Auth for business software (B2B) shouldn’t look the same as auth for consumer software (B2C). In many cases, it actually can’t work the same way.
I’ll cover three important buckets of differences between B2B auth and B2C auth:
Logical isolation and tenancy models Priorities and trade-offs Protocols and features
By the way – let’s use auth loosely here and let it subsume related stuff like user management. Similarly, let’s just imagine away the vague grey area between consumers and businesses (e.g., software for sole proprietors) and focus solely on obvious consumer apps and obvious enterprise products. A simplified model of the world helps make things clear.
Logical isolation and tenancy models
In B2C software, your customers are your users. They’re individual people that control their own accounts. Things don’t work that way in B2B software. Businesses want to control their users’ access; and within a given business, not all users should work the same way. This has pretty significant implications for auth.
Let’s first look at tenancy in consumer software and then take a glance at business software.
Users: First-class tenancy in consumer software
In a consumer application, we primarily care about individual users.
To illustrate what this looks like, I went to Club Penguin Legacy and created an account for myself. Signing up for a CPL account is pretty easy. Aside from email verification, all you need is a username and a password.
... continue reading