On the evening of March 16, Authing co-founder and CMO Xu Ziqiang conducted an AMA (Ask Me Anything) with the theme "Dismantling the Identity Cloud: How to Effectively Reduce Enterprise R&D Costs" in the Authing Commituny community. This AMA is divided into two parts: thematic question and answer and interactive question and answer. Xu Ziqiang answered the questions raised by the moderator and users, and showed everyone a complete and clear Authing technical architecture system including SSO and MFA modules. .
Topic Q&A
In the topic Q&A stage, the host asked Xu Ziqiang about some issues that investors, developers and users care about. From the dialogue, we learned in detail about the industrial structure of Auth0 after the acquisition and the technical system of Authing.
Moderator: Welcome Ziqiang, please briefly introduce yourself to everyone.
Xu Ziqiang: Dear friends from the Authing Community community, I’m Xu Ziqiang. I am in charge of commercialization at Authing and also responsible for Authing’s global business development.
Moderator: Thanks to Ziqiang for the introduction. We know that Auth0 is also a dark horse in the identity field. So, what is the key information behind Okta's acquisition of Auth0 for 42 billion yuan? Why is Auth0?
Xu Ziqiang: In fact, as early as 2017, Okta realized that he was still weak in the developer-oriented business scenario, and acquired Stormpath at that time. However, facts have proved that this is not enough. In recent years, Auth0 has developed rapidly in the user identity management (CIAM) market with its developer-friendly features. With the acquisition of Auth0, Okta has once again supplemented its capabilities and entered the huge identity market at a faster rate.
Moderator: Can you tell us about identity cloud, tell us what is the industry pattern in the field of identity cloud, what are the technical architectures, and what is cloud native?
Xu Ziqiang: The global identity cloud market is developing rapidly, with fierce competition and rapidly changing customer needs. Authing focuses on providing a complete identity product to solve the complex needs of customers. Authing's services are hosted in cloud service providers, and the entire identity cloud platform uses powerful cloud resources to provide services to customers. Relying on the flexible cloud infrastructure of cloud service providers, Authing's service construction is fast, easy to deploy, highly secure, supports multi-tenancy, high availability, and integrates various third-party services. These are the advantages of cloud native. For more technical information, you are welcome to visit our official website to understand:https://www.authing.cn 。
Moderator: Just now Ziqiang mentioned a term called Identity Cloud Platform, so what is the value of Auth0? Why does enterprise development need Auth0?
Xu Ziqiang: This is a very real problem for business management. With the development of digitalization, every company in the future will be a technology company, and companies will have more and more software, and almost every software has a user identity layer. However, each enterprise should focus on its core business, rather than spending time on developing identity facilities. The value of products such as Auth0 and Authing is to help companies make identity issues easier when facing more and more applications, users, and devices. Compared with building, maintaining, and protecting a set of identity solutions by yourself, an on-demand identity platform is an option that enterprises prefer and need more.
Moderator: Ziqiang also mentioned that corporate infrastructure requires identity authentication, no matter for internal collaboration or serving external users. What are the challenges of identity authentication in enterprise system management? What technical solutions are needed ?
Xu Ziqiang: The challenge of unified identity authentication within an enterprise comes from non-standard applications and lack of knowledge on authentication, security, and compliance. This is also a challenge for identity service providers like us. In the past, other service providers overestimated the degree of digitalization of the company, ignored a series of necessary technical solutions, and ultimately failed to solve the customer's problem. Faced with these challenges, Authing provides out-of-the-box developer tools, adaptive security and a compliant version, which fundamentally and efficiently solves the problem of user identity.
Moderator: Single sign-on (SSO) is one of the solutions to integrate enterprise systems, Keycloak vs Authing, should single sign-on be implemented with an open source framework?
Xu Ziqiang: Compared with open source solutions such as Keycloak, Authing is a more complete, more localized, and more enterprise-level identity SaaS product, and it also provides timely commercial services. For details, please refer to our previous article: https://blog.authing.cn/blog/detail/117 .
Moderator: Through multi-factor authentication (MFA), we provide users with an extra layer of security protection in addition to the user name and password. So what MFA method does Authing use, and what kind of authentication factor does it have?
Xu Ziqiang: It is very simple to enable multi-factor authentication on the login component provided by Authing. Just open a button in the console, no code is needed. Currently supported multi-factor authentication methods include SMS, email, software one-time tokens, and so on.
Moderator: In addition to the above technologies, what implementation details of the underlying authentication has been shielded by the login component (Guard) for developers? What tedious UI developments are blocked?
Xu Ziqiang: Authing provides developers with ready-made login components, which saves them the time wasted in implementing unified login.
As long as you "install" this common login "portal" in multiple applications, you can achieve single sign-on for these applications. Developers can freely configure the domain name, style, login method, etc. of this login page in the Authing console, which is very convenient.
Moderator: Authing 2.0. Authing is positioned as "the identity infrastructure of cloud computing." What are the technical advantages of Authing compared to OpenID?
Xu Ziqiang: OIDC is just a standard identity protocol. Authing is an identity management platform that supports various identity protocols such as OIDC, SAML, CAS, and LDAP, and can therefore be called the standard identity layer of cloud computing.
Moderator: In the post-epidemic period, corporate costs have increased and layoffs have become the norm. Facing 2021 and the future, how can companies embrace identity cloud and enhance infrastructure construction and deployment? Realize the reduction of enterprise development costs and reduce staff turnover
Xu Ziqiang: In recent years, from the development and popularization of cloud services such as Stripe, Twilio, and Agora, I have observed that cloudification and APIization of service facilities have become a general trend. When purchasing infrastructure services, I suggest that companies consider the ease of use, usability, scalability, and customization capabilities of the cloud service. The developer-friendly, API-based cloud services mentioned above will certainly not have these capabilities. difference.
Moderator: Finally, for the developer community, what growth plans does Authing have?
Xu Ziqiang: I think developers are influencing companies' purchasing decisions, and this trend is accelerating. As the demand for identity management grows, the expectations of developers will prompt us to accelerate the development of Authing developer tools. Next, our team will set up an Authing developer community and organize offline activities to enable developers to grow better. Please follow our official WeChat account and WeChat community notifications. For developers, we will also launch creative services. Currently in the stage of collecting requirements, you are welcome to fill out the developer requirements questionnaire and tell us your needs. The specific submission address is:http://authing19.mikecrm.com/p1aoasJ 。
Interactive Q&A
After the AMA topic Q&A session, the developers and friends actively asked their questions and were very concerned about the development of Authing products.
Community user " Vladimir Grigoryevich Zaitsev " : Does Authing have an open source plan?
Xu Ziqiang: Not yet.
Community users " , " : What is the relationship between verifying user identity and verifying the permissions between the user and the App?
Xu Ziqiang: Well, this is the difference between authentication and authorization. Identity verification is the process of verifying the user's identity, and authorization is the process of verifying that the user has the right to access.
Community users " , " : Another way of asking questions is that companies have a common need for employee authentication, which is a good understanding. But are you optimistic about the scenario where employees and apps are mutually authorized?
Xie Yang: This scenario is very common in Feishu. Third-party applications will request employee data for secondary operations and development.
Xu Ziqiang: Yes, it is the OAuth2 protocol that supports Feishu authorization. Authing also supports the OAuth2 standard protocol
Community user " Xiao Ming " : The user registered Authing user information (with a nickname, avatar) using his mobile phone number, and then logged out again after logging in with socialization, and bound the registered mobile phone number. Should the user information be displayed?
Xu Ziqiang: Currently, it will be merged automatically.
Community user " Darchrow Mu " : Can you introduce the integration of the existing multi-account system into the identity cloud?
Xu Ziqiang: You can add me to get the white paper of the multi-account system.
Community users " , " : Domestic support for Saml and Openid is rare, but foreign apps are very common
Xu Ziqiang: Yes, we help companies quickly build SAML/OIDC application services through the Authing identity platform.
Community users " , " : Are most of the apps that @Authing-XU has accessed from abroad?
Xu Ziqiang: Some companies have relied on Authing to log in to enterprise applications with existing Feishu accounts. The challenge of unified identity authentication within the enterprise comes from non-standard applications and lack of knowledge on authentication, security, and compliance. Of course, this is for us. It is also a challenge for identity service providers; as I said before, the challenge of unified identity authentication within an enterprise comes from the non-standard application of identity and the lack of knowledge about authentication, security, and compliance.
Community users " , " : I'm talking about Okta's kind of scenario, Okta docks thousands of apps, and companies can assign apps that employees need with one click.
Xu Ziqiang: At present, there are still many domestic companies using Authing to integrate and build apps. Faced with these challenges, such as old applications that do not support standard identity protocols, Authing provides out-of-the-box integration tools and developer kits to efficiently solve problems.
Community users " , " : In China, 2C apps include WeChat, Alipay, and QQ for direct authentication. 2B has corporate WeChat and Dingding authentication. Does this situation constitute competition for the development of Auth0?
Xu Ziqiang: WeChat and DingTalk are essentially user directory services, and they actually constitute indirect competition for Auth0 / Authing. To add, Authing is an independent and neutral identity platform, which can be connected no matter which application service the enterprise is using. Unlike Ali and Tencent, Authing does not have any prejudice against the suppliers of directory services and application services.
Community users "," : My last company still relies on manual docking, especially Okta's Top application.
Xu Ziqiang: Well, the ability to integrate and build applications is the key to an identity platform. To add, Authing is an independent and neutral identity platform, which can be connected no matter which application service the enterprise is using. Unlike Ali and Tencent, Authing does not have any prejudice against the suppliers of directory services and application services. We help any business choose the software that suits them without being tied up by the supplier.
The Authing community AMA ended successfully. Through Ziqiang's detailed answers, the developer friends have a deeper understanding of Authing and a stronger confidence in joining the developer community. Realizing the laying of global enterprise-level identity protocols is a great vision that takes a long time to realize. We are willing to start with Authing identity technology, begin to explore and de-commercialize, and finally we will realize the mutual cooperation between people and applications across the world.