In this day of age, one of the most important aspects of any digital ecosystem is a scalable user management layer, which could seamlessly adopt to your growing ecosystem and continue to satisfy the needs of your business. Despite OutSystems providing extremely reliable user management capabilities out-of-the-box, the need to expand these existing capabilities will become increasingly apparent when you start scaling your ecosystem with larger audiences and larger number of applications.
In this article I will use the global user management solution built at Certis Security Australia, a leader in the field of security which provides expertise in industries like aviation and critical infrastructure, as an example to highlight 4 key functionalities global user management solutions provide and how those played a vital role in maintaining & quickly scaling Certis’ large digital ecosystem.
What is Certis People?
Before delving into the functionalities of a global user management solution, it is important to explain how Certis’ global user management solution, Certis People, came about and why it was desperately needed to enable Certis’ digital growth.
To set the scene, the digital ecosystem at Certis is extremely extensive – at the time of writing, Certis has successfully delivered 9 fully operational applications in a single OutSystems environment including native mobile apps, progressive web apps, reactive web applications and traditional web applications. Each application targets a defined subset of users and delivers a specialised range of capabilities: from mission-critical to self-serve functionality. This family of apps demands an easy to maintain and scalable user management solution which they should all consume.
The need to re-architect the user management piece at Certis and enrich the built-in capabilities came after the delivery of the first four applications. By then, each application required a ‘user extension’ entity which stored additional user information and whilst some of that data is application-specific, the need to expose most of it with other applications and services became more apparent. Therefore, when the fifth application required another ‘user extension’ entity in addition to data defined in the first four apps, it made sense to start working on a standalone user management layer which consolidates all of that user information and exposes what is needed to those end-user applications. This need brought Certis People to life, a standalone web and service application which aims to extend the built-in user management capability with generalised and Certis-specific user functions.
1. Rich User Profiles
One of the immediate benefits gained from consolidating user data is the ability to build and maintain rich user profiles. Storing and maintaining user data in a single repository allows for better user behaviour analysis across your entire ecosystem. As a result, businesses can use this data to further tailor user experiences to appeal specifically to user interests and problems.
In Certis People user profiles have been continuously evolving, since it currently serves nine applications, and now include profile pictures, user signatures, user documents & certificates, linked mobile devices, facial recognition logs, user auditing, app-specific configuration and user synchronisation history.
Taking this a step further, and to fully leverage these user profiles, Certis People is made accessible to a limited number of internal stakeholders easing their day-to-day tasks of managing these users. In addition, the ability to leave comments and receive email notifications when another members of the team comments on a user profile has also been made possible directly with the user profile page, promoting collaboration and communication within the internal operations team and ensuring that profiles are kept up-to-date.
2. Standardised User Onboarding & Recycling Flows
Typically, a growing ecosystem results in increased user onboarding complexity. This can be due to various reasons, however, one scenario that is often faced is the deviation of onboarding processes between applications because of application-specific rules and the need to consume different source systems.
At Certis, this challenge was experienced prior to the introduction of Certis People. Given the nature of work in the security services domain, and specifically the guarding field, the same guard (user) could exist in multiple source systems and due to the need to sync users from both systems the same guard would end up with 2 OutSystems user accounts. Not only did that degrade the user experience, but also created additional constraints on user limits of the OutSystems license.
This was resolved by 2 main points:
- Standardising and abstracting the synchronisation process of external source systems, making existing synchronisations and potential new ones extremely straightforward to integrate with.
- Executing these standardised processes directly in the global user management solution to unify the monitoring process and consequent user onboarding.
As part of the new standard flows, each process captures which users successfully synced, failed to sync (with clear indication on what the cause of failure is) and which users were updated. These abstracted periodic processes have also been enriched with complex business logic to automatically merge user profiles and prevent the previous issue of user account duplication. At the end of the user sync process, newly created users are automatically onboarded onto the required Certis applications and welcome emails containing next steps are automatically sent to the user.
User recycling is another important feature governed by Certis People. This is established by running a daily process which uses a series of complex conditions to determine which users are to be deactivated or activated. This ensures that the number of active OutSystems users is being correctly sustained, guaranteeing the ecosystem is always within license limits. This also ensures that inactive users cannot access any of the end-user applications when they shouldn’t.
3. Global User Management Services
Following the pattern of standardisation of user management, the ability to encapsulate authentication, authorisation and business logic in a exposed service actions and be consumed in end-user applications becomes easier than ever when global user management solution is established. This approach promotes ease of maintainability of those flows, since all that shared logic would be maintained in one place, and significantly ease scalability, since these services are easily accessible by new applications.
In Certis’ ecosystem, there are 3 main global services exposed by Certis People which are consumed by all end-user applications: a global login service, a global logout service and a global password reset service.
The global login and logout services encapsulate the built-in OutSystems login and logout functions in addition to a combination of business-specific logic required in each process. For example, the global login function includes tailored auditing, the ability for a user to seamlessly activate themselves on login (only applicable to a particular set of users) and password expiry & policy checks. With all of that being captured in a single service, its extremely easy to enrich any future applications with the same abilities.
The global password reset function enables any web and mobile end user application to leverage the password reset flows defined in Certis People. The standardisation of this flow includes token management (which are invisible to the end user application), required web pages for password resets, password policy definitions and rules and triggering the email for this flow.
4. Acquisition Data and Statistics
Leveraging all the intricate processes described above, the ability to collect user statistics and application-specific acquisition data becomes very easy. The value of such data provides first hand evidence on user interactions which could not only be used for reporting but studying user behaviours as well.
Certis People achieves this by running periodic user statistics processes which capture snapshots of user counts based on source system. It then provides a dedicated statistics page in the global user management solution would illustrates the user onboarding and offboarding trends. These statistics can be filtered by dates, source system and user type. User acquisition data is also made available in solution via a plethora of app-specific reports providing statistics around app downloads, logins, logouts, password reset requests etc.
A well established ecosystem is the result of years of agile development, continuous enhancements and market research. Simultaneously, the need to supplement a growing ecosystem with a standalone global user management solution becomes more of a necessity than a nice-to-have ability.
Through the implementation of the core functionalities previously discussed, you will be able to elevate your OutSystems ecosystem and take your user management processes to the next level, accelerating the expansion of your business’ digital footprint.
Connect with Ossama on LinkedIn
This article was originally published on linkedin.com.