What is CIAM

Ondrej Skrehota

Ondrej Skrehota

Ondrej is Managing Partner to Brighten Digital and leads our Consultancy team.


This blog post is the first one of six that we are using to educate our network about CIAM. It explains the basic difference between IAM and CIAM, and summarizes the key areas which CIAM implementation can address within your organization.


Dear readers,

Before we dig into the content of my first blog post about CIAM, let me explain why CIAM is such a key topic for Brighten Digital. The abbreviation CIAM stands for Customer Identity and Access Management. However, it’s a very different topic from old fashioned IAM (don’t get me wrong – nothing is more important than proper management of access rights of your internal employees / contractors). The CIAM addresses the needs of your customers who need to access restricted content on your sites / applications but goes much beyond just that. 


This year we have had so much demand for CIAM consulting and implementation services across the whole of Europe, we had to double up our CIAM expert team (hurry up HR guys, more is coming).

What is the difference between IAM and CIAM?

Their common requirements are much different from standard IAM topics , for instance,  you don’t need to assign all your customers’ different security roles and ask them for 2FA login. It’s important to provide them with a smooth possibility to register (nothing sounds better than being able to register and login to a new portal using your Facebook / Google / LinkedIn profile). Easy login (again social credentials are worth of gold), but as a reward, you are getting your customer profiles stored within your database (of course we talk GDPR compliance here) with unlimited access to your (consented) clients 24/7 with anything you need.

What are the key areas CIAM will help you to address?

There are few key areas good CIAM (yes – there are good and best solutions available on the market – but I will share more about this in my upcoming post) should help your organization address:


This is the most important part of CIAM, but the login widget must be re-usable across different systems within your organization and preferably allow social


There would be no login without registration – even with social. It’s important to get users’ consent and basic data about who is visiting / buying in your ecosystem, so you allow them to login and use the services

The overall social area (Facebook, LinkedIn, Google and much more can be used here)

You would be surprised how much information the evil big tech (haha, we see you Zuckerberg) is willing to share about your clients with you (but who needs to have a list of your friends and their hobbies in the CIAM right?) – except of course, their login and SSO possibilities

Validation process

if you work within regulated environments (such as pharma or regulated goods – tobacco or alcohol), there might be legal requirements to allow within your ecosystem, only users who are validated (education, occupation, age). CIAM can help you both in real time with online validation calls to third party providers, real time scripts (modulo), but most importantly can provide your business with the possibility to manually verify the client / get his data via snail mail. Even in non regulated environments, the possibility to update customer login can be helpful, for example in case of detected fraud

Edit profile processes

Possibility to update customers profile – can be used for any contact / consent updates (removals for sure not happening in our implementations), important to enable to customer update his new email address, but also possibility to add his preferences / birthday, so that you can improve your campaigns and customer engagement with your brand

Consent management

Possibility to have full GDPR compliance, allowing your customers to manage multi channel consents across all the different domains, including possibility to unsubscribe or change channel preference, of course fully integrated with your omnichannel communication tools

Password reset

If you don’t know the reset password functionality, then you should probably stop the reading here (haha). However, you need to be able to do this in real time – there is nothing more annoying than waiting ten minutes for the reset password link (yes, we are again looking to one of the big tech providers, especially to one of his older versions of marketing automation tool)

SSO or Single Sign On

This can be greatly combined with social functionality (once you are logged in i.e Facebook, you open any website federated with your CIAM and you will be recognized as logged in). In addition, it comes along with standard registration / login features, allowing your clients to browse with one log in operation across your whole group of sites / portals, as long as they are federated. We will also allow you to collect additional information (progressive profiling) or additional required consent (i.e you sell lemonade and alcohol and want to move from lemonade ecommerce to alcohol – we will first verify your age, and than let you visit the 18/21+ site)



All in all every modern digital company needs to have CIAM in their roadmap – there are a bunch of cool reasons why to do so. But we at Brighten Digital truly believe that the near future will turn CIAM into one of the more important blocks of your ecosystem – but more on this in the following posts.

Table of Contents

Share this post


Related posts

The magic of customer data transparency powered by CIAM

In our third blog post on CIAM, we’ll discuss transparency. Because it matters. You need to be absolutely transparent with your customers about how you handle their data to gain their trust. Trust translates into consent, subscriptions and purchases. To make it hands-on, I’ll share our simple rules to help you with transparency. We’ll explain which role CIAM plays in handling your customer data transparently.

Read More »
How can you benefit from CIAM?

Here comes the second blog post on CIAM. It explains the benefits CIAM brings to your business. CIAM speeds up your digital transformation, decreases costs, improves customer experience, enriches your data on customers, and resolves consent management in the best possible way.

Read More »
What is CIAM

This blog post is the first one of six that we are using to educate our network about CIAM. It explains the basic difference between IAM and CIAM, and summarizes the key areas which CIAM implementation can address within your organization.

Read More »