fbpx

Renting Identity solution vs having Full Ownership of Identity solution

Rented Identity solutions aka Subscription-based Identity solutions usually don’t provide a way to add custom features. What you see on the box is what you get. This lack of customization in rented Identity solutions also extends to visual branding which is usually minimal and doesn’t provide tools to achieve design requirements. Rented Identity solutions have beautiful happy paths but once you need more complex flows you might catch your engineers jumping over obstacles to do something you wanted and try to figure out workarounds. It’s just the nature of generic solutions.

Open source IdP solution

Contrary to rented Identity solutions the open-source Identity solutions provide more benefits. For starters, you have access to source code which you can to change in any way you see fit and use it. For free. Forever. We can help you unleash the power of C# and .NET Core to implement and truly customize your Identity solution. Along with full back-end customization, we can also help you with UI and UX. We can help you design the Identity solution look and feel using your brand guidelines.

No subscription

When using a rented Identity solution one big drawback is that subscriptions usually come with some kind of artificial limits. A limited number of apps. A limited number of users. The notion is, if you want more, pay more. Changes in subscription terms and pricing can also hit your pocket out of the blue. You shouldn’t pay more for someone’s inability to keep their part of the deal. With full ownership of Identity solution, you have no subscription fees whatsoever. The only fee you have is the hosting fee which can be minimal or non-existent if you are hosting in-house. There are no artificial limits, you can have a virtually unlimited number of users and applications using the Identity solution as long as you scale accordingly.

With rented Identity solutions you have no control over breaking changes, uptime, long support times that cost more money. Anything can happen to Identity solutions overnight. It might not work tomorrow leaving your users stranded and applications unusable. Another big disadvantage of rented Identity solutions is the inability to host in-house or on a hosting provider of choice.

Full control

When you have full ownership over your Identity solution you have full control. All changes can be performed in-house or requested under your approval. You can time the release to avoid any breaking changes. We use awesome open source projects IdentityServer4 and ASP.NET Core Identity as a primer for our Identity solution. Online communities of these projects are alive and willing to help out anyone who gets stuck. Lots of helpful resources online. We provide paid support services of our Identity solution to help you get unstuck as soon as possible and get along with your Identity solution.

The good thing about owning your Identity solution is having the ability to access log files and debug the code yourself to figure out what went wrong in case something goes wrong. It might be a bad config. It might be a bad integration. You have the power to fix it in-house. Again, we provide paid support for our Identity solution if something is burning let us know and we will help you put out the fire. A huge benefit with full ownership of your Identity solution is the ability to host it in-house or on hosting provider (or cloud) of choice. It’s better to host your Identity solution close to your applications so it is more resilient to outside network failures.

We inspire people to implement and integrate standard Identity Provider (IdP) solutions that are based on awesome open-source projects IdentityServer4 and ASP.NET Core Identity.

Support

For direct assistance schedule a technical meeting with Ivan to talk about your requirements.
For a general overview of our services and a live demo schedule a meeting with Maja.

In-app integrated authentication solutions vs Authentication as a Service

Standard IdP solution

In-app authentication (aka Identity) solutions are part of the “main” application monolith. On the other hand, Authentication as a Service is a separate application. Where in-app authentication solutions don’t follow standards to the letter and are not certified for protocols like OpenID Connect or OAuth2, the AaaS solution we use as our primer is an open-source project ID4 which is OpenID Connect certified.

Where non-standard solutions use custom user stores that are hard to migrate, we implement standard ASP.NET Core Identity user stores that are easy to extend and migrate.

Small attack surface

Another thing I want to talk about is the attack surface. In-app authentication solutions have a huge attack surface. All those endpoints from the “main” application unrelated to authentication at all are bundled together with the authentication endpoints in the same application. That is a huge playground for bad guys on the application layer. On the database layer, there is no need for “main” application to have direct access to the Identity database. There is also no need for an Authentication solution to access any other databases but the Identity database. Authentication as a Service solution we implement has a small attack surface with a minimal number of endpoints in the application layer and a single database in the database layer.

Easy to scale-out

We know that separating your Authentication solutions from your “main” application is the best thing you can do to escape the in-app authentication scaling issues. You can scale up, scale-out, or put it in a Docker container. With in-app authentication solutions, it is hard to scale out. It doesn’t make any sense to put multiple huge “main” applications in parallel just to get more Authentication endpoints available for use. That is just insane and costs too much. You can scale up but that has a limit and a cost too.

How about creating failovers for Authentication endpoints to make sure that your users can authenticate and use your applications?

When we boil it all down our solution is ASP.NET Core web application running certified OpenID Connect Identity solution on an open-source stack. Of course, we add the necessary love and care to make it fit like a glove with all your applications.

We inspire people to implement and integrate standard Identity Provider (IdP) solutions that are based on awesome open-source projects IdentityServer4 and ASP.NET Core Identity.

Support

For direct assistance schedule a technical meeting with Ivan to talk about your requirements.
For a general overview of our services and a live demo schedule a meeting with Maja.