Laposa | Identity Platform

Identity Platform

An integrated and scalable identity management solution that bridges Musgrave’s online ecosystems under a single unified authentication and user management platform.

Client | Musgrave Limited
Industry | Retail
Technology | TypeScript · Identity Cloud
Completion Date | 2020

Deployed

7

production apps
Serving over

550k

unique users
With over

30mil

API requests processed monthly

The Challenge

As a retail giant managing several distinct brands, Musgrave faced a growing need to unify their customer identity management system for:

Seamless cross-brand login with Single Sign-On (SSO) functionality.
Customizable user interface elements across different brand applications, all maintained from a central content management system.
Compliance with GDPR and increased focus on consent management, data privacy, and Right to be Forgotten capabilities.
Evolving customer preferences for social login and tailored communication, including multi-channel outreach (email, SMS, push notifications).
Seamless integration with third-party platforms like Shopify and Wynshop for eCommerce.

The existing system comprised disjointed customer databases across multiple brands, disparate login systems, and manual processes for consent and account management updates. Not only were these factors creating inefficiencies, but they also created friction for end-users, ultimately hampering Musgrave’s marketing and user engagement efforts.

The Solution

To overcome the challenges, our team developed Identity Platform, an integrated and scalable identity management solution that bridges Musgrave’s online ecosystems under a single unified authentication and user management platform.

At its core, the Identity Platform connects multiple brands into one seamless identity service across web and mobile applications. The solution leverages Akamai Identity Cloud for secure identity management and enhances its capabilities with additional features tailored to Musgrave’s multi-brand needs.

Key
Features

Login and Registration: The consistent design and experience across login and registration flows, coupled with personalized content management, further ensures that users feel a sense of cohesion and trust no matter which brand they interact with, ultimately leading to higher user satisfaction and brand loyalty.
Multi-Factor Identity Management: Comprehensive user account management including registration and login through OAuth 2.0, identity federation, forget-me/delete accounts, and password resets.
Consent Management: Full compliance with GDPR and global privacy regulations through third-party and built-in tools for managing consent for various agreements (e.g., terms and conditions, cookie policies).
Email Validation with Suggestions: Integrated MX record-based email validation, allowing automatic checks for typographical errors in domain names (e.g., suggesting fixes like gmil.com → gmail.com). The system proactively checks against a database of the most common email domains.

Administrator Control via CMS: Instead of having to tweak multiple systems and interface components, Musgrave can centrally manage the appearance and configurations of all branded login widgets via the Onyx-based CMS, built with a good mix of flexibility and control.
OpenID Connect Support: The solution also offers OpenID Connect Provider functionality, enabling third-party applications to federate identifiers and authenticate users via the identity platform.
Shopify Integration: Through Shopify’s Multipass feature, the platform seamlessly integrates Musgrave’s e-commerce portals, allowing for frictionless shared authentication between Shopify-powered stores and other brand applications.
Webhook-Driven Updates: Provides real-time, event-based updates for downstream systems (CRM, email marketing, push notification centers). This ensures that when user attributes (email, preferences, etc.) are updated, all connected platforms are synced instantly.

Technical
Highlights

Identity API: Serves as the central hub for login/registration and integrates with Akamai’s Identity Cloud for authentication. It controls the look and feel of the identity-fronting components to maintain a consistent experience across all Musgrave brands.
Vue.js SDK: Components were built using Vue.js for fast-performing front-end widgets that provide seamless login and registration experiences. These can be easily customized for brand-specific needs.
React Native SDK: Extends robust capabilities to mobile applications through a purpose-built React Native SDK. This SDK integrates directly with the Identity API, ensuring a consistent and seamless user experience across mobile platforms, similar to the experience users get on the web.

Multi-Brand Scalability: The solution is currently live with 7 instances across 4 brands, each of which uses a shared backend database, making the platform highly scalable. As newer brands come under Musgrave’s umbrella, this app ecosystem can support addition without incremental development work.
Webhooks Infrastructure: Several webhook-based triggers were set up to automatically update downstream systems (such as email and push notification platforms) when key user events occur (such as profile update, password resets, or account deletion).
Deployment Environment: The entire platform runs containerized on Debian-based Docker images for ease of deployment and maintenance.

Robust and Scalable Infrastructure

The deployment of the Identity Platform was architected with scalability, security, and high availability in mind. The entire solution is containerized and hosted within Azure Kubernetes Service (AKS), allowing Musgrave to leverage the flexibility and reliability of a cloud-native infrastructure. Each instance of the platform runs as a series of Docker containers within the Kubernetes cluster, which is configured with horizontal autoscaling to automatically scale up or down based on traffic demand and resource utilization. This ensures that, even during peak times, the platform remains responsive and resilient, providing a seamless experience for users across all brands.

For enhanced security, the infrastructure is safeguarded by a Web Application Firewall (WAF), which protects against common web exploits and attacks, such as cross-site scripting (XSS) and SQL injection, ensuring that user data remains secure in compliance with industry standards and regulations. Additionally, the containerized deployment model allows for easier management, faster updates, and more consistent application behavior across environments, reducing potential downtime and operational overhead. This containerized setup, combined with Azure’s robust disaster recovery capabilities, ensures that Musgrave’s identity platform remains highly reliable, secure, and ready for future growth in an ever-evolving retail landscape.

The Results

After implementing the Unified Identity Platform, the Musgrave Group experienced immediate and far-reaching benefits across multiple facets of their digital ecosystem, including:

Improved User Experience

Customers no longer need to navigate multiple registration processes on separate brand websites or apps, reducing frustration and eliminating the need for duplicate accounts. This shift significantly reduced friction in the user journey and increased user satisfaction.

01.

Streamlined Administrator Control

Using the Content Management System, Musgrave’s team can centrally control and customize the look and feel of the identity components for each brand, reducing maintenance costs and admin overhead.

02.

Increased Security and Compliance

The integrated consent management and “Forget Me” features ensure compliance with GDPR and other privacy regulations, while layered security (OAuth 2.0, OIDC) enhances user trust.

03.

Better Data Consistency

With webhook-driven updates, Musgrave saw an improvement in the consistency between user profiles and downstream systems like email marketing and eCommerce platforms. MX Record-based email validation reduced the incidence of incorrect email addresses being used during registration, which in turn improved the success rate of email marketing campaigns.

04.

Cross-Platform Harmonization

Centralized identity management and integration with third-party services like Shopify means that users experience a consistent and cohesive interaction across all touchpoints, despite Musgrave being a multi-brand entity. This uniform experience strengthens brand loyalty and trust.

05.

Cost Efficiency and Scalability

By deploying a unified solution with shared infrastructure across multiple brands, the solution not only reduced IT management costs, but also facilitated scalable growth, allowing new brands to easily plug into the system as needed.

06.

Conclusion

The Identity Platform has empowered Musgrave to provide a top-tier customer experience by unifying its identity and authentication management across multiple brands, eCommerce platforms, and external systems.

The integration has not only led to increased user engagement and operational efficiencies but has also positioned Musgrave to better safeguard user data, all while staying compliant with critical regulatory requirements.

Next Step

If you're looking to improve how your customers interact across platforms, streamline compliance, and unify your digital identity management, let’s explore how we can tailor a solution for your business ecosystem!

Get in Touch