Thomas:

Specifically, we were looking at two regional centers: one in China for China, and one in Germany for the rest of the world. As a foundation, we chose a managed Kubernetes infrastructure provided by the customer’s hybrid cloud. The products we used were solutions from Ping Identity: PingAccess, PingFederate, PingDataSync, and PingDirectory. We implemented the managed Kubernetes solution using our Service Layers managed service platform.

This allowed us to create both infrastructure and configuration as code – and meet the very tight deadline. With Service Layers, we offer our customers something truly unique: IAM as a managed service, with global availability, based on market-leading products. The platform combines the flexibility of on-premises products with the simplicity of IDaaS, all with 100% support for DevOps and agile working models. We offer our managed service in the customer’s public cloud instance (“bring your own cloud”), in the customer’s data center, or hosted in Service Layers’ public cloud.

Heiko: “From concept to a stable running system in one year. Why was the timeframe so ambitious?”

Fabian:

Several factors came together. First, China had given us a hard-and-fast deadline to release a number of applications. Second, a competitor’s team was developing a system in parallel, leaving us no room for negotiation. So, we did what we could.

Thomas:

We took it in stride. In fact, for us, everything initially revolved around bringing together a new team on the customer side. A corresponding knowledge base also had to be created there. And then there was the coordination between all the departments involved. These departments all take an agile approach. However, because of the very broad-based project, there were several product owners with different prioritizations. Our initial role was often to mediate, and to recommend alternatives that were viable for everyone involved.

Fabian:

There was also the newly developed Chinese frontend. The Chinese colleagues on the client’s side did a good job. But the coordination, testing, and bug fixing were sometimes a bit difficult. Also, because third-party companies were still involved.

Heiko: “For us, that was certainly not ideal. But from the customer’s point of view, this openness is a clear advantage. Especially when it comes to minor adjustments by service providers on site later on.”

Thomas:

Sure thing. There were just a few points whose effects were not clear to everyone at first. For example, the ADA adjustments for the American market. ADA is the Americans with Disabilities Act. It sets very strict requirements in terms of usability for people with physical disabilities. And then there were the decisions that were often made very dynamically. But, hey, at the end of the day, we got it done.

Heiko: “But the actual go-live was another challenge, wasn’t it?”

Fabian:

Yes, of course. After all, we had to synchronize three instances while meeting all of the respective legal requirements: the old CIAM system, and both regional instances of the new system in China and Germany. And over 200 applications had to be migrated to both regions. Among them were heavyweights like WeChat, the Chinese all-purpose app with several million integrated users. I think everyone involved was nervous before the go-live – all the way up to the C-level, which had given the project highest priority from the very start.

Thomas:

But it worked out. For a project of this size, and given the very ambitious timeframe, the start went extremely well. Over the following months, the applications were largely migrated smoothly. The last few will have been moved by the end of Q1, and then the legacy system can be switched off. A resounding success for all three parties involved: xdi360, iC Consult, and Service Layers.

Heiko: “So, where are we today? And where do we go from here?”

Fabian:

We now have a solid, regionalized CIAM up and running. The legacy system migration is almost complete. Now it will be a matter of implementing all the future-oriented features that the various stakeholders in the company have been dreaming about for a long time and that extend far beyond the previous CIAM solution that has now been replaced.

For the customer, the project has paid off on every level. First, Chinese user data can now be used in a compliant way. Second, all markets benefit from a significantly more powerful system. And third, any future extensions, additional regionalization, or adaptations to other brands can be implemented with minimal effort – thanks to our use of Service Layers. It’s fair to say that we did a really solid job.