Frontegg, a SaaS-based customer identity and access management (CIAM) provider, has launched an entitlements engine. The new authorization management capability is aimed at helping app developers and revenue teams streamline access authorization. The entitlements engine will be powered by context-aware logic controls (CALC) technology to effect context-based, fine-grained authorization controls, Frontegg said. The engine, which can be added to Frontegg’s namesake CIAM platform, is a suite of identity management capabilities that includes authentication, onboarding flow design, user management, self-serve account management, etc.
Sagi Rodin, the chief executive officer of Frontegg, said in a press release, “The old way of building SaaS apps required the use of many different solutions to solve in-app entitlements — role-based access control (RBAC), attribute-based access control (ABAC), feature flag management, subscription management, free trial provisioning anomaly detection, and others, requiring a lot of APIs and working with many different vendors, With our CALC-powered Entitlements Engine, we provide all of this functionality and more in a single API.”
The new entitlements engine allows developers to shift entitlement workstreams left, letting anyone make changes formerly requiring additional code or additional vendor integrations, according to the company. The idea is to expand on existing CIAM systems’ focus on authentication for protection against phishing, account takeovers, and other identity-related attacks, to allow for authorization management, defining the type and number of resources to be accessed.
Jack Poller, an analyst at ESG Global, said, “In today’s SaaS environments, the next step after authentication is authorization — once the customer logs in, they need to be authorized to use a subset of features and access a subset of available data. Each SaaS environment has unique authorization requirements — a cloud file store (Microsoft OneDrive, Box, Dropbox, etc.) have simple entitlements such as read, modify, or share, whereas other environments can have complex and multiple entitlements.”
Frontegg’s CALC enables SaaS app developers to incorporate a user database for both authentication and authorization. The engine provides a visual dashboard to allow non-technical users to design product bundles for entitlement without the need for additional codes, complex configurations, or products from vendors. Frontegg’s entitlement engine allows engineering, product, and business teams to create endless customizations for customers, making entitlement changes “as simple as toggling a button,” according to the company.
Frontegg showcased the new capability at the Identiverse conference in Las Vegas this week and has made it immediately available to users. Frontegg’s entitlement engine allows engineering, product, and business teams to create endless customizations for customers, making entitlement changes “as simple as toggling a button,” according to the company.
The engine also enables blocking or requiring additional measures such as multifactor authentication for users by tapping into real-time identity attributes such as geolocation, impossible travel, device type, network signature, and client vision.