B2B applications require connecting customers and partners with their existing identity system or directory. Customers often want their employees or end-users to access your product and service with hierarchical access rights and their existing identity.
\nManaging these requirements in-house can be tricky and time-consuming. However, the LoginRadius B2B Identity solution can bridge this gap for your business and help you eliminate friction. Above all, it serves a faster go-to-market with an industry-leading deployment time of 3-4 weeks while ensuring the following:
\nLoginRadius B2B Identity allows your customers and partners to effectively create their accounts without needing them to create another identity.
\nThis feature lets you give customers and partners authority to manage accounts and access via their internal identity sources or your dashboard.
\nLet’s say: your customer wants to allow only marketing and sales employees of the organization to access your B2B application. And within those 20 employees, the access rights will be different. LoginRadius B2B Identity can allow your customer to use their internal identity for authentication and manage the provision and access of their employee accounts within their identity source.
\nSimilarly, suppose some customers do not want to use internal identity for authentication and authorization. In that case, they can easily do this via managing configurations like login method, roles, and permission from your application dashboard. LoginRadius B2B Identity works in the background to smoothly process these requirements.
\nTo allow your customers and partners to use their internal identity for authentication, you must configure Federated SSO protocols depending on their identity application. With LoginRadius B2B Identity, you get effortless integration of the most popular and complex SSO protocols, such as SAML, JWT, and OAuth.
\nLet’s say one of your customers wants to authenticate using Salesforce while the other prefers to utilize their AWS identities. You can utilize OAuth integration for authentication using Salesforce and SAML integration for authentication using AWS — without understanding both protocols’ complexity and in-depth implementation.
\nNot just this, integration of these protocols is entirely maintenance-free; any required change or updates in protocols are taken care of by LoginRadius.
\nGet a centralized view of all your customers and partners. You can easily manage their identities and access controls (roles and permissions) from the LoginRadius Dashboard or the LoginRadius Management APIs.
\nRevoke access automatically upon user offboarding to ensure effortless access security to applications of your customers and partners. Similarly, it revokes customers’ and partners’ access rights to your application in case of churn or contract termination.
\nLoginRadius B2B Identity lets you delegate admin access to your customers and partners for seamlessly managing their employees and users. Consequently, it saves the efforts and time of your IT support team.
\nAlso, you can set up self-serve registration for your customers and partners, thus saving time in manually setting up their accounts. Similarly, these customers and partners can facilitate self-serve registration for their employees and users.
\nThe following built-in capabilities of LoginRadius CIAM lets you meet data regulations and protect customers’ and partners’ data privacy:
\nLoginRadius Dashboard lets you access your application's audit logs of activities performed by customers and partners.
\nAlso, you can access 30 different analytical charts to understand your customer and partner base and engagement.
\nThe following explains the step-by-step implementation of LoginRadius B2B Identity:
\n\n\nNote: To implement B2B Identity, you must have a Developer Pro account with LoginRadius. Create a Developer Pro account here for 21 days of the free trial.
\n
These are your customers or partner organizations who need to access your application. You can create and manage these Organizations using the following APIs:
\nCreate Organizationsdocs/references/api/b2b-identity/#create-organization)
\nAPI Endpoint: https://api.loginradius.com/identity/v2/manage/organizations
Update Organizationsdocs/references/api/b2b-identity/#update-organization)
\nAPI Endpoint: PUT https://api.loginradius.com/identity/v2/manage/organizations/{id}
Remove Organizationsdocs/references/api/b2b-identity/#remove-organization)
\nAPI Endpoint: DELETE https://api.loginradius.com/identity/v2/manage/organizations/{id}
Update Organization Statusdocs/references/api/b2b-identity/#update-status-of-organization)
\nAPI Endpoint: PUT https://api.loginradius.com/identity/v2/manage/organizations/{id}/status
These are the roles that organization users will have to access permission-based resources and processes. You can create, assign, and manage roles using the following APIs:
\nCreate Roledocs/references/api/roles-management/#roles-create)
\nAPI Endpoint: https://api.loginradius.com/identity/v2/manage/role
Add Permission to Roledocs/references/api/roles-management/#add-permissions-to-role)
\nAPI Endpoint: PUT https://api.loginradius.com/identity/v2/manage/role/{role}/permission
Remove Permission from Roledocs/references/api/roles-management/#remove-permissions)
\nAPI Endpoint: DELETE https://api.loginradius.com/identity/v2/manage/role/{role}/permission
Set Roles for Organizationdocs/references/api/b2b-identity/#addupdate-roles)
\nAPI Endpoint: https://api.loginradius.com/identity/v2/manage/organizations/{id}/defaultroles
Add User to Organizationdocs/references/api/b2b-identity/#add-user-to-organization)
\nAPI Endpoint: https://api.loginradius.com/identity/v2/manage/organizations/{id}/members
Remove Users from Organizationdocs/references/api/b2b-identity/#remove-users-from-organization)
\nAPI Endpoint: DELETE https://api.loginradius.com/identity/v2/manage/organizations/{id}/members
Get Organization Usersdocs/references/api/b2b-identity/#organization-users)
\nAPI Endpoint: GET https://api.loginradius.com/identity/v2/manage/organizations/{id}/members
You can allow organizations to use the organizational identity or ask them to create an identity for authenticating themselves.
\nSet Global IDP for Userdocs/references/api/b2b-identity/#set-global-idp-on-profile): Set a global Identity Provider authentication method from the already enabled authentication methods for your LoginRadius App. The global IDP will apply to organizations of all your customers and partners.
\nFor example: Login with Gmail, Login with Facebook, Login with Email-Password, etc.
\nAPI Endpoint: https://api.loginradius.com/identity/v2/manage/organizations/{org_id}/members/{uid}/idp/global
\n\nNote: To show the global IDP to all organizations, turn the setting on via this APIdocs/references/api/b2b-identity/#set-global-authentication-method-for-organization).
\n
Create SAML Login for Organizationdocs/references/api/b2b-identity/#create-organizational-saml-idp): Set a SAML authentication method specific to the customer or partner.
\nFor example: Login with Salesforce for one customer and Login with Azure AD for another customer. So, customers and partners can easily authenticate using their identity provider rather than creating a new identity.
\nAPI Endpoint: https://api.loginradius.com/identity/v2/manage/organizations/{org id}/idp/saml
You can manage the welcome email and related email communication for the organization users using LoginRadius Dashboard, as explained heredocs/guide/manage-organizations/#manage-email-template-and-setting).
\nSave on R&D, engineering resources, and maintenance by utilizing LoginRadius B2B Identity — consequently, go to market faster.
\nCreate a Developer Pro account here to start your journey of eliminating authentication and access friction from your B2B business.
\n","frontmatter":{"title":"Why B2B Companies Should Implement Identity Management","author":{"id":"Ravi Teja Ganta","github":"ravitejag","avatar":null},"date":"May 31, 2022","updated_date":null,"tags":["Identity","Access Management","B2B"],"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/40cc7e952a0e3c8722171d03a00830f1/ee604/b2b-identity-management.png","srcSet":"/static/40cc7e952a0e3c8722171d03a00830f1/69585/b2b-identity-management.png 200w,\n/static/40cc7e952a0e3c8722171d03a00830f1/497c6/b2b-identity-management.png 400w,\n/static/40cc7e952a0e3c8722171d03a00830f1/ee604/b2b-identity-management.png 800w,\n/static/40cc7e952a0e3c8722171d03a00830f1/f3583/b2b-identity-management.png 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}}},"fields":{"authorId":"Ravi Teja Ganta","slug":"/engineering/identity-management-for-b2b-companies/"}}},{"node":{"id":"195307b5-8ae3-5311-9b6a-84ab10df494e","html":"Losing users on the signup page is wasting your marketing and growth budget because the signup page has a strong password requirement for ensuring security. If you remove complex password requirements, the user will use simple passwords that can be hacked easily. Balancing security and experience is the biggest challenge these days as People have a lot of options to try, and Hackers are ready if anything goes wrong.
\nPasswordless is a way to solve this dilemma, remove passwords means remove complex password requirement and security concerns both. To learn more about how and Why of passwordless authentication, read this - \"Passwordless Authentication: Securing Digital Identity\".
\nLet's talk about How passwordless can reduce the signup friction and how to make it more user friendly.
\nIn this tech era, we have a lot of online accounts on several apps, and the following password requirements are few examples to create a secure password:
\nSeriously, this all need to do by users to keep their account safe on your app! Password Managers are a solution, but they have their issues, installing their extensions and software, Device sync available with paid plans only, and so on.
\nBut Passwordless is the answer to it. It removes all password frictions and allows users to signup with a single click.
\nThe passwordless interface must be designed as a unified interface for authentication. Either use is new or existing, just let them use a single interface. If the user is new, internally create an account and log in and for registered users, start the user's session.
\nIt allows users not to remember if they are already registered or not. It reduces the number of clicks too.
\nIt can be implemented in mobile devices as one-tap authentication, which means the user needs to tap once and sign up the user and start the session.
\nIt's impossible to ask for any other information with a unified interface because we don't know the user is new or existing. So we have to use Progressive Disclosure UX principle to ask for more details based on the user's existence in the system.
\nProgressive disclosure always reduces the complexity. User's love to enter without providing huge details.
\nPasswordless can be an excellent approach to reduce user drops on the signup page with better UX practices. The most significant friction on the signup page is too many details and Complex Passwords. Remove them. Users will love it.
\nOn the signup page, you should include better messaging to motivate the user to sign up.
\n","frontmatter":{"title":"Optimize Your Sign Up Page By Going Passwordless","author":{"id":"Ravi Teja Ganta","github":"ravitejag","avatar":null},"date":"February 10, 2021","updated_date":null,"tags":["Passwordless"],"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/7a8c854feaf3313197ca307e91c3fa54/ee604/open-source.png","srcSet":"/static/7a8c854feaf3313197ca307e91c3fa54/69585/open-source.png 200w,\n/static/7a8c854feaf3313197ca307e91c3fa54/497c6/open-source.png 400w,\n/static/7a8c854feaf3313197ca307e91c3fa54/ee604/open-source.png 800w,\n/static/7a8c854feaf3313197ca307e91c3fa54/3eac8/open-source.png 1127w","sizes":"(max-width: 800px) 100vw, 800px"}}}},"fields":{"authorId":"Ravi Teja Ganta","slug":"/engineering/signup-using-passwordless/"}}}]},"authorYaml":{"id":"Ravi Teja Ganta","bio":"First curious cat at Gatsby Curious Community. Blogs at dev.wgao19.cc.","github":"ravitejag","stackoverflow":null,"linkedin":null,"medium":null,"twitter":null,"avatar":null}},"pageContext":{"id":"Ravi Teja Ganta","__params":{"id":"ravi-teja-ganta"}}},"staticQueryHashes":["1171199041","1384082988","2100481360","23180105","528864852"]}