Consumer Identity & Access Management: Design Fundamentals


This book is no longer available for sale.

Consumer Identity & Access Management: Design Fundamentals

Learn the market, design patterns and solution components to build user centric experiences.

About the Book

This book is now exclusively available in Amazon for both digital and paperback in all regions.

Consumer identity and access management (CIAM) is a critical component of any modern organisation's digital transformation initiative.  If you used the Internet yesterday, you would very likely have interacted with a website that had customer identity and access management at its foundation.  

Making an online purchase, checking your bank balance, getting a quote for car insurance, logging into a social media site or submitting and paying your income tax return.  All of those interactions require high scale, secure identity and access management services. 

But how are those systems designed?  Modern organisations need to not only meet end user privacy, security and usability requirements, but also provide business enablement opportunities that are agile and can respond to market changes rapidly. 

The modern enterprise architect and CISO is no longer just focused upon internal employee security - they now need to address the growing need for digital enablement across consumers and citizens too.

  • Share this book

About the Author


20 year veteran of the identity and access management space, working within industry, consultancy, startups and global software companies.

The last 7 years working for software vendor ForgeRock, designing next generation access management systems.

Also perform research and analysis on the global cyber security industry at The Cyber Hut - analysing market trends and architecture patterns.

Professional Qualifications: Certified Information Systems Security Professional (2007-present), Certified Ethical Hacker (2018-present), Certified Cloud Security Professional (2020-2023), Certified Information Systems Auditor (2010-2014) and numerous vendor qualifications from the likes of Microsoft, Cisco, Novell and Citrix.

Professional Memberships: Member of the British Computer Society (MBCS), Senior Member of the Information Systems Security Association (ISSA), Full Member of the Chartered Institute of Information Security Professionals (M.CIIS).

Professional Publications: Reviewer and contributor to NIST Special Publication 800-204, Security Strategies for Microservices Based Application Systems; Reviewer and contributor to the IETF OAuth2 Device Authorization Grant

Further information see here.

Reader Testimonials

Scott Forrester CISSP
Scott Forrester CISSP

Principal Consultant, Identity Management, UK

Consumer identity is at the very core of many a successful digital transformation project. Simon blends first hand experience, research and analysis, to create a superbly accessible guide to designing such platforms

Robert Skoczylas
Robert Skoczylas

CEO, Indigo Consulting Canada Inc.

Leveraging his strong security and industry background, Simon has created a must-have book for any Identity and Access Management professional looking to implement a CIAM solution. I strongly recommend the Consumer Identity & Access Management Design Fundamentals book!

Brad Tumy
Brad Tumy

Founder & Principal Architect, Tumy Technology Inc, USA

This is the book that needs to be on every Identity Architect’s Kindle. Simon does a great job of laying the foundation and history of Consumer Identity and Access Management and then gives you the roadmap that you need as an architect to deliver success on a project

Table of Contents

  • Prologue
  • 1. What is CIAM?
    • 1.1 Identity Evolution
    • 1.2 Drivers
    • 1.3 Benefits
    • 1.4 Challenges
    • 1.5 Real World Examples
  • 2. Existing Approaches
    • 2.1 Homegrown Solutions
    • 2.2 Legacy Enterprise IAM
    • 2.3 Specialist Providers
  • 3. Modern CIAM Requirements
    • 3.1 Getting to KYC
    • 3.2 Data on Demand
    • 3.3 Multi-platform Journeys
    • 3.4 CIA Triad + Usability
    • 3.5 Consent Management
  • 4. The CIAM Lifecycle
    • 4.1 Account Onboarding
    • 4.2 Identity & Attribute Proofing
    • 4.3 Profile Management
    • 4.4 Secure Login
    • 4.5 Data Management
    • 4.6 Consent Management
    • 4.7 Contextual & Adaptive Access
    • 4.8 Device Binding
    • 4.9 Account Removal
  • 5. Design Planning
    • 5.1 Business Objectives Mapping
    • 5.2 Stakeholder Analysis
    • 5.3 What Are You Building for Whom?
    • 5.4 Design Principles
  • 6. Solution Planning
    • 6.2 User Coverage
    • 6.3 Application Coverage
    • 6.4 Data Requirements
    • 6.5 Authentication Requirements
    • 6.6 Authorization Requirements
    • 6.7 Scale, Throughput & SLA's
    • 6.8 Security & Privacy
    • 6.9 Usability Requirements
    • 6.10 Roadmapping
  • 7. Implementers Toolbox
    • 7.1 Crypto Crashcourse
    • 7.2 API+REST+JSON
    • 7.3 OAuth2
    • 7.4 OIDC
    • 7.5 JWT
    • 7.6 FIDO/WebAuthn/FIDO2
    • 7.7 SCIM
    • 7.8 LDAP
  • 8. Vendor Selection Support
    • 8.1 Market Understanding
    • 8.2 Vendor Selection Process
    • 8.3 RFP Design
    • 8.4 PoC Design
  • 9. Measuring Success
    • 9.1 Defining Metrics
    • 9.2 Samples
    • 9.2.1 Increased Registrations
    • 9.2.2 Reduced Abandoned Shopping Carts
    • 9.2.3 Fewer Help Desk Calls
    • 9.2.4 Reduced Compliance Exposure
    • 9.2.5 Increased Trust

The Leanpub 45-day 100% Happiness Guarantee

Within 45 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

See full terms

Do Well. Do Good.

Authors have earned$10,589,243writing, publishing and selling on Leanpub, earning 80% royalties while saving up to 25 million pounds of CO2 and up to 46,000 trees.

Learn more about writing on Leanpub

Free Updates. DRM Free.

If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).

Most Leanpub books are available in PDF (for computers), EPUB (for phones and tablets) and MOBI (for Kindle). The formats that a book includes are shown at the top right corner of this page.

Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.

Learn more about Leanpub's ebook formats and where to read them

Write and Publish on Leanpub

You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!

Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.

Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF, EPUB and/or MOBI files and then publish with one click!) It really is that easy.

Learn more about writing on Leanpub