Hacker News new | past | comments | ask | show | jobs | submit login
CIAM vs. IAM: What's the difference (2022) (fusionauth.io)
20 points by mooreds on May 12, 2023 | hide | past | favorite | 3 comments



CIAM is not nearly as popular of a term as it needs to be. When most developers build apps today, they still look at their cloud provider's IAM or Active Directory for inspiration in design of their customer-facing systems. I think this article is actually understating the complexity. Conway's Law rules all and sometimes your systems and users won't even necessarily be in your control. I urge folks to look into policy engines like OPA[0] and ReBAC systems like SpiceDB[1] rather than reinventing the wrong wheel.

[0]: https://www.openpolicyagent.org

[1]: https://github.com/authzed/spicedb


Also a bit disappointed in the article that it doesn’t connect the dots between WIAM and CIAM for B2B. One companies customer is another companies workforce.

Many of the apps you want to have for your workforce are actually third party, but you want to give SSO etc with an employee account. These saas apps need to not only provide CIAM ala “sign in with google” but allow the Customer to set up the connection with the WIAM to give employees access.


Thanks for the comments! Will try to address them in the near future, tracking here: https://github.com/FusionAuth/fusionauth-site/issues/2170




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: