Understanding CIAM: Customer Identity and Access Management and the UMM Solution

As an IT architect, I was asked to introduce the concept of a unified IT component that can manage user identities and permissions across a distributed environment, handling not only employee data but also partners, contractors, and customers.

What is CIAM?

With the explosive growth of IoT devices and higher expectations for security and privacy, companies must ensure customers can securely use applications on any device. Customer Identity and Access Management (CIAM) provides adaptive, customer‑friendly access to resources with verified identity, security, and scalability.

Figure 1 CIAM pillars

CIAM is essential for public‑facing applications that require user registration and account creation. Adoption is driven by targeted marketing, single sign‑on, improved user experience, and regulatory compliance. CIAM software helps organizations securely manage customer data, identities, and activity.

With CIAM, customers no longer need to register separate accounts for each brand touchpoint (apps, websites, help‑desk portals). The software must provide a single view of the entire customer base and IoT environment, encouraging more frequent use and potentially increasing sales.

Figure 2 CIAM trends

CIAM as Public‑Facing IAM

CIAM is a subset of the broader Identity and Access Management (IAM) concept, focusing on managing identities of customers who need access to company websites, portals, and e‑commerce platforms. Instead of managing user accounts in each software instance, identities are managed centrally in a CIAM component, enabling reuse.

The core building blocks of IAM and CIAM—authentication, authorization, directory services, and lifecycle management—remain the same, but customer‑facing IAM requires more flexible authentication and simpler authorization models, higher scalability, and additional regulatory effort such as GDPR compliance for EU users.

Figure 3 CIAM vs IAM features

Key CIAM capabilities include self‑service registration, password and consent management, profile management, reporting and analytics for marketing, APIs/SDKs for mobile apps, and social identity registration and login.

Omnichannel and improved customer experience drive new functionalities such as adaptive access that considers dynamic identifiers (location, device, IP, etc.). For example, a new device login may trigger MFA, while a previously registered mobile device can use password‑less authentication for better security and usability.

Gartner Says

The overlap between CIAM and other IAM deployments continues to grow. CIAM use cases increasingly require full IAM lifecycle capabilities to combat malicious actors. Auditing, reporting, and analytics are crucial to tightly integrate CIAM with an organization’s security and DevOps processes. Common CIAM requirements—SDK/API integration, self‑service, and consumer‑grade experience—are now part of modern IAM solutions, delivering operational efficiency and adaptability to evolving enterprise and user needs.

Gartner’s 2019 report lists the leading vendors for customer‑facing access management solutions: Okta, Microsoft, Ping Identity, IBM .

Time to Introduce UMM

Inspired by the UMM case study at Zoetis, I reviewed this lesser‑known solution against the market leaders, focusing on the common features found in most CIAM products.

Common CIAM Features

Pre‑defined registration forms

✓

✓

✓

Self‑registration

✓

✓

✓

✓

Password management

✓

✓

✓

✓

SSO

✓

✓

✓

✓

Identity federation

✓

✓

PingFederate

✓

Roles and groups

Azure AD

✓

✓

MFA

✓

✓

✓

✓

Rules and policy engine

✓

✓

✓

✓

Consent and privacy management

✓

✓

✓

Profile creation and management

✓

✓

✓

✓

Progressive analytics

✓

✓

✓

Application authentication and authorization

✓

✓

✓

✓

Notifications (via RESTful)

Via RESTful

✓

✓

✓

Identity repository

✓

✓

✓

✓

Social identity registration and login

✓

✓

✓

✓

APIs and SDKs for mobile apps

✓

✓

✓

✓

ETL/Batch data sync

✓

✓

✓

Digital identity proof

✓

✓

✓

Reporting and analytics

Application Insight

✓

✓

Audit/Log manager

✓

✓

✓

✓

Invitation mechanism

as a custom policy

✓

OpenID Connect, OAuth 2.0, SAML support

✓

✓

✓

✓

API protection

✓

✓

✓

✓

Delivery

cloud

cloud, on‑premises

cloud, on‑premises

cloud, on‑premises

Based on the analysis, the UMM solution covers all common CIAM functionalities.

The User Management Module (UMM) is a proven, highly available, and easily adaptable CIAM solution that can be delivered in both cloud and on‑premises environments, integrates securely with legacy systems, and offers a rich rule engine to accelerate time‑to‑market for business needs, matching or exceeding the capabilities of market leaders.

Thank you for following, sharing, liking, and viewing.