New identity management system for KiwiOS

We have comprehensively overhauled our KiwiOS identity management system (IDM). To further reduce our platform's susceptibility to errors, we have converted our previously self-developed IDM system to a standard system. This ensures even greater interoperability and security for our customers and end customers. The new IDM system also offers an improved and intuitive user experience. Thanks to its modular structure, it is ideally equipped for the upcoming scaling of our platform.

What is identity management?

An IDM system is used to manage the identities of different end users of the platform as well as the identities of individual services. Identity management includes authentication as well as authorization. The difference between the two concepts can be explained using the following example: Before you are allowed to board a plane at the airport, you first have to show an ID card or passport to prove your identity. This step is an example of authentication. Once you have proven your identity, you are then allowed to board the aircraft – whether as a guest, a pilot or a flight attendant. This step is called authorization – it determines which rights are linked to your particular identity.

An IDM system uses authentication to ensure that individual identities can be recorded and separated from each other according to specific characteristics. This prevents unwanted overlaps, such as customer A not being able to come into contact with customer B at any time. As part of the authorization process, the IDM system assigns certain rights to individual identities, for example, granting an installer access to the Installer Center, while denying an end customer this access.

Some of the IDM functionalities are available to Kiwigrid's customers via the platform product, which is available for all SaaS and PaaS products. The renewal of the IDM system therefore affects Kiwigrid's entire product range.

Advantages of the new IDM system

Kiwigrid's IDM system has been completely renewed and modernized and is now in line with industry standards. For example, the OpenIDConnect (OIDC) standard, which is based on the OAuth2 framework, is used for authentication. Using industry standards brings decisive advantages: the standards enable interoperability with other IDM systems.

If new customers want to use Kiwigrid's platform but already have their own software solutions such as a customer database in a CRM and don’t want to duplicate their customer base, this data can now be integrated into Kiwigrid's IDM system via standardized interfaces.

The new IDM system can also fulfill security requirements more easily: Conformity with modern open-source standards contributes to even greater security because these standards are continuously reviewed. A certified IDM system that follows certain standards makes additional, independently conducted security audits unnecessary. Standardization also enables compatibility with other identity providers (e.g. Apple or Google).


Want to learn more about Kiwigrid and our Energy IoT platform? Check out our platform page and follow us on LinkedInfor the latest news!