ISO: All Encompassing User Registration / Role Management Service for Enterprise Systems
In search of the all-encompassing, enterprise-level user role management / authentication service provider.
Because there may be fruitful relationships to be had with these organizations, their real names are being disguised in this sordid tale. Let’s call the Identity-Proofing provider: “ApexOpus”. And the user role management provider: “Tako”.
If some endeavoring venture capitalist would like to endow me with resources in funds and engineers, I’ll guide the development of the needed service described below with return value that will surely be worthy of the initial investment. Hello Masayoshi Son. How do you do, Y Combinator?
What follows is the frustrating adventure in which I’m currently entangled that has revealed to me the need for a single service provider who can implement the entire breadth of the user registration and user-role management experience. For an enterprise-level system.
Maybe that provider already exists. But it sure isn’t the vendors, Tako and ApexOpus, with whom we are currently dealing.
Our organization had the notion to contract-out the processes for managing and registering our system’s external users (users not employed by our organization).
Apparently, our organization’s check-writers were persuaded by the user-role management provider, Tako, that they — Tako — could handle the entire process — as desired (required?) by our organization.
After being awarded the contract, our organization has discovered that Tako handles one piece of the user oversight process — role management — but not the aspect that is infinitely complex — Identity Proofing.
By, “Identity Proofing”, we are referring to the process in which a registering user proves their identity by answering specific personal information that only he or she would know: monthly cost of mortgage payment, previous addresses, etc.
Tako doesn’t provide this service. :(
Turns out: Our organization already pays ApexOpus to provide an Identity-Proofing service.
So, crisis averted, right? Just have Tako coordinate with ApexOpus and all is good. Simple workflow:
- New user accesses our system’s landing page;
- User clicks to register;
- User provides basic personal information;
- User is redirected to Tako’s service;
- User finds an ApexOpus widget on the Tako dashboard;
- User clicks on ApexOpus widget and is redirected to ApexOpus Identity-Proofing platform;
- User successfully proves identity;
- User is redirected to Tako’s service;
- User is presented a dashboard via Tako, allowing access to our organization’s suite of applications.
Crisis persists. Because, what-do-you-know, ApexOpus doesn’t actually host an Identity-Proofing platform. 😕
ApexOpus provides the Identity-Proofing service, but the service implementation (the prompts that ask the registering user to answer the questions to prove identity described above) has to displayed on someone else’s (our) site.
And, of course, Tako can’t display the Identity-Proofing questions because Tako is not an application server; just a role management platform.
So, in short — we now have a provider, Tako, delivering a service — user role management — that, really, we could have developed in-house. We also have an Identity-Proofing service, ApexOpus, who can’t coordinate with Tako.
None of this is the end of the world. In fact, it’s probably my job to figure out how to make it all work out. Or, if it isn’t, that’s the job I’m gonna do anyway.
But it was a good enough reason to relieve some aggravation via a few hundred words here.
And if anyone wants to take me up on that investment offer, I’m only half joking about bringing this service to production.
Call me, maybe.
