How to understand Identity Management?

One of the easiest features to add to your applications and technology stack is identity management. Identity is the information your application uses to manage login, access and permissions. Getting your application up and running will require you to choose to either store usernames and passwords in your database or delegate this feature to an outside service.

The simplest approach is to just have your developer go with the standard approach and add fields to the database to store the username and password values for each user. While this might seem like a simple solution, this decision can have long-term impacts.

For the past ten years, the identity management industry has matured. Now this option is simple to add to your application. Each of the major providers offers developer-friendly documentation and SDKs (Software Development Kits).

A good way to think about this feature in your application is to look at other solutions that offer services you do not need to build and scale your business quickly. i.e. Paas as Ioc, CI/CD and cloud providers.

Adding identity as a service to our applications offers huge wins as soon as you start to add your first group of users.

Are passwords bad?

They are not bad, but they open up security issues that your application and team do not need to take on. Not having passwords in your control, stored on your database, means that your team does not need to be encryption and identity experts.

Using a third-party identity provider can allow you to safely assert to your customers and investors that your company uses the most current cyber security patterns and best practices. Your business insurance can be lower if you can provide you have 2FA patterns fully enabled.