Unified Identity Management for the Travel Data Analytics Products
Cornerstone Information Systems provides clients with data insights that enable them to manage trips more effectively and lower travel management expenses. Founded in 1992, Cornerstone is a privately held company headquartered in Bloomington, Indiana, with customers in more than 50 countries.
Cornerstone has multiple applications (iBank, iQCX, TravelOptix) that are usually purchased and used by the same customers. However, each application was implemented as a standalone product, and uses different technology stacks, as well as their own identity provider (IDP). One of the difficulties is that each product requires separate account for the client to log in, which results in a complex management and a time-consuming onboarding.
As an innovative company, Cornerstone creates new products on a regular basis, and it has become essential to streamline the authentication process by introducing single sign-on solution (SSO).
As a solution to existing problems, the customer decided to establish a marketplace of their products with the unified identity management for the clients.
DataArt designed and implemented a unified hub based on AWS technology stack and built with Serverless methodology.
The new modern customer-facing portal allows end-users easily start legacy products with SSO and has an admin panel for clients, organizations, users and roles management. Federated IDP is based on Cognito and includes separate user pools per client. All backend services including API, legacy DB synchronization, SAML attributes mapping were implemented using AWS Lambda technology (NodeJS).
As a result, Cornerstone's clients will benefit from the self-service access management by means of the seamless workflow with SSO.
Convenient access management
Access to all the products can be managed from one place both on user and organization level thanks to a new modern UI.
Cost optimized solution
Cost efficiency was achieved due to modern tech stack and reusable Customer Identity and Access Management (CIAM) component.
Introduced bundle offering so that clients could discover and purchase more products
Amazon Cognito, AWS Lambda, Amazon SQS, Amazon DynamoDB, Amazon S3, Amazon API Gateway, Amazon Route 53, CloudFront, Amazon CloudWatch, AWS X-Ray.