 
  • Streamline security reviews and approvals by codifying policies and standards, freeing developers to concentrate on building out their core applications. 
  • Rapidly integrate the industry’s most popular and compliant identity sources (such as OIDC, SAML, WS-Fed, LDAP, AD, RDBMS, etc.) with their apps.
  • Focus valuable team resources on delivering superior customer experiences instead of managing the underlying infrastructure. 
  • Use templates to easily integrate and engage common login and access management
  • Protect sensitive APIs and integrations in the cloud. 

Perhaps one of the best features of the WSO2 approach is that it allows developers to integrate required security code without the need to learn a lot of new skills or coding. Developer can simple tackle app security requirements \ while working within the IDEs they're already using, according to WSO2 executives.


Further, Newcomer noted that all these features boost confidence and trust for teams working on a wide range of digital projects.


"It's easier than ever for development teams to foster customer loyalty by giving them a great enrollment experience and building these users' confidence in the protection of their personal information," he said. 

WSO2 Aims To Democratize & Simplify CIAM Tasks and Results 

WSO2 CMO Shekar Hariharan describes why "democratizing" customer identity and access management is important for innovative transformation across all-sized companies. His blog, in part, said this:  

CIAM solutions until now have required expertise on the part of the application developers to embed these capabilities into the customer services they are deploying. Large organizations solve this problem by assigning software development tasks to those with CIAM specialized skills. But the cybersecurity skills shortage is well documented, a problem facing even large organizations. Developers in small to medium enterprises and startups are more likely generalists in their skill sets, so implementing CIAM can be a challenge. 


An ideal CIAM solution would enable developers with little to no CIAM experience to easily incorporate capabilities into their applications, all provided as a service to eliminate the need to invest in costly infrastructure.


Asgardeo enables all of the key CIAM requirements organizations need to meet and is built for developers with little to no CIAM knowledge. Asgardeo delivers built-in IAM best practices, easy-to-follow documentation, and common workflows including SDK's to take the pressure off developers to have in-depth knowledge of IAM standards and protocols.

Under the coves, Asgardeo builds on the proven authentication and access management functionality capabilities of the WSO2 Identity Server, including: 


"With Asgardeo, we're combining the high-performance and mature capabilities of WSO2 Identity Server with the rapid deployment, scalability and agility of the cloud to help developers speed the delivery of client-facing apps harnessing the full potential of CIAM." said Geethika Cooray, WSO2 vice president and head of identity and access management. 


WSO2 executives noted that key building blocks to the company's cloud-based CIAM offering come from WSO2 Identity Server's ability to protect cloud-native, multi-cloud, and hybrid applications equally, with deep support for:

  • Strong, adaptive and multi-factor authentication
  • Federated access using open standards ranging from SAML, OpenID Connect, CAS and WS-Federation 
  • Federated ID management 
  • API security standards to manage access to APIs and microservices t for API security standards. 

At least one analyst says the timing is right for such easy-to-use CIAM offerings, especially in light of strong demand for better and safer online customer experiences. 


"According to our primary research, the ability to orchestrate consumer experiences for accessing online digital services dramatically increases registration and sales conversion rates," noted Steve Brasen, research director at Enterprise Management Associates. "WSO2's Asgardeo platform provides organizations with the freedom to easily craft online experiences that will attract and retain customers while simultaneously achieving requirements for security and compliance." 


 Asgardeo is available now.