CIAM Beyond Access Management - Is Your CIAM Programme There Yet? - Image by Reto Scheiwiller from PixabayAn important question to pose to the modern organisation is how mature is their Customer Identity and Access Management (CIAM) programme, and how do they plan to evolve it? Recently, we have seen a real desire from organisations to move beyond delivering the traditional CIAM requirements focused only on security.

They now aim to deliver a richer, more personalised customer experience across multiple touchpoints. In fact, 67% of the 200 UK and Ireland respondents who took part in a WSO2 and Vanson Bourne research study last year said they are utilising a CIAM platform. With this context in mind, it is a promising sign that we have seen many existing and prospective CIAM customers seeing a fairly rapid evolution in maturity over the last year at WSO2.

So, what level do you think your organisation is at currently? How can you strive for an optimised level of maturity? This article will showcase what leading customer-first organisations are currently accomplishing. It starts with thinking beyond access management.

Progressive profiling: Minimising the friction

Organisations are transforming their digital experiences at full speed. They are striving to provide the unified, multi-application experiences customers now expect. But these changes are accompanied by obstacles. Typically, these include how to:

  • Streamline user onboarding
  • Reduce friction during the registration and login process
  • Provide unified authentication across disparate channels
  • Manage identities and authentication for external B2B applications.

Most requirements organisations identify are focused on capabilities that simplify the user registration and login process for customers. Traditional CIAM solutions to simplify registration and login include tools like SSO, MFA, social login, and consent management. All of these are important, but they are limited to access management or access control. Essentially, it’s all about seamlessly letting ‘good customers’ in while keeping the ‘bad customers’ out.

An important and evolving requirement here revolves around consent and privacy requirements. Regulatory requirements can vary by geography, but organisations generally understand that they must enable their customers to control data collection, retention, and processing. Organisations should request the minimal amount of personal information at the beginning of a customer relationship (for example, pre-registration). They can then use progressive profiling to ask for more information as the customer onboards and as they consume more services. Progressive profiling minimises customer friction and reduces the risk to the organisation of holding unnecessary customer data.

CIAM is evolving to provide a unified view of the customer

Leading customer-centric organisations want to move beyond the basics to deliver a truly secure and personalised customer experience. These organisations don’t want to marginalise their good customers by forcing strict and multiple security measures on them. Rather, they want to identify and analyse the risk posed given the context and adjust the security measures dynamically to mitigate the potential risk. The bottom line is, let’s not treat our customers like criminals.

The challenge of unifying the experience

Competition is fierce, and it’s never been easier for people to change providers following a poor digital interaction with a brand. To set themselves apart, organisations need to make their websites and mobile apps more engaging, personalised, and meaningful for users. Achieving this goes beyond simply gathering information; it involves intelligent use of it to improve digital experiences.

This includes enabling different applications to offer a unified experience across all the various customer touch points. This is the first step to going beyond access management – creating single user experience across multiple applications. However, for some businesses, this is a complex undertaking as they may have multiple web and mobile apps that vary by geography, business unit, department, B2B partner, and more.

The data silo challenge

The next challenge is to break down the individual data silos that only have partial knowledge of a customer’s activity to create a unified view of customer identity. The unified customer view must be integrated into all customer touchpoints and the various complex business systems that can help deliver a personalised CX. These systems could be based on legacy technologies or follow the latest cloud standards.

Examples of these systems go beyond the obvious sales and marketing systems, to include a variety of business apps, directories, and other systems of record. It’s easy for a CIAM vendor to try and check this integration box by touting a few connectors to sales and marketing systems. The reality is that most environments are more complex than just that, and more comprehensive API management and integration capabilities are needed here.

Meeting the challenges as Hard Rock

Industry leaders such as Hard Rock are already offering their patrons a comprehensive, secure, and personalised experience using WSO2 as a foundation. To do that required overcoming an incredible amount of complexity. Hard Rock needed to consolidate 10 different loyalty programmes into one, requiring over 100 integrations to various customer-facing and back-office business systems.

What’s in the immediate future for CIAM?

Simple CIAM solutions can provide the core security functions needed for a solid user experience. The next stage of CIAM (CIAM 2.0) builds on this by unifying and integrating identity information from many silos to establish a comprehensive personality profile of a customer’s preferences, activity history, and other patterns. This enables business leaders to offer incentives, cross-selling and up-selling, and an overall personalised experience based on a holistic view of each individual.

The combination of identity information and personality information creates what we call a “digital double” — a holistic digital representation of a customer. The digital double can be leveraged through machine learning and AI to create real-time and predictive services via APIs. It feeds multi-experience applications with the relevant information needed to offer the ultimate secure and personalised experience in real-time, delighting customers.

Key considerations: Get the basics right


As you move towards offering a more personalised experience for your customers, obtaining their consent is paramount. Customers need to opt-in to you gathering their identity and application usage data so that you can deliver personalised experiences that delight them. Ultimately, it’s up to the end customer to decide whether an organisation can track their identity and personal information to enhance their experience. At WSO2, we are excited about emerging concepts such as decentralised and self-sovereign identity that will empower customers to share only the information necessary to optimise their experience while also protecting their privacy.


In the context of the digital double, personality information can encompass a wide range of data, including communication style, emotional responses, interests, and decision-making patterns. Snippets of identity and personality information, if not unified to create a digital double, will limit the extent to which you can offer personalisation. However, this can only be done with the customer’s full consent and a robust CIAM and integration platform. By doing so, you can develop more context and predictive capabilities, enabling you to provide a more personalised experience. But the scope of this comprehensive context is limited to identity and personality information directly related to the customer’s use of your products and services.


Artificial intelligence will be critical to getting the most out of your CIAM and CX initiatives. Emerging technologies such as ChatGPT and Google Bard are demonstrating the power of AI and will soon bring its use into the mainstream. It’s important that your CIAM platform utilises AI to provide automated, real-time, and predictive personalisation at the API level.

So where is your current CIAM initiative and where are you headed?

Regardless of where you are in your journey, it’s time to plan ahead. CIAM is here to stay, and your customers know it too. Add a robust platform such as WSO2 that is likely to significantly reduce your development costs and minimise the risks to your software stack. The WSO2 platform will enable your organisation to keep up with the latest standards and trends without having to continuously having to evolve your CIAM.

WSO2 LogoFounded in 2005, WSO2 is one of the world’s best open source integration vendors, helping digitally driven organisations become integration agile. WSO2 is a global organisation with offices in Europe, the Americas, Sri Lanka and Australia.

WSO2 solutions give enterprises the flexibility to deploy applications and services on-premises, on private or public clouds, or in hybrid environments and easily migrate between them as needed. All of the products are pre-integrated allowing enterprises to focus on value-added services and get to market faster.


Please enter your comment!
Please enter your name here