a good thing!
Single Sign-on + Unified Profile = Consistent Customer Experience
When your customers interact with your brand, they expect it to be a secure, frictionless and consistent experience. They more than likely don't realize--and shouldn't--that they're actually interacting with a number of different internal and partner applications.
Yet, many enterprises still give indications to their customers, even if unintentionally, that they are indeed interacting with disparate applications. These indications may include a need to use different usernames and passwords when interacting with a single brand or a brand having discrepancies in data across their digital properties. For example, if a customer updates their preferences in one application, then has to update them again in another, it can be frustrating.
Every time your customers interact with your brand, they have to authenticate. You want that experience to be secure and seamless. Single sign-on (SSO) can help. It can reduce duplicate accounts and passwords to increase security, and create a cohesive authentication experience.
This is achieved by authenticating against a central data source where customer credentials are stored, getting a token as a response, then presenting that token to the application the customer is trying to access. Applications may require a token to have specific attributes or to be translated into a format they can understand. Once accomplished, the customer will be able to authenticate to all of your digital properties with a single set of credentials.
Creating a consistent login experience is step one. Next, you want to unify the data layer to provide a single view of your customers.
Once a customer is logged in, all of your properties should have the same view of the customer's profile and attributes. This will allow you to use customer preferences to provide a common, personalized experience across channels. It ensures that customers need to update preferences in just one place. So, for example, when they opt out of emails in one app, they don't continue receiving them from another.
A unified data layer gives new applications a source of truth about your customers. Without an accessible and unified view of customers, new apps may be forced to integrate with one of many existing, disparate identity data silos. There may be integration challenges, incomplete views of the customer or both. Alternatively they could choose to create yet another data silo that better suits their needs but further complicates the identity infrastructure. Neither case is ideal. Having a unified view of the customer that is easily accessible via REST APIs is far more efficient.
While the benefits of doing so are clear, actually unifying your identity data layer can be an intricate process. You may have built up dozens of disparate identity data silos over the years. In some cases, you may need to keep bidirectional synchronizations in place if production apps still have dependencies on legacy repositories or schemas. In other cases, it may be easier to migrate identity data to a unified profile immediately. It's critical that you work at your own pace to ensure that you have the ability to efficiently synchronize and migrate data to a unified profile.
Unifying customer profiles at the authentication layer (with single sign-on) and at the data layer (by synchronizing and migrating identity data to a unified profile) can yield benefits internally and externally. It will save your team both time and resources when launching new applications and trying to identify a single source of truth about your customers. Equally if not more important, it will deliver a seamless, secure and consistent customer experience across all of your digital properties.
To learn more about unifying customer profiles, read our white paper Getting Customer IAM Right.