Enterprises are increasingly demanding that software vendors offer provisioning. That’s why we launched our SCIM provisioning program to arm developers and ISVs with the tools and support needed to build provisioning into their applications for enterprise-grade security and identity management. We recently talked to Young Xu, a product marketing and data analyst at ThousandEyes, about ThousandEyes’ experience implementing provisioning and how provisioning differentiates the company in the market.
Tell us about ThousandEyes.
ThousandEyes is a network intelligence platform that delivers visibility into every network an organization relies on, enabling them to optimize and improve application delivery, end-user experience and ongoing infrastructure investments. Leading companies such as Equinix, ServiceNow and Twitter, as well as eBay and other members of the Fortune 500, use ThousandEyes to improve performance and availability of their business-critical applications. ThousandEyes is backed by Sequoia Capital, Sutter Hill Ventures, Tenaya Capital and GV (formerly Google Ventures), and has headquarters in San Francisco, CA.
And why are you implementing user provisioning?
Because the data collected in ThousandEyes is by nature very sensitive, it’s important that our customers can ensure that their employees get access to exactly the right set of business resources at the right time. Before implementing user provisioning, our customers were only able to manually create or delete users through the user interface. Many customers have dozens or even hundreds of ThousandEyes users, making an automated provisioning process invaluable. Now, automatic provisioning expedites and simplifies the onboarding and offboarding process for our customers, saving them a great deal of time and risk associated with security and human error.
Can you say more about what you see as the benefits to implementing provisioning?
Implementing automatic provisioning is part of our ongoing efforts to maximize the ease of use of our product for our customers. Coupled with intuitive network visualizations and a variety of sharing and saving options, user provisioning makes it easy for customers to use the ThousandEyes platform to its greatest potential.
Tell us what you see as the main customer use case.
The main customer use case is provisioning and deprovisioning ThousandEyes users through identity providers like Okta. For example, a customer creates a new user in Okta that is assigned to the ThousandEyes application, after which the same user is automatically created in ThousandEyes. Customers no longer have to manually create users in ThousandEyes, and security concerns are mitigated when there is no longer a lag between changes in employees’ work status and their access to sensitive resources.
Any specific customer examples?
A number of customers have requested the SCIM implementation feature, including Equinix, Thoughtworks and Twilio. In general, these customers have a large number of provisions or deletions that is impractical to handle manually — Twilio, for example, has more than 300 ThousandEyes users to provision, while Thoughtworks has a dynamic workforce which requires rapid provisioning and deletion.
So, you were getting requests for SCIM — can you talk about the value your customers see in the standard?
SCIM is an open standard that synchronizes users bidirectionally, representing a significant improvement over simply manually adding users in the user interface. Because SCIM is a widely adopted, industry-accepted standard, it was the clear choice for our user provisioning and, equally important, deprovisioning.
What was the process of working with Okta on SCIM?
After finding out about the Okta SCIM beta on Okta’s website, ThousandEyes software engineer Luis Santos contacted the Okta team and attended a one-day workshop with an Okta developer, Joël Franusic. The workshop was key in getting the SCIM implementation to work, and we were able to get all the help we needed to implement SCIM within just one month.
How does working with Okta accelerate you in the market?
In terms of our customer base, we already have considerable overlap with Okta — implementing SCIM will further lower the barriers to using ThousandEyes for these customers, as well as for prospective customers. Working with a large identity provider like Okta lends us credibility in the eyes of InfoSec teams and shows our customers that we are working to improve all aspects of the user experience.
What are the benefits of our product integration for our joint customers?
Using the SCIM open standard, our customers are no longer required to build and maintain their own API service to communicate with separate APIs like the ThousandEyes API. Joint customers can now “set it and forget it,” and ThousandEyes and Okta will seamlessly work together to synchronize users in both directions.
If you’re interested in joining ThousandEyes, Lucid Software and Envoy in our SCIM provisioning developer program, get started here. And for more information on ThousandEyes, visit https://www.thousandeyes.com or follow the company on Twitter at @ThousandEyes.