Led by Tim Sedlack, with Jake Feasel.
- Tim made this to be an interactive session - now is the time to give feedback to ForgeRock.
- Introduction to "CDM" (Customer Data Management), but specifically social registration was covered: Make it as easy as possible for your customers to register with you.
- We are building this within a new / additional self registration stage.
- Pre-fill fields from social IDP, but then provide the options to fill out additional info.
- Tim showed brand new wireframes for this.
- Discussions around what is the value of providing more than one social IDP:
- Concern is (as an end user) to know what is being fetched from the IDP.
- We plan to make all this configurable by the admin, according to companies own policies
- (e.g. fb public profile, plus some additional info like friend list. But of course user will have to consent to it).
- Consent management is very important for CDM!
- One attendee stated that consent management is so complex, globally, that they use a dedicated service for it.
Q: Are we talking about using social identity for sign-on, or social logins?
A: (Tim) The way it works is going to be you would login with a single social account – FB or Twitter, for instance – and then you would authenticate with other social accounts.
Q. How do I know what I’m getting back when I let people sign in using Facebook?
A. (Tim) We’ll enable administrative control over the data you’ll be accessing. For instance, you don’t want random data – friends list, photos – coming back.
Q. The way we deploy applications, we have contracts with Google, Microsoft, etc. Multiple applications. We don’t want to have to authenticate for each and every interaction. (Tim’s going take discussion offline).
Q. How do we offer a way for two or more individuals to access a single account?
A. If you have multiple social IDPs you can do it. It sounds like you need delegated access in this case.
- Marketing Consent: the concept of having consent to send commercial email, feed ads, etc.
- Progressive Profiling. Would this be a valuable capability? Group agreement that this would be a good feature to have.
- Q: Does progressive profiling happen at authentication?
- A: Yes, that’s how we do it.