The “How to Scale CIAM as Your Product Line Expands” webinar, presented by Frontegg and ActualTech Media, dives into the real-world challenges of managing customer identity and access management (CIAM) across growing product portfolios. As organizations evolve, the complexity of unifying identity across multiple apps and business units creates mounting pressure on developers, and friction for everyone else. This webinar reveals a better path forward.
Key highlights include:
This webinar is ideal for engineering leaders, product managers, and security professionals who are ready to move beyond patchwork identity systems and scale with confidence.
Alright. Well, hi. Hello. And welcome to how to scale CIAM as your product line expands.
Today’s fascinating webinar is sponsored by Frontegg and produced by Actual Tech Media. My name is Jess Steinbach with Actual Tech Media. And I am very happy that I get to be here alongside all of you today as your moderator because today, with the help of our wonderful expert presenter, we are going to explore some best practices. We’re gonna get into those hot tips, and best of all, those actionable strategies that you can deploy in your organization to help streamline user management.
And if that wasn’t exciting enough, today, we’re engaging in a true conversation. So our wonderful presenter and I, we’re gonna leave the slides behind. Right? We’re just gonna talk.
We’re gonna explore what our thought leading presenter has on the top of his mind and what is on top of mind for all of you. So right now, get those thinking hats on. If you haven’t already done so, get ready to ask some great questions because we are going to be be responding and reacting in real time, and we want to get into how you can easily manage user identities and permissions across different products all from a single platform. So there’s a lot to unpack there, and I know you’re gonna have a lot of questions as we go through.
So let’s get into the conversation together. We got a lot to do today. We also have a demo in store. There’s a whole bunch of good stuff coming our way.
So I’m gonna get things started as soon as we can, but I want to give you a little bit of a tour of our audience console. That’s gonna help us really get into our chat today. So let’s start out. We’re gonna head on over to the right hand side of the screen.
There’s three tabs there that are very important. The first one is the chat tab. So I mentioned that we have this wonderful community here with us, and we’re all gonna get to know each other a little bit today. So the chat tab is where you can say hi.
We want to hear from you, so post. Let us know how you’re doing today. And then as we go through our conversation, we want to hear from you if you have a thought, an idea. You’ve tried something and it didn’t work.
Any sort of experience that you wanna share with us, post that in the chat. That’s how we all connect together as a community. If you take two little hops over from the chat tab and you look at the q and a tab, that’s where you’re going to post those insightful questions. So if you’d like to ask a question directly of our presenter, that goes in the Q and A tab.
So chat, that’s our highs or hellos, or getting to know each other, sharing stories and ideas, connecting as a community. Q and A, that’s where you’re asking direct questions to our presenter. Hope that makes sense, everyone. Let me know if you have questions.
And then we also have the docs tab right there in the middle. That docs tab is absolutely jam packed with cool takeaways and things that are going to help you take action on all of the exciting information that we’re about to interact with here together today. So you want those resources after we leave the webinar. That’s going to help you bring that forward into your organization.
Alright. Those are our three tabs on the side. The last thing I wanna say about the chat tab, though, if you do have any technical issues, today, and hopefully this doesn’t come up, but we all know those old gremlins get in the system every once in a while. If you’ve got a little persnickety gremlin there today, here’s your first step.
First, try a browser refresh. That’s gonna cure almost anything. So give that browser refresh a try. If that doesn’t work, you can also try light mode.
Light mode is available for you on your audience console. Try that out. Worst case scenario, if those two things have not worked and you need the bat signal in the sky, you’re gonna post in the chat window for the wonderful Diana. Now Diana is here with us throughout our day today.
She’s making sure everything runs smoothly. She can give you a hand if there’s any trouble. She’s also just lovely and likes to say hi. So say hi to Diana anytime throughout our chat today.
Alright. Chat, docs, Q and A, done, done, and done. Let’s talk about closed caption. If you would like to have closed captioning on our webinar today, that is a great option that is available for you in the console.
I think that was all the good stuff. That’s everything that we needed to get through, and that means it is time to get into our session. And I am so excited to bring out our wonderful presenter here with us today to lead us through this conversation. And, of course, that is Roy Daniels, solutions engineer at Frontegg.
Roy, thank you so much for being here with us today.
Yes. Excited to be here.
Yeah. We got we got lots to get into today, Roy. We’re gonna have a whole interactive conversation. In fact, I’m gonna just get rid of the slides. Let’s let’s chuck them out the window. Let’s go off book. We’re just gonna hang out, and get to know each other, get to know Frontegg.
Let’s start out with that. Roy, we’ve done we’ve done the name and the title, but there’s only so much you can learn about someone from that. Tell us a little bit about yourself, and what are you really excited to get into with our audience today?
Yeah. So hi, everyone. I’m Roy. I’m a solutions engineer at Frontegg. I’ve been with Frontegg for about two and a half years. Working out of the Boston area.
And Frontegg, for everyone who doesn’t know, is a CIAM platform. So we handle the user authentication, user authorization, and, the full life cycle of the user.
And we have many features that are also specifically meant for multi app usages, which is what we’re gonna get into in a bit.
Yeah. That’s a little bit about myself. And please ask any questions that you have about CIAM or multi apps in the chat, and I’m happy to answer them.
Love it. Okay. Places to go in Boston. That’s whatever they got.
Seaport is really, really great these days. There’s lots of free things. Excellent pressure. Yeah.
You we’re already learning. We’re already learning.
Okay. Roy, I want I let’s let’s start out with a little bit of a deeper dive into Frontegg. Can you give us a little bit of a a a maybe in-depth or well, we’re gonna get in-depth later. Let’s start with the ten thousand foot. What should we know about Frontegg as we go into this conversation?
Yeah. So we’ve been around for about six years. Our R&D is in Tel Aviv, and our sales and marketing are mostly in Colorado and the Bay Area.
We have service, you know, from very small start ups that are just starting out to large enterprises.
And, what I intend to show soon in the demo and the webinar is to just, you know, show the different features that we have because we really do have a very unique feature set that I don’t think anyone else on the market has. So I’m super excited to get into it.
Well and I think that’s gonna be our definitely exciting to get into the I’m just opening up a poll question here. That’s why I’m trying to click and speak at the same time, and it’s not going well. Alright. So let’s see if you all can do better than that, and and click while and think and answer at the same time.
We’re we’re gonna transition a little bit into getting to know our audience now, because I’m excited to dig into how Frontegg can help solve some of the problems that our audience might be facing. And where we wanna start is by getting to know who’s here with us today and what are some of the challenges they’re facing. So starting out with, for those of you out there, are you managing multiple applications that require a unified user management system? And it’s fine if the answer, by the way, is I don’t know. I have no idea. That’s why I’m here.
But let us know. That’s a I we’ve got that there as a yes, no. Roy, from what you’ve seen, what do you expect to be the winning answer there?
I’m gonna go on a limb and say no because I think that that’s something that a lot of companies aren’t coming into these days. But, yeah, it also depends on the company size.
I know we’re gonna talk about this a little bit more later, but what do you think is the number one reason that it’s a no? What is the biggest obstacle?
Yeah. So that a common theme with people that come to Frontegg or come to Assign solution is, you know, sometimes you start building your own app from scratch or, you know, if you’re a small startup, you wanna have your own solution that’s, you know, relatively cheap, easy to set up. Right? But then you start actually gaining traction and getting more clients, and then you reach that critical point where, okay, now I actually need to connect a new app because I have a new product that I’m launching.
Or now my company is big enough. We acquired a smaller company, and we need to combine all of these products under the same umbrella. Right? So that’s when you reach that point where, okay, now I don’t wanna have to deal with all this extra logic and build all this stuff myself.
Right? So I wanna go to a SaaS solution that will just give me everything that I need, right, and help me focus on what I want to do, and that’s what we’re gonna do.
So resource, shortage, time, energy, and humans being a big problem.
I’m gonna share the results with our audience here, because look at that. We’ve got we’ve got sixty three percent saying yes. So a little more than half of the folks out there are saying that, yes, this is something where they they require that unified user management system. System. So that’s probably a good place to start. I’m actually I’m really glad to see although, you know, it’s always nice when we have people that are a little bit, uncertain, but interesting that we didn’t get any I’m not sure’s. Everyone’s very certain that they either do or they don’t.
Awesome. We can go over both use cases in any case. So we’ve got something for everyone.
We’ve got something for everyone. I love it. I’m gonna close that poll down. I’m gonna open up a different poll.
So this is open for you on the right hand side there, if you wanna take a look there. And what we’re wondering now is, do you need to incorporate multiple third party apps into your user management system? This again, a yes, no, or I’m not sure. You know what I’m gonna do?
I’m gonna actually just open this right up onto our screen, and we’ll watch the results come in in live time. It’s a tie vote right now.
Roy, why why do you think, and if someone here might feel that they’re not certain, what would be a reason that they’re not sure?
Yeah. So this is gonna be probably a more popular use case because what happens is, let’s say you have your SaaS platform that you’re building. Right? And now you wanna connect a third party tool, so that would be something like Zendesk, like a ticketing system, or some, blog, like a WordPress site that I have for my product, and I want to combine, identity for all of these different services, right, under one service which is gonna be Frontegg.
So not sure as I’m guessing people don’t know what third party services could be. But, when we say third party services, we’re we’re gonna talking about any sort of external system outside of what you’re currently building where you also need an identity provider for, and you wanna have everything, all the different users identifying under the same platform.
Perfect. Alright. Well, this seems like a good place to start. I’m gonna stop sharing our poll, but a big thank you to everyone who answered.
And and we want you to keep getting being interactive as we go through this. So, please do keep interacting with the chat and the Q and A as we’re going. Roy and I are gonna keep an eye on those again in real time and try our best to multitask and see all the things, while also imparting information, which, Roy, that I’m gonna hand over to you, to to bring the expertise. So let’s start out.
You know, it’s it’s always we always start in the negative, and then we kinda move our way towards the positive. So let’s start with the problems and and get into some of the challenges. And we’ve kinda brushed alongside a few of those already, but I’m wondering if I can ask you to kind of for the for the folks out there in the audience, that might be experiencing some challenges with user identity, let’s outline what that is. As a product line grows, as we’re trying to scale and meet company goals, what are the challenges that that someone might be facing in terms of managing user identity, and then Right.
How do we stay ahead of those challenges?
Yeah. Absolutely.
So, again, what normally happens is you start just building your platform and you say you know, you think to yourself, okay. I can for now, I only need username and password login. That’s easy enough. Anyone can, you know, figure out how to get a a JWT for your users. Right?
That’s all good. But then all of a sudden you sign a new client and they need something like multif-actor authentication or they need single sign on for their own, security on their side. Right? They wanna have control over the user base and who has access to log in or your end users now need to have that, SSO access. And then you’re starting to get into complications in terms of how everything works together. Right? Another example is, in the beginning, maybe you’re just dumping all your users into some database and you don’t really care about the groupings of these users into different organizations.
But then you reach a point where you actually need to have different security settings for each of the companies that use your services.
So that’s when we get into the concept of multi tenancy, where a user can be a member on multiple different tenants or accounts.
And then you can have different security settings. You can have them manage different groups of users. And we can look a bit further into even more advanced use cases that we have in our, in Frontegg end. For example, you can manage an entire organization.
So I can have a big corporation. Right? And then they can have different regions like East Coast, West Coast, right, and then Midwest. And then they can have different companies inside each of these resources for different branches of the company inside each of these regions.
So Frontegg handles all of those different use cases. Right? And, basically, again, the idea is you don’t wanna have to think about that stuff when you’re building your own product that has its own value proposition. Right?
You wanna focus on actually building the tools, that you’re trying to push. Right? Your your agenda. You don’t wanna have to allocate a lot of resources to building the identity side of it.
You wanna have a quick, easy, secure, safe solution. Right? So that’s what we’re here to do.
Yeah. Those are those are, like, the keywords. Hey. Quick, easy, secure, safe. That’s that’s what everybody is looking for. It sounded like, from what I was hearing from you, there’s a lot of opportunity for customization. So regardless of your industry specific compliance, whether they’re regional or industry specific, and then industry, size or or organizational size from enterprise to small business, all of this, is is something that you would be able to work with.
Yeah. Absolutely. So Frontegg is fully compliant with all the major, you know, the major certifications. You can see that right on our website.
So just an example, we have a lot of clients in the health care space, and we’re HIPAA compliant. Right? And we have, data hosting in US and EU and also Australia, Canada, and the UK. So it’s very easy to, you know, basically comply with everything you need to make sure that your data is only hosted where you need it to be hosted and nowhere else.
Well, that’s important. And speaking of those types of security considerations, I think that’s probably where we need to get into next. You know, security is top of mind and and really needs to be built into every layer of of what we do as an organization. Right?
So this brings up a constant discussion for a lot of us where we’re looking at how do we get the security that we need without damaging the experience of our end user? And you talked about MFA, and that’s something that I think a lot of us were used to now. But when that first came on the scene, you know, how annoying was that to have to go into multiple places? So, how are we balancing the convenience with strong security when we’re integrating all of these different apps?
Yep. So our approach is to be as less intrusive as possible. So we’re gonna look at it a bit when I start screen sharing, but, we have, for example, a a UI logging box builder where you don’t have to push any code to get exactly the logging experience you want for your users. And we also have separated out the different environments so you can run tests in your development environment without affecting production and only applying these changes when you’re ready to actually have that go live.
Right? So we facilitate the development side of things, and we also just make everything, like, as low code as possible. Our SDKs, you know, for example, if you’re building something in React, literally, we’re talking something like ten lines of code, and I can show it when you get into the code. And you’re good to go, and Frontegg it is now securing your application.
Right? And then you can make all the different changes you want from our UI or with the API. So that’s one main part of it. The other thing I wanna stress out is that we also have, a self serve user portal.
So your users can actually do a lot of this stuff themselves. If you have something like an admin in your organization, they can go ahead and manage the users in their account, manage the security settings, etc.
You’ve mentioned the demo a few times, and and I actually really wanna get into that. Before we do, though, I have one last question for you because I was thinking about as you’re talking about the some of the ways that you’re able to customize and you’re able to hit, different compliance needs. And we talked about HIPAA and and, you know, obviously, again, we get into region, we get into industry, there’s a lot to consider. The other problem with compliance and regulatory considerations is that they change all the time. You’ve got you’ve got regulations that are are, adapting constantly.
So how are you allowing for folks in the audience here to be able to ensure compliance along with those possibly changing regulations?
Yeah. So there are there are changing regulations, and there are also some, like, classic ones that people will go for, like like SOC2 or ISO 20207. Sorry if I got the number wrong. But, basically, there are a few of these that are sort of, table stakes, like, sort of, you know, the basic ones that everyone wants, which, you can check on our website. And then, we have some so we mentioned HIPAA. HIPAA actually comes with our enterprise, tier.
So, the point is that it basically depends on your contract.
I’m more of the technical person when it comes to that stuff, so I can tell you that we have everything you need that I can promise you. If you wanna get into pricing and stuff, then I’ll have to, you know, call for backup.
But Well Yeah.
Bottom line and I also would encourage people if you’re if that’s something that you’re interested in, you can look at our product updates page and see that, for example, when you’re talking about standards with, authentication, we have passkeys, I can guarantee, like, before anyone else on the on the in the science space had them. So we something like eighteen months ago or something at this point. And, another example is right now, we did a big launch for Frontegg AI. So we’re moving into the AI agents, space. We have our own MCP server.
So, we’re very quick. Right?
We we are we’ve developed quickly like the startup, but we’re solid like an an enterprise that you wanna Oh, I like that.
Yeah. That’s the right combo there.
Okay. We have left people on the edge of their seat long enough, Roy. I think it’s time to get into the demo. One of the things that I’m I wanna throw out there that Roy mentioned when we were kind of chatting and and prepping for this, that I’m very excited about is that he will take requests.
So he’s gonna walk through the demo, but if you have something that you really wanna see that he didn’t dig into or you have something that you want him to go back over or you saw something that you want him to explain a little further, if you post that in the questions window, Roy and I will keep an eye on it, and when he wraps up the demo, we will go back and we will look at anything that you have identified that we didn’t spend enough time on. So this is a demo by request. You’re getting a personalized demo experience. All you have to do is post in the q and a tab there.
Roy, are you ready to get into some screen sharing?
Yeah. Absolutely. Just give me a sec.
Yep. No problem. And I will let you know when I see your screen.
And then Alright. Can you see my screen?
Not yet. Oh, there we go. Okay. And I’m gonna take us off screen so that we can just focus and make it as big as possible. Alright. You are good to go, Roy. Let’s see it.
Awesome. So thank you. And please, let me know if there’s any incoming questions. Just feel free to stop me because I can talk about this stuff forever.
Welcome to Frontegg. The first thing I want to show you is our Logging Box Builder. This is what I mentioned, how you can basically customize the login experience exactly the way you want it to without having to push any code, without having to have a dedicated front end engineer that does all these changes for you. Right? So here’s a pretty standard login box that you might see. So if we go from top to bottom, we see that I have single sign on SSO enable. Right?
Currently, my email sign on is is set to password, and I can go with the password as login. If I wanted to do something like a six digit code, that’s the magic code or just the URL that gets sent to your email. Right?
Now we have the different social providers. So this is, you know, if you wanna log in with your Slack user, you just add it. Right? You see that everything is just very, very easy to add or remove.
We can add or remove our sign up. And talking a little bit about advanced options, if you look at the sign up form, this is actually you’re getting a sneak preview.
We are currently in the process of adding SMS only, sign up. So this is one use case that, certain industries, their clients like logging in with just their phone number. So this is pretty much an exclusive for us. But you can see you can manage all the different pages.
Right? You can go and, you know, manage the activate page, the forgot password page, and you can have different designs, different themes, for each one of them. Right? I’m gonna leave the design pretty much as is.
I just do wanna show you a few more options here. So for example, if I wanted to go with a split layout, I can do that. And then I can add these different, templates here. For example, I can have the company values.
I can add the testimonials, and I can go in and edit the images from my clients and the text and everything is just super easy to set up. Right?
I can also go with a background image instead or a color. So, again, no need to code anything. You can change the layouts and everything directly from here.
Cool. So now we made a few changes, and I wanna publish them. So I’m just gonna click review to publish, and it would give you a breakdown of all the different changes that were made. Right? So that’s very easy to see. And let’s call this UI changes and publish.
And now it’s gonna take a few seconds. It’s gonna save the changes on our side.
And once we get the response, we know that the changes are now published, and we are good to go. Right?
Now if we look at this button here, we can keep building, but I’m gonna go to my home page now. So if I click go on to the development environment, here is my Frontegg account. So this is the vendor portal. This is where you will manage everything that’s happening in your environment.
And first thing to mention is we actually give you four environments, not just one. So the changes that I just made were pushed to the development environment. They do not affect production.
Right?
So I can then go and make all these changes, and I have a ton of changes that I didn’t push.
I can go ahead and push them to staging and promote them all the way to production.
By the way, staging here are optional, so you don’t have to have them in your product if you don’t want to. You can just go from development to production. And this is what I mean when I say, you can work on development without, you know, affecting anything, but actually just push it when you’re ready. Right? The users and accounts are gonna be completely separated in these environments.
Now let’s talk a little bit about applications.
I wanna jump straight into basically the topic that we came here for. Right?
So if you look at the applications page in each of the environments, you can see that we can connect multiple different applications under the same Frontegg account. So this can be an example would be, you know, your company purchases another company, and now you wanna combine all of these products.
Maybe you wanna have even some sort of, some grace period where you have both of these products, and then later you wanna merge them or maybe you wanna keep them separate, you can do all of that refunding. Right? So if we look at each of these applications, we’ll see that each of them has a dedicated ID. So this is the client ID. If you know a bit about OpenID, this is the client ID of this, connection, essentially.
The app URL is where this app is hosted. I’m running locally on my, Mac. And of course, this can be any source on the web, and you can connect your custom domains.
This is the hosted login URL. Right now I’m using hosted login mode. I’m actually going to show you both hosted and embedded in a second.
Then it also has a dedicated secret, so you can use that to make keys.
And then we have a few options here. So auto assign, anyone that is added to this fronting environment will get this application.
And also default app will be, like, the first one that is selected essentially.
And we have a few more options here. Doesn’t really matter for us right now.
And if we look at the second applications that I that I’m going to show, this is the second one. So I’m running that. I have two projects basically running at the same time. This one is running on four thousand. Now give me one sec here.
I just wanna load both of my code samples.
So there we go.
And, you see that I have basically two applications.
So this one and if you look, by the way, at the file here, we’ll see that there’s just very, very little code that we actually need.
Basically, you just wrap your application in the Frontegg provider. In this case, I’m using React, but we have SDKs for Next, Vue, Angular, vanilla JavaScript, and we also have an API only, integration option if you’re using a legacy, you know, system, something like dot net or something like that. Right?
Cool. Now each of these is basically plugged into this one. I have environment variables. In this way, you can just see it.
It doesn’t matter. Right? I’m plugged into this app two here, and in this project, I’m logged. I’m plugged into app one, and I’m having both of them running, side by side.
Right? So now I wanna show you what that actually looks like. So I have it ready here on Chrome, and let’s just go back.
And so this one is the app two running on, four thousand, and this one will be app one running on three thousand. Right? Now this one on three thousand uses the hosted option, meaning we’re, going to the hosted logging box. And you can see here the changes that we made are already applied to our logging box. Right?
And this one, the the second application that I have running, here I’m using what we call the embedded login option. So you saw that with the hostel, we got redirected to the hosted login box. With embedded, if I click the log in, it’s gonna open from the client side. So same exact design, with few changes that I made in code on the embedded side, but basically the same applications and metadata. Right? And you see that in embedded, it opens from the client side. So we also have flexibility in terms of the actual hosting of your application and how you wanna go about that.
Now I’m gonna log in in both of these applications.
So I’m using a password login here, and, I can go with that too here.
Alright.
Let me just quickly go through the I know. It’s an issue. Just one sec.
Basically, I needed to save my password. Never mind. But I have, currently both applications open. So here’s app one. Here’s app two.
And if we look at the token that we got from Frontegg, we can see that, we have the application ID, and the application ID is the client ID of each of the different application.
Applications. Right? So that’s how you can tell in the token which application this user is currently logged into. And I can actually have sessions in both, concurrent applications at the same time.
Cool. So, by the way, I can show you this code sample if anyone’s interested, and you can run this in five minutes, open your funding account, and, yeah, get it working. So now let’s talk a little bit about how that access is actually assigned.
So if you look into the users and accounts page, I’m gonna pull up this user that I just logged in with.
And if you look at this row, we’ll see a few interesting things. So here’s my username and my email. Right? Here is the account that I’m currently logged into. By the way, when I mentioned multi tenancy before, I can be a member on as many tenants as I want to. I can have different roles and permissions on each of them.
I can, see when I last visited them, how many times I visited each one. If I’m enrolled in MFA, there’ll be a check mark here. Right?
And if we look at the applications, you see that I have access to app one and app two in in each of these accounts. Now the way this works is you need to go into the account. And when we say account and tenant, we mean the same thing in Frontegg end. An account or a tenant is essentially a collection of users.
Right? So this can be like a a company that uses your services. Right? You can have a different account for each, individual company.
And then if we go into the applications page, I need to assign the applications. Right now, all my apps are assigned except for this one.
I need to assign the applications to that account, and then I can go and assign each individual user into, each of these different applications. Right? So if we’re going to edit applications, I can go in here and, you know, run whatever I need to do, make any changes I need to make. Right?
Now if a user is not assigned to an application, then they will get an error saying user is not assigned to application when they try to log in. And, you can, of course, customize that error to say whatever you want. If you don’t like that text, you can translate it to different languages as well. So we’re very flexible on, the different options here.
Now another thing I want to mention on the topic of managing multiple applications and, authentication and authorization, we have very robust observability tools in Frontegg you as well. So you just saw me actually logging into two different applications. Right?
And I’ve been running tests earlier with pre hooks. We’ll get to that in a sec. But I wanna mention that, we have all the logs here. So we actually give you access to to different events. Right?
And, in this case, I have a pre op that’s not actually connected to anything, so it’s not doing anything.
We have so we have the logs which are the back end logs, and then we also have the audit logs, which are actions that users perform on the account. Right? And if we look at the the, the production environment specifically, I’m gonna switch over to it. And if we look at the same monitoring tab, we’ll see that there’s a a third tab inside inside the monitoring page, and that is gonna be the streaming option. So if you look at here, we’ll see that we can actually stream these logs to third party services.
Everything you see in here, you just add your, token, basically, and everything streams in real time. And then you can have custom data retention.
You can have your own dashboards, see the most common errors, etcetera. Right? Or you can just look at them from here. I don’t have any events in production right now, but you will when you actually integrate.
And I also wanna quickly mention the pre hooks. So this is relevant for every time a user logs in to any of your applications.
We will trigger events in real time as they’re happening, and you can basically allow or block or change the user, JWT as it’s happening. So if we look at pre hooks, I was testing something earlier for a client. Basically, you can see that I have these three options enabled. Right?
And, for example, every time a user logs in with SSO, we are going to trigger, to your back end endpoint.
And we’re going to send you this data, and you can return this block here to allow or block the action, throw a custom error, change the user, metadata, change their roles, your last name, you know, first name, everything you want in real time. And you have up to ten seconds to respond.
And, fail open here basically says continue even if I don’t return a response.
Do we have any questions so far?
I think there’s a bunch of comments coming in, Roy, about, just how easy everything seems to be and how simple. So you’ve done a great job of of showcasing that this is really gonna help kind of streamline, especially, you know and, Lynn here made a comment about the complexity of identity and access management, when you’re when you’re integrating all of these different platforms, and and I think you’re showing how easy you can make that.
Mhmm. Yeah. Thank you. And just to sort of build on that, we’re now stepping into the world of AI agents in Frontegg.
So one tool I can already show you right now is the flows, tab, which basically it’s similar to what I showed you with the pre hooks, but you can talk to AI. Right? So I don’t know. We can go into the sign up here, and we give you a visual representation of everything that’s happening when a user logs in.
And you see I have these endpoints.
I can go in here and create a webhook that will, you know, trigger when this action happens, when the security rule triggers. So domain was restricted from sign up. I can actually notify, you know, my Slack channel or my back end or whatever I wanna do. And I can also, talk to AI here.
And, Yeah. You see, by the way, that I had a chat from earlier. So whenever a new user signs up, I want to add the read only, role. So great.
I added the sign up here that adds the read only role. So, we can look at that. Right? So this is going to be when the user sign up.
Yep. So this is the pre hook it created for me.
One moment.
So we’re gonna go into Prehooks, and it created the user sign up form. And by the way, it added the code for me. Now I’m currently using, an add on that we have in Frontegg where you can actually run this logic on our side. So every time a user signs up, we’re gonna trigger this prehook, and it’s gonna run on a on a Lambda, basically, on Frontegg end’s infrastructure.
And I’m adding this role to the user in real time as they sign up. And you can have any custom logic you want. You can check certain properties, allow the sign up, block the sign up, you know, etcetera. Right? So we’re making it a lot easier to do time integration, and it’s becoming very quickly, you know, not just for devs anymore. It’s really opening up to different personas in the organization, which we’re really excited about.
That’s a big thing. Hey. The the democratization and not necessarily having only one team that can make changes. You know, you’re you’re really opening this up to break down silos as well, Roy.
Mhmm. Yeah. Absolutely.
Awesome. So I would really love to take a few more questions from the audience. If there’s anything that you’re interested in seeing while I’m showing the platform, if there’s any questions, anything at all, I’m happy to happy to answer.
Yeah. One of the things that just a recurring theme that I’m seeing in the chat, and I’ll and I’ll read this most recent post is it’s simple and follows a natural and intuitive way of thinking.
And I think that’s really great. And it goes to what we were just saying, Roy, that you’re sort of allowing for, anyone to be able to take part, you know, and not just having this live with the dev team, which is also gonna save the dev team a little bit of burnout as well. Right? Like, not having to do everything.
Maybe while we’re kinda waiting for some questions to come in, I’m gonna read some of the questions that we got before you started the demo.
And I think, this one you’ve sort of touched on, but maybe maybe we can go back through it.
So I’ve got a lot of third party apps. How can I ensure that user permissions are consistently managed across the entire ecosystem? What would you say to them?
Yeah. Absolutely. So what we can do here is, first of all, if we go back to the applications page, I like to use Zendesk as an example because I we set this up for our support team in Frontex. So we have a Frontex account. We use our own product. Right? And we have an application here that says Zendesk.
And, when actually, we moved to a different tool, but we used to have it. Long story short, when someone would log in from Zendesk, that would go through Frontegg. So they would see a Frontex logging box like the one we see here. Right? And then they would log in and get sent back to Zendesk with that user, and Frontex would issue the roles and permissions that the user should have.
Right? Now how does that work?
We have if we look under entitlements, we have roles and permissions. So I can create custom role, call it, you know, webinar. Right? And give it, I don’t know, read the webinar or something like that.
And I can make it a default role, meaning everyone gets, all the new users will get this role, or I can assign it to a specific account, account tenant again, same thing. So I control who has access to this account. Right? And, let’s just, I don’t know, give it a few permissions here.
Let’s go with this one, this one.
And, of course, as you can see, I can create custom permissions as well. Cool. So now I created these custom permissions.
I’m gonna go into my user, pull up that user again that I logged in with, and I’m going to edit the roles. And let’s go with, webinar. Right? So let’s just find it. Here it is.
Cool. And, if I log in now again, you’re gonna see that this role is already applied to my user.
And so if we decode the token, here is that real webinar role. Here are the permissions.
And, you can manage that across the different accounts and applications that I’m logging into. So if I assign that Zendesk application, this example, to this account, I could say, for example, whenever the user logs in, we could look at the JWT generation prehook. So this triggers every time Frontegg triggers a web JWT for a user.
So it’s not plugged into anything right now, but you can still see it. Right? So I saw that my user is logging into this application, and then I can check their roles and permissions. Right?
Here are the permissions. Here are the roles. And in real time, I can return the roles and permissions that I want to give them instead. I can also even create new permissions while the prehook waits the response.
Right? So it’s very, very easy to manage. Now I do wanna also just add a a sort of comment broader comment. Right?
I can manage who has access to this Frontegg account. So let’s say you have a support team and or a CS team and you want them to control the different roles and permissions for each of your clients for the end users. Right?
I can go into the administration page, add my users here to the account, and then we have dedicated roles for that. So I’ll show you an example.
I’m logged in with a different user on a different tab here. It has the back office viewer, back office editor, and I believe impersonator role is what I gave them. So if I’m gonna go in here, you’ll see that I have way fewer options on the left side of the screen. Right?
So, again, this is the admin user. I have access to everything. This is the back office user. And what that user can do is essentially go and manage the users. So I can go and edit their roles.
I can, manage the accounts. And another advanced feature we have is impersonation.
So I can actually log in as that user and see what they’re seeing in the product. Right? So it’s a level above just, you know, like, I can actually log in as that user to Zendesk or to my web app or to my mobile app and, see exactly what they’re seeing. So it makes troubleshooting very easy.
Yeah. I love that. I’m thinking of the number of times I’ve said or heard someone say, well, I’m seeing this. And you’re like, how do you how do you say, no. You’re not. I know that you’re not, but now you can check it. I love that.
Okay. We had another question that came in, that was wondering about if if you have any best practices for the process of setting up multi apps.
Yeah. It’s very basically what I showed. So best practice would be, first of all, work start in development. Right? Make sure that you test that before you move anything to production.
Have a basic app. Right?
And I can set share this code. Basically, I have my yeah. If I if you wanna search for here we go.
So I have this repo that I made, exactly for this use case. By the way, we were in funny story about that. We were in lead dev, New York, believe it was this September or July. That was July.
And, we had a competition with who can integrate this fastest. Right? So we had someone in the first place. Took her two and a half minutes to go through the instructions in this readme to open a friendly account, to clone this repo and have exactly the code that I’m showing you right now.
So it’s very, very easy to start testing the different features that I’m showing here and take it from there. Right? So the first thing I would do is to just have this sample repo up and running.
Just, you know, practice inviting a user, signing up as a user just to understand what’s going on. I’m making small changes to the builder UI from the from the LoggerBox builder here.
Once I have that, I would then plug into an actual application. So I would add the second application here.
Right, so I can go and create a new application.
Give me the app URL. You can run this locally. You can have an actual application running somewhere. Right?
And then, from there, I would go into the accounts page first. I’ll make sure I have at least one account. If you sign in up as a user, Frontegg will create an account for you. So you already have that.
Then you assign these applications to the user, and then you can test logging in from both of these applications.
And if anyone’s interested in how this is actually working behind the scenes, we can look at the network tab. And, basically, what’s happening here is I have, in my code, I set up the app ID.
This is the app ID of app one that I showed you in my account. If you look at the authorization request, so that’s part of the off two point o standard. Right? If you look at the payload, we can see that the client ID that gets passed is the client ID that I have set up on my app. And that’s how we know that this user is trying to authenticate into this application.
And our hosted login, and this is a really cool added bonus, will add that source automatically as the redirect URI. Right? So you can basically log in from any source on the web, and then, you just need to tell us that you trust it. Right? So you wanna come here, domains added into the allowed origins. And when using hosted login, you also wanna add it here to the, hosted login URLs, and then you will be able to basically access the Frontegg login box from that URL.
Okay. Right. We’re getting down to our final minutes here. We’ve got our countdown clock ticking away, as we approach the end of the webinar. But I’m gonna sneak in one last question from the audience, and then we’ll kinda do some final thoughts and bring it on home. This is an interesting use case, so I wanted to bring it up.
Question from the audience saying, we are in the process of acquiring a company.
How should we approach multiple applications differently from when we were expanding our product lines versus now in this acquisition phase. What would you say to that?
Oh, so I would say so one of the, you know, amazing things that Frontegg gives you in in that scenario is we give you the option to bring all of those users in under one roof and manage them. Right? So the first thing I would try to understand is, where are these users authenticating from? Right? And we have a few tools that are super helpful for that.
So the end goal, I would assume, is to have everyone manage here on the users, right, under the same account. Now if you want to migrate all those users over, that’s not a problem. We have a very good migration tool here where you basically give us the mapping. So you would export all those users, and all the major authentication providers allow you to export users.
If you have a database, you could just do it from there. Right? Just export them. So you give us the mapping.
You can actually import them with their password if you have the hashes and they’re hashed in one of these algorithms. Right?
And then they’ll be able to log in with the same password as they did before, so it will be seamless migration for them. You can also migrate their phone number and tell us if this is the primary or or multifactor of application number. And you just upload your CSV, and then you’re done. The users are here, and they can start using Frontegg.
If you don’t upload the passwords, they’ll get an error saying you need to reset your password. We’ll send them an email, and, from that point, I will have a password. Right? So that’s if you wanna do the migration.
Now we also have a really cool feature called user pools, which essentially allows you to plug in different sources and use them as the source of truth for authentication, but still control the users from fronting. So I have an example here where I’m going with an external user pool. This is called a code user pool. Okay?
Because we give you the code here. So what I’m doing right here is I’m just sending every time a user logs in, we can actually take a look at that if you’re interested.
Let’s look at an example.
So I’m gonna go in here, and I’m gonna show you what that looks like. So let’s just make sure that our URL is correct. I’m using webhook site, which gives me an endpoint that I can use. Right?
An online webhook, endpoints. Very easy to test. Cool. So it’s the same one. So when a user that’s not recognizing the system logs in, we’re going to pass the information, the event data, to this endpoint, and we’re gonna wait for a response.
We can also pass secrets.
Right now, mine is not defined, so it’s gonna show us no. But, you can pass secrets as well, and you can decode them on your side if you want.
So let’s look at an actual example. Right? I’m gonna go in here.
And, oh, and by the way, also important note there, you need to tell us which application you’re doing that from. So this will be like the new application that you’re migrating, or adding to your portfolio, basically, in this case.
Cool. So now I’m gonna go and make up some, email address. This email doesn’t exist in my system. Right? And it’s I make up some password.
And assuming I didn’t pass my, rate limit quota, which I think I did because this is a free website. Oh, I did it. Cool. So you see that, basically, we got the event here.
Here is the email, and here is the fake password that I just put in. So you can now check on your side, on your back end, or on the other service that you’re migrating from, is this correct or not? And then you tell Frontegg if this is correct or not. And right now, I’m not returning a response. I’m getting an error. I can go in here and edit this, but just a little bit on the scope of what I’m trying to show.
Bottom line is you can absolutely, connect Frontegg to the existing solution.
And then if you turn on real time migration, just in time migration, then if you return a an okay response, the user will now be migrated to Frontegg in real time. Right? So it’s a super powerful tool that allows you to do either, keep your existing solution and use from the all the duties that I showed you in Frontegg.
Right? You can still use that, and then you can turn on just in time regulation when you’re ready to do the actual migration. Yeah. So that’s that’s sort of broad strokes.
I will say that it really varies depending on the use case. So that’s where we would go into demo or a POC. Right? So, basically, talk to us if that’s something that you’re interested in.
Well, that’s a perfect segue to where I wanted to go next, Ro, which is how we get started. So I’m gonna ask you to stop screen sharing, and I’m gonna put up a QR code that we have for everyone out there so that you can go and try. And so you have the opportunity to try Frontegg for free just a a free trial.
Is that right?
Yeah. Yeah. That is correct. If you follow the QR code, you should get to our website, and you can sign up for a free one month, fully featured trial account.
That’s awesome. Another way that you can let Frontegg know what additional information that you’d like, there’s actually a poll that we’ve got open for you right now. You can go click on that. Let them know, you know, hey.
Here’s specifically what would help me in follow-up. And so this is basically hitting the easy button. You’re automating exactly the response and follow-up that you’re gonna get from Frontegg. Make sure that you get exactly the information you’re looking for.
Roy, I think as we’re wrapping up, I’d like to ask you for sort of one final thought. If there’s one thing you want everyone to know about front end or as they’re considering, you know, the the user experiences and and user management that they’ve, we’ve been talking about today. What would be that one key takeaway or action step?
Yeah. I would say definitely check us out. We have a ton of features. There I only really scratched the surface of what, we are able to do.
So please reach out to us if you have any questions, and we’re happy to set up meetings, demos, and, yeah. Oh, one more thing I wanna say about that is if you go over to our docs page, talking about AI and making stuff easier, we actually added an AI agent that you can talk to and ask questions, and it will give you screenshots from our docs and, you know, give you different options of how to do stuff. So that’s super useful. Check it out.
Love that. Okay. Well, Roy, as you said, there’s lots more to dig into here. So I hope that we’ll get to have you back sometime soon. We can talk a little bit more. But I wanna thank you so much for joining us here today. This has been a ton of fun.
Thank you. Alright.
Thank you.
And to all of you who are asking some great questions, keep those questions coming.
I know that Roy and I didn’t hit all of them. So please do continue to get your questions in. What we’re gonna do is take all of your questions that you’ve asked and send to the Frontegg team. So you will get responses back in email follow-up.
I also wanna say, if you haven’t visited the docs tab yet, go right now and spend some time clicking around. You’ve got a couple of one pagers, and I love they’ve got these wonderful sort of infographic style one pagers available for you. So, Exploring Frontegg advanced entitlement platform takes authorization to the next level. So this is getting in, to a lot of what we just saw talked about today, you know, avoiding that limited context awareness, and and being able to handle the really complex configurations that a lot of you are facing right now.
There’s also a a one pager on Frontegg multi app capability, creating a unified off experience to decrease complexity. That’s a constant theme of our day today. Right? We’re taking away complexity.
We are simplifying.
You can walk through how to get started on migrating users to Frontegg. That’s a great one. I saw a few of you asking about, you know, starting up and and what that looks like. So you can walk through that, really wonderful description of of what it’s like to migrate over.
And then another, kind of infographic style one pager, customer identity for the whole team, how you can distribute the responsibility of identity beyond engineering teams. So these are lots of great resources. They are all available for you. They’re in the docs tab, and then you can sign up right there for that free trial.
So make sure you do that. Alright. While you’re doing all of that, while you’re asking your final questions, clicking on the poll, opening up the docs tab, I am going to reward you for all that hard work with a prize giveaway. I do also wanna comment here.
Diana is going to open up a survey for all of you, and this is going to run over on the right hand side there. So please do take a second. Let us know if you have some thoughts on on, if we were able to kind of hit you with the right info at the right time with this webinar. We would really love to hear from you.
Now as always, we will be in touch about claiming your prize after we wrap up our event.
And that is now. That is here. I can’t believe how fast this webinar has gone by. What a wonderful e afternoon, evening, morning, whatever time of day.
Time has no meaning, that it’s been. And I wanna thank all of you for joining. You know, on behalf of the actual tech media team, a big thank you to Frontegg and to Roy for bringing such a wonderful conversation to life. It is so cool, and we get to get into a live and interactive demo like that and kinda respond to what you are all interested in in real time.
You know, I I’d like to see this a little bit more. I’d like to explore that a little bit more. And Roy just being able to kind of take those requests on the fly and walk us through that was really exciting. So, big big high fives, and thanks to Roy for that and to the Frontegg deck crew.
I also wanna send a big thank you to all of you, a big high five and and sparkly gold star to all of you for attending, for asking some really wonderful questions. You know, I think we’re all walking away with a little bit of a better understanding of some of maybe the challenges, that we might be facing, especially with sign management across multiple product lines.
And maybe we’re we’ve got a better idea of how we could prioritize that personalized login experience, those permissions for each app, you know, really making sure that we’ve got that outlined in a way that can save time, save resources, reduce some of that burnout, and really improve the overall experience for our end users, which is wonderful. We get to streamline. We get to simplify. We get to stay secure.
All the best things we talked about right at the start of our webinar. All the things we need more of in our life. Well, I know that I have learned a ton, and I hope that you all did as well. I hope that I get to see you all at a webinar again soon.
And until then, have an absolutely beautiful end to your day. Thanks all.
The Complete Guide to SaaS Multi-Tenant Architecture
