Decoding Customer IAM (CIAM) vs. IAM
The world of Identity and Access Management (IAM) is rarely controversial. But today, there is a battle brewing in how we—as an industry—talk about customer-facing use cases for IAM. Many are starting to refer to this as Customer IAM or Consumer IAM, both abbreviated as CIAM.
CIAM does have some unique requirements. But that does not mean that you must use a product that only focuses on CIAM. Okta’s approach is to offer a broad IAM cloud service with a strong foundational platform and functionality that enables CIAM use cases—we believe ultimately a better long-term choice.
First off, what is IAM or CIAM?
If you’re new to identity management software, here’s a quick primer. Wikipedia says it is “the security and business discipline that ‘enables the right individuals to access the right resources at the right times and for the right reasons.’” That is broad, and can cover almost everything in computing and IT.
For most apps, this looks like a database table that stores profiles and passwords. It might also have some permissions data. For more complex applications, or large scale deployments, packaged IAM software might be used that adds security and has pre-built frameworks to manage much more complex authorization, potentially across many applications.
Generally, IAM software can do this for many different use cases. Whether users are employees, and the authorization is based on a role in the organization, or the users are customers and authorization is based on loyalty membership status. The latter scenario gets us into the world of Customer IAM, or CIAM.
What’s similar between CIAM and IAM?
In a nutshell, the answer is security, scalability, and