Webinar Recording

A Delegated Model for B2B Access Management


Log in and watch the full video!

In the digital age, collaboration is becoming more dynamic and integrated than ever before. External partners often require specific information, and therefore need access to internal systems. Providing efficient processes to manage partners is key to building a strong partner network.

Log in and watch the full video!

Upgrade to the Professional or Specialist Subscription Packages to access the entire KuppingerCole video library.

I have an account
Log in  
Register your account to start 30 days of free trial access
Register  
Subscribe to become a client
Choose a package  
Hello and welcome to today's webinar with the title "A delegated model for B2B access management", which is sponsored by plainID. My name is Phillip Messerschmidt, senior advisor at KuppingerCole and I'm joined by vice president product strategy at plainID. Hi, glad to have you here today. We will focus on the partner as identity type and how companies can improve their partners, efficiency and satisfaction using a dedicated partner management solution. But before we start, I want to remind you of two of our upcoming events in March. We have a virtual event on zero trust and in may we have our big hybrid event, the European identity and cloud conference, 2022. Since it's a hybrid event, you can attend on-site in Berlin or online, and I'm really looking forward to see you there.
Next, we, we need to take care of some logistics. First. We control the audio central east, so you don't have to mute on mute yourself. Second, we will do two polls during the webinar and discuss the results later. The third and last part of our webinar will be a Q and a session. And besides the two results of the polls, we will also answer the questions from the audience there. So you can always enter your questions in the go-to webinar control panel. And we will try to answer them in the Q and a session last but not least the webinar will be recorded and both the webinar and the slides will be available for download on our website.
Okay. Now let me give a overview of the agenda for our webinar. First, I will give you a brief introduction to the topic of partner management with this. I would like to raise your awareness for the identity type partner, how it was handled in the past and how it should be handled in the future. And the second part of the webinar, not after the present detailed use cases on delegated administration, as an example of B2B identity and access management. And together, we will conclude the Bobby now with a Q and a session where we will discuss the two polls and answer questions you've asked via the go-to webinar control panel. So let's start with the first part partner management, a discipline of its own with unique requirements. So the term identity has a long history and before the whole digital world was invented, there was already physical identity nexus management, and that hasn't changed to this day.
For example, there are still physical badges that confirm that your identity in various ways, while you are on the property of your own company. And beyond that, there is digital identity, digital IAM, which started with business to employee solutions. And I think we are all familiar with the perimeter approach where a company's digital boundaries are hardened to prevent external access, but access also needs to be controlled within the Paramita. And so a growing market for I M for dedicated B2B solutions has emerged, and these solutions are precisely tailored to employee access management requirements, but we all know that more identity types I'll bounce. So as digitization progressed, other identity types gained more attention, namely identities with privileged access rights and customized entities. And since B east solutions are not able to meet those specific requirements of, of these two types, other dedicated solutions have been invented, and these are namely privileged access management and customer identity and access management called cm, or here B2C solutions.
And both are still evolving. One identity type that has not been, or maybe still is not recognized in its complexity is partners. And one aspects, one aspect of the complexity of partners comes from their ability to appear basically anywhere in the supply chain. So they can be suppliers. They can be providers, they can be part of sales and the distribution structures, and they can also be customers. And it goes without saying that each and every variation of partners has different, I am requirements. So B2B identity and access management could be the next special IAM solution category, but let's take a step back. I've just talked about the different identity types and then technical solutions in the market. And I think it's important to think a little bit more about that, to understand the complexity of partner identities. So in the slide, on, in the metrics on this slide, we see the complexity of different identity types versus where they come from and where they act from.
And first, let's take a look at employees. It's easiest for organizations to deal with employees because they are internal. And as we know the pyramid, our model makes it much easier to control everything with inside the Paramita, but much harder to control everything outside of the Paramita. And the same is true for privileged identities, which are usually internal identities, even if they are managed externally and they are exceptions. And in the worst case, they can be managed manually. And that leaves us with customers and partners. So customers are almost always external identities, but customers approach companies with very specific interests, which make them easier to deal with. So usually they want to buy something. So companies need to enable them to do just that with this, with as little friction as possible. And that means registration, authentication, shopping, and payment, and nothing more. We could even reduce it to shopping and payment. If they want to remain anonymous and partners, they are different. I've already mentioned that they can appear in different ways with different intentions and therefore different requirements. And then the past and in peer meta models, partners were often simply onboarded to an organization and use the same applications and tools like the internals. The only difference might be that the identifier of the identity, Mark's a partner as external. And that's how external partner identities are often handled even today, which brings me to our first poll for today.
I would like to ask you, how are partners handled in your company? Do you treat them like internal employees without distinction, or can you distinguish between internal, external identities in your systems? If yes, our partners identify differently. For example, as suppliers or service providers, please let us know, okay, thank you. The poll is closed and we will look at the results later. So my next slide looks pretty similar to the slide before the poll, but there are two big differences. I mean the two thesis on the right, the first one is partners can go, can no longer be treated efficiently like the like internal employees and the second partners and customers are too different to be treated in the same way. And personally, I think the first thesis is pretty intuitive and I've already answered it for the most part. Partners are becoming more complex, but so are the overall circumstances, partners need the Xs faster and, and more detail. And that's why manual processes are simply not sufficient anymore. Not, yeah. That's why. Yeah.
Therefore in the future it will no longer work to manage external partners like internal and give them access to the same systems in the same way. And the second T this is not so intuitive, even though it may seem so at the first glance, I will explain this on the next slides, as mentioned earlier, customers typically approach a company with a purpose and are not interested in extensive and time consuming processes to disclose information about themselves. However, customers provide companies with a lot of interesting information, provided a company's able to track this data and extract valuable information from it. I know this approach more broadly as know your customer. So in short KYC, even though the original term refers to customer onboarding, compliance and regulatory reporting in the financial sector, coping a cold predicted back in 2016, that the original KYC term will transform into a business enabler by using this information for marketing purposes and customers will accept the KYC approach as long as they benefit from it.
And as you can see here on the left side, there are numerous benefits and advantages that KYC provides the customer with. There are many user interface and efficiency features that improve the customer experience. And in addition, companies benefit from marketing data that can also improve the customer experience such as recommendation engines that actually make good recommendations. The third aspect of KYC that I would like to highlight here is operational efficiency combined with increased security. So designing smarter and more intuitive processes is not only beneficial for the customer, but also for operations support and security. This allows companies to reduce the overhead while increasing security for the customer and for themselves. When we evaluate the relevance of these benefits and advantages to partners, which you can see in the middle of the flight, there are many aspects that are not relevant. So in particular, when we look at marketing activities and benefits, most of it, if not all are not relevant to partners, partners want to work and deliver the products and services, therefore ease of use increased efficiency reduction of effort or better security are most important to them.
And that brings me to the conclusion on the right side, that partners can not be treated like customers, at least not in terms of tracking and generating value from activity data and related information. And this conclusion leads me to my next slide, which I would like to start with a provocative statement. No, your partner does not exist. However, the degree of provocation depends on your understanding and perspective of KYC and the introduction of KYP. So if you have the original definition of KYC in mind, which focuses on compliance and the fact that companies need to know whom they are working with, I'm absolutely with you. So we still need that. And we need to know whom we are working with and what they are doing. But if you define KYC more broadly and more modernly with a stronger focus on marketing and analytic activities, then we don't need that for partners, partners don't need marketing campaigns and they don't need behavioral analytics.
They have their own business objectives. They want to deliver their services and they have a legal contract to fulfill. And those are just some aspects which make partners very different from customers. So for this reason, I would like to give you another less provocative statement that might make you think about it, and that is enable your partner is the future. So do I get there, as I mentioned earlier, partners have clear goals and therefore specific needs that must be met. They need to be onboarded. They need to be managed. They need Xs. And at some point they need to be offboarded. All of this has to be fast, efficient, transparent, documented audit-able and secure, and that's what partners need overall. They, they need to be enabled by the companies to do their work in a way that you can both benefit from that makes EYP and enable your partner a very important aspect for the future. And to get an impression I would like, I would like to do another poll here and ask you the following question on average, how long does onboarding take for your external partners and think about how much time an external identity needs before needs for onboarding. And I'm really looking forward to discuss this and acute in the Q and a session as well.
Okay. Thank you. The poll is closed again. So let me finish my part of the presentation with my last slide and a quick conclusion and a simple suggestion. So cover the most basic use cases, but carefully consider efficiency and security as these are the most important to your partners. You could do this by focusing on these four acute use cases. So the first one would be onboarding a new organization. Second onboarding, a new partner employee. Third is assigning excess rights to them, and fourth is managing them on an ongoing basis. And in the end, I would like to remind you that efficiency and security are important not only for your partner identities, but also for almost all other types of identity. And that brings me to the second part of our webinar. Hello, and welcome back. Not off.
Oh, I'm now thank you, Phil, for this very, very good now overview and, and, and to kind of follow up on, on Phillip's point, wanted to deep dive into a live example of how it looks like. And really the key here is to focus on the processes of enabling the partner and make sure that everyone benefits from this business engagement. And this is really the key point that differentiate the con consumer and customer engagement between the business engagement. And it all kind of starts from the business model. You'll have a business company working with many different other business entities, dealers, resellers agencies, supply chain, the stakeholder, and they all have their own users, truck drivers, or supply chain managers, et cetera, et cetera. And in the 12, everyone is digitizing. Their business collaboration company is exposing a very rich set of features and capabilities for their partners.
And so they will be able to collaborate in a digital manner, may be being able to order and provide supplies, payments, shared data training, and any other type of collaboration. Everybody wants to move into a more digital way. And our solution really focuses on the processes around the B2B access management to full stack solution. And the goal is to make sure that your partners are always at the peak of their productivity are enabled, are satisfied from the business engagement and have access to what they need and when they need it. And normally to that in order for a streamlined business collaboration and partner manager, really to kind of follow up on, on Phillip's point relies on two main pillars. The one is the ability to manage partners is organization rather than individual users, because eventually we're were talking about B to B. So we want to continue working at the organizational level.
And the other one is to delegate the administrative capabilities to your partners so they can manage the identities of the user and the access of the user in a self-service manner, which also ensures both frictionless processes and a superior use end-user experience. And, and really it all stems from the friction today. That's important for many different organization in regards to managing those external business identities is that there's a misalignment between the business model that we've established B2B and workers or employees of the business partner. And the way that I am is managed. So while B2B is three tier model, I am is done in a way that kind of takes out the middle layer. So a lot of companies, a lot of it, companies in IAM companies are struggling with the fact that they have to individually manage the different access rights of their business users.
Now it's a big challenge to do it within your own company. Let alone, when you have the very thin of visibility, when it comes to what's going on within your partner's organization, let's say that a certain employee has changed roles, and now they need different access rights within your system. The mover use case your ability as an it team to know that and make sure that they have the new access rights there require, but not the, and remove the, the old access rights is close to nuts. Also making sure that you create and distribute the, the right access roles needed for your partners to be productive. You need to know your, your partner needs very deeply in order to make sure that they have the right tools to be at their productivity peak. And this is why we really introduced the B2B access management model, which is the delegated model for, for these specific use cases and, and the processes.
And it aligns itself with the overall way that business is done. So we're going to give the company the ability to continue manage their partners as organizations, rather than individual users using a central admin console, which is a, a fact-based management console each and every one of the partners are going to have their own designated delegated admin console, where they can manage their users and their access and perform the various activity. And eventually you have the users going in and collaborating and, and getting the best experience that they can. And making sure that the business partnership is beneficial. So kind of let's talk about the before and after. So right now, without a B2B access management solution, everything at the individual level is being done by the parent company. They need to create the access role and produce some services inviting onboard new users. As you heard in the poll question also related to it, it's a big task, opted the user attributes.
They need to manage the users, access to the services and application. Really. This is the big chunk of the day to day who needs access to what providing support. Also a big overhead sounds trivial, but just resetting passwords is a big task suspending user users, removing users, and eventually being able to say, and what had happened in your environment and provide an audit trail, just, you know, is an anecdote. We asked a lot of our customers like, do you know how many external users are accessing their system? The majority of them are, are don't have a straight forward answer to it. And what, with shifting into the delegated model, all those different steps are going to be managed by your, your, the delegated admin or admin from your partners. So they'll be able to invite the new users, they'll update their attributes, but most importantly, they'll manage the users access and they will assign them with access roles that company has created for them to utilize.
And they'll also be able to retire users from the system company. On the other hand is going to start managing the organization. I'm not going to go over his entire list, but basically giving a process of onboarding a new organization, take an organization level action, like suspend an organization. I'd say that a partner hasn't paid their bills and you want to suspend them and not give them access at a click of a button. And they can create the different access role and actually automate the way that they're distributed based on the partner or the user level attributes. So let's say that you're creating a buyer role and you want it to be available for only partners in the U S or in Germany. Then you can set a rule saying, okay, buyer role is only available for partners. That location attributes is us or Germany.
You can also set automation for birthright. So let's say that if the user is from a finance department and from location of Germany, they should automatically be assigned with access to the paid bill system. So really you're managing the policies of who has the ability or access and the partners themselves. And with that, let's go to a, I think, an illustrated demo to kind of show how it looks like. So let's think a fictitious company let's call it crystal clear optics and they're lenses manufacturer. And mostly they're working in OEM model, meaning they sell to other businesses. They sell to glasses retails, or to camera manufacturers, the camera, their lenses. And they built a website and a partner portal where there's an e-commerce and an enablement place for their partners to go and collaborate. So this is how it would look like, again, this is a mock websites.
There's a partner login partners go in, and then they can choose which modules we want to go into partner enablement or placing the order. And then the case that they go into placing an order. There's the full catalog here within the e-commerce module. Now, not all partners should have the ability to place orders for all the different items. Some partners only need the ability to order sunglasses and sunglasses lenses or prescription lenses and other partners should only have the ability to order camera lenses. So you need to be able to differentiate and control, which partners have the ability to access what items let's look at the different players we have. So let's take one retailer, let's call them looking good glasses. There are glasses ma retailer, and let's look at the different personas. So ask Timothy. He is from crystal clear optics. He is a partner relationship manager, a business role, and he knows what his partners need in order to be productive.
And he's going to be using the admin console. And we have Holly she's head of procurement for looking good glasses, again, a non ti individual. And she needs to make sure that her users or employees have access to the crystal clear optic e-commerce platform to make sure that inventory is always full and she's going to be used the delegated admin console. And eventually we have Michael. He is regional head of blended supply. He just needs to go and get access to the crystal clear optics website and place the orders when he needs it. Now, bear in mind that looking good glasses are probably working with other manufacturers. So if Michael and Holly are not going to get a very good experience with crystal clear, it's most likely in a search to assume that they're going to be working with one of their competitors. And, and one of the points of the B2B access managers is really six associate and to choose the business goals.
So let's look at the different use cases here. Okay. Let's look at how Timothy gets the visibility to all the partners, how we take the partner level action and automate the access role distribution. So this is what the IP admin console looks like. And there are three areas, so to speak to this console, and you can see that on the left side, there is what we call the partner workspace. And right off the bat that Timothy can see all the different as a partner entity. This is something that doesn't exist in traditional or IAM. You can see the different partners, you can see their status, it can take an action, like suspend a partner at the click of a button or delete a partner. We also provide a registration form so we can embed it within their website and all registration requests to become a new partner go here.
So it really supports the partner onboarding here, the authorization workspace in the role catalog here, give me a second, just create the necessary access roles. And you can see that there is sunglasses lenses, buyer, telescope lenses, buyer. There's also delegated admin because delegated admins can actually give other users the ability to be a delegated admin and within each and every one of those access roles, he can set those automations that are discussed, which partners have the ability to sign them. And if any of them have any automations around birthright and eventually these are the applications that the access is managed to. And if we drill down into one of the partners, you can see that Timothy can all the different details of the partner. He can also update it. One important note here is that partners don't have to be created within the system. We can actually bring them via an API call.
We understand that sometimes it's the partner entity kind of resides within a CRM where in the ERP system. So you can actually import them in here and here with Timothy can do is he can set a max amount of member members within the environment. So his partners won't just start inviting everyone. This is another measure of controlling security. And now let's look at how it looks like from Holly's perspective, how she goes into the delegated admin console and the different self-service activities that she can perform. So how did those into the partner login, but right, because Holly is in a delegated admin. Now she has the ability to access the delegated admin console. And she goes there, and this is the delegated admin console, the look and feel that is completely configurable. So we can be changed to accommodate the crystal clear or anyone's brand guidelines.
And the first thing she does is to invite a member. She clicks on it. She can do a single member invite. You can also do a group bulk upload, and she just puts the different details of the, of the member that sends an invitation. You can see that he, Michael hasn't yet activated his user. And once Michael activates the user, Holly can start managing the access of Michael. So she clicks on Michael, and this is the member management page. So a few things here that you can see first, the details she can update them. She can suspend Michael, she can reset Michael's password and remove him, really provides the support. And as the heart of it is the ability to assign different access roles to Michael. So she can assigning with prescription lenses, buyer, and sunglasses, lenses, buyer, and note that she doesn't have the ability to assign a microscopic lens is by, for example, because a crystal, because looking good glasses are not in that line of business, so it's not available for them. So she goes ahead and gives Michael the, the prescription lenses buyer role. And now we're going to see how it feels from Michael's perspective. So Michael goes into the portal. He's not a delegated admin, so he doesn't have the ability to log in into the delegated admin console. And he goes into the e-commerce platform. And if you recall, we said that originally there are a lot of different items there, but because Michael only has the prescription lenses viral, you can only view and place orders for those items.
Now, Michael realizes that he needs the ability to place orders for sunglasses lenses. Now, the normal way would happen is to open a ticket with crystal clear optics, which would take a few days to process then to validate that their request is legitimate. And then grant Michael the additional access rights. Oh, no, a few good business days going down the, the garbage with a lot of frustration along the way. But in this case, Michael just needs to reach out to Holly and tell, listen, Ali, can you please also give me the sunglasses lenses by our access role? Oh, he does that. And the next time that Michael logs in, he had the ability to place orders for sunglasses lenses. And with that, I'm done with the demo and then Phillip continue the presentation.
Okay. Thanks for the great presentation. Not off first, I would like to start with the results of our two polls. So let's see the results of the first poll. Here we go. And the first poll we've asked you how to handle partners within your company. And we have the result that approximately 60% of you are saying, okay, they are handled like externals and tech as partners, 30% handle them like externals, but not tagged as partners and 15% handle them like internals. So not, are you surprised of the results?
I think this is a good sign. There is a, an understanding that the different processes are required around the different types of identities. I would be very curious to know what those companies or the individuals that mentioned that they are tagging their external users or partners. Do they have different processes and capabilities that go along with that tagging? I would say.
Okay. So, and what is about the 15% they are tagging them? Like internals, what do you think? Yeah. This, the, the Mo the biggest issue about that. Yeah. It's the biggest issue about that?
Yeah. I, I would say that I'd like to know what are their, if they're struggling with, with anything around that, like, do they find it, they find it hurting or slowing down their business. And I'd be very interested to hear what their partners have to say about it as the recipients of the experience. And also if they're considered doing anything around it. And if it's, if it's something out of necessity or out of the choice.
Yeah. And that basically brings us to the second poll, because we've asked you in the second poll about the time you need for onboarding your external partners. And as we can see in the results, approximately 50% are able to onboard a partner within a week, which is great. But Lisa is with another 50% that is not able to do that. So we have 30% and after the first week, until the second week, until the end of the second week, and we have 12% that need more than three weeks, have you imagined that result?
Actually, it's pretty much aligned with what we've seen, what we've seen, that it takes weeks. I'm surprised that there are individuals that indicated last minute a day, that that's great to hear looking at. It means that 51%, it takes more than, than a week. That's a lot of time and money just multiplied by the number of partners and you'll get months, or even years of partners sitting idly waiting for, for the right access and to be productive. Also, remember, this is just onboarding, let's maybe had another followup question. How long would it take a partner to get new access rights if they needed after onboarded, maybe, you know, you add to this stack a few more months of partners sitting idling, waiting for the right access until they can actually engage.
Yeah. And imagine you had an emergency, how, how much time would it cost and money would it cost to onboard a partner for two weeks? So that, that is a really interesting. So how long would he need, would it take the partner to, to onboard in your tool and your PlainId partner manager?
I would say that the partner onboarding is a partner organization. It's pretty immediate approval is based on internal. I would say chain of approvals, but once a partner has been sending the system, if they need to bring a new individual or given the right access scrolls, it's a matter of seconds.
So we, we are here one of the 9%, less than a day,
Correct? Correct. It's pushing everyone up to those 9%
And then that would be great. Okay. So let's see, what other questions do we have here? First question to you. I have an IDP. Do you integrate with it?
Yes. So we integrate with the identity providers, such as Octa, Alyssa, zero. We're not here to replace them for already using them. We can actually use them as the underlying identity provider of, of the system. And we'll just take care of the whole process of bringing a user and taking a user off. So, you know, once let's say that we integrate with Octa and a dugout, admin invites a user or a member, then we at the backend are going to create that members file on Okta and take care of all the different arrangements, so to speak within the optic console. So as far as, as the delegated admin is concerned also for you as the IP admin, you have one front in one place to manage, we scrutinize and, and take care of the integration automatically.
Okay, cool. So we have another question here. I have partners that did not complete their certification requirements. How can partner manager help me in that case?
Okay. This is, this is a great, really interesting, great question. So certification of a partner can really be seen as a partner attribute, right? Like location or a partner is golden and other partner attributes. And as I mentioned, you can set automations around a different partner attributes. So let's say that you have partners certification equals. Yes, no. And it can just set an automation saying, okay, make access roles available only for partners that certification equals true and don't make it available for partners that certification equals false. And we can feed into the attributes from an external source. So you don't have to do it manually, but you can actually build the automation and the piracy, so to speak. It's an access policy, right. Partners that don't, didn't complete, the certification should not have access to the, to the assets. And this is something that can be pretty easily configured when creating those access rules.
Yeah. Sounds great. Okay. Third question also for you, how does this product help me to introduce new products or services to partners?
Right. So introducing new services is really about the ability to distributed across your organization, right? Let's say that's now crystal clear optics decided that they're also doing watches renters and some of their partners need it. So you need to create the access rules for your partners to utilize, and you need to make sure that distribute distributed pretty quickly. And again, the automations and the policies or in the access rules are what makes it pretty simple. So that's one is distributing, Xaxis rolling and producing it. It's fairly easy to add it into an existing application. Let's say the e-commerce each add the entitlement to order, watch lenses. You added to an existing access role. So you can either take an existing access role. You can say, okay, everyone that has the ability to order sunglasses lenses should also have the ability to order, watch lenses. I don't know if this is the business decision that you make.
You can either just add it to the existing role and everyone that is assigned with it will automatically have it. You can create a separate role and distributed based on the automation and more ever. So that's the distribution because the debit and admin of the relevant ones are going to see it within their delegated admin console. They can immediately start assigning it to the appropriate users and you don't have to chase them and try to figure out who needs that access. So you kind of trickle it down and then the delegated admins will take care of the rest.
Okay. Yeah. Interesting. And another question after the second poll, we have seen that you said that you're able to get the onboarding of identities down to less than a day. So approximately how long would it take to implement the partner manager itself? The solution,
I would say, I think fairly quickly, as far as it to environment, and it's not a deployment to SAS solution. So to configure the system, it really is built to provide a streamlined solution. So getting it to work is fairly immediate. And then like any other product that would say, take some learning to make the right access roles, educate the partners around it and make sure that they're aware. So getting it onsite a matter of days, full utilization, I would say two, three weeks.
Okay. Yeah. That is, that is quick. Another question. Is it only a SAS solution?
Correct? It is offered only as a SAS solution fully, fully SAS.
Okay. I have more questions here. Give me a second. Yeah, next one. Can you share a real life success story and explain the general setup of the success story?
So we actually have an interesting one with, with a customer that the implemented they're a software company and they're building a software product for their customers and they needed a few different access rules within their product. And instead of building the access management module within their product, they're using partner manager. I know it's not, I would say the typical use case, but it's a very interesting one. So they kind of baked it within their product, within their software. And now their customers are using the delegated admin to onboard users to the, to the, to our customer's product. So again, it's not supply chain, but it's the same principle of making sure that you have a successful business engagement and your business partners can bring their customers to the digital assets.
Interesting. Okay. So another one and this one is a little bit longer. Many partners are small and spread grow globally. They would not be able to provide an appointment. What do you do in this case?
So maybe kind of break down. What does it mean providing admin? I don't think we need a full-time employee here. We have a customer, there are a door manufacturer. They sell across Europe. They obviously sell to large companies, but they also have pop and mom and some of their partners are three, four people business. So one of them is a delegated admin and the debit and admin console was really built for non-technical people. We understand that we shouldn't expect only it, people engaging with it. It's supposed to create the ability for a frictionless engagement, not to throw another it overhead at your partners. So we have customers that are using it with the smallest partners available. It's just one individual takes four minutes to understand. We have a very nice instruction video on how to use the delegated admin and, and they can go ahead and just use it.
Nice. One last question from the audience applications or a T services needs to integrate with big ID, B2B identities and roles in order to get the demonstrated crystal clear capabilities. Correct.
So the application we're basically managing, if I understand the question correctly, the entitlements within the application really, really depends on how the underlying application is structured and how, what are the building blocks in the crystal clear example each and every one of the items in the e-commerce is an entitlement. So the application is expecting within the authorization requested to know whether or not a user has the ability to, to view or, or perform whatever activity on that specific entitlement. So yes, we're mapping those entitlements within our system. That was the application side of the it admin. So basically managing your mapping, being titlements the way that they are in the application and the way that the application expects to get them in the answer. And yes, the application needs to know how to handle external authorization. But I would say most applications that can integrate with Okta or any external IDP from what we've seen are capable of doing it. And we're providing them with their appropriate response and what entitlements the different users have permission to see.
Okay. So that leaves us with no questions left. So if you have more questions, feel free to, to write them down. Now, now, otherwise I can only thank you for the great presentation and the answers to the questions and the audience for participating in our webinar. And I would also like to remind you about our upcoming event in, but especially about the EIC in may in Berlin. And I hope to see you there. And that brings our webinar to an end. I wish I wish you a great day. Oh, we have another question. No way. Thanks then. Bye. Yeah. To you too. And yeah, and I wish you a great day and I would like to leave the closing remarks to you. Not of
Again, just thank everyone for their questions, their interests, their participation, I think. Thank you, Phillip. And all the guys from KuppingerCole for hosting us tonight.

Stay Connected

KuppingerCole on social media

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00