You may be tempted to squeeze more value out of your enterprise IAM stack. While there are elements of traditional stacks that match the capabilities required for CIAM solutions, they are few.
It makes sense when you think about it. Most IAM solutions were built decades ago for web applications. Back then, all apps were on-premises, and users (employees) and endpoints (enterprise-owned devices) were controlled. These legacy systems were built to favor employee efficiency over user experience.
In the customer-facing enterprise, delivering a seamless experience is a top priority. Furthermore, the scalability and security required to enable customer access anytime and on any device far exceed the capabilities for which traditional IAM was intended.
Lack of horizontal scalability and elasticity hamstrings your ability to accommodate typical spikes in customer engagement.
Lack of easy integration for strong authentication and no strong password encryption (PBKDF2/scrypt/bcrypt) open security risks.
Not being architected with customers in mind leaves no ability for self-service registration and account management.
Building A Solution In-house
Approach: Build your own identity platform on top of NoSQL (Cassandra, MongoDB).