CIAM Solutions- FAQ3: What is the best user store type for your IAM solution?
Auser store is one of the key components in an IAM solution. As the name suggests user-store is utilized in storing user information or user identity data. User identity information is categorized as critical data of an organization. If this information is breached, the trust towards the organization and the reputation of the company would be lost. Moreover, restoring trust and reputation is utterly expensive and time-driven. Hence, selecting a correct user store with proper security measures is a must when building an online system.
What are the main types of user-stores available in the market (cloud or on-prem)?
- LDAP — OpenLDAP, Enterprise LDAP
LDAP/S is the protocol that defines how users, devices, and clients can communicate with a directory server. LDAP also provides a framework for how information can be organized and represented within a directory. These directory types follow a hierarchical tree structure. Open LDAP is an open-source implementation of LDAP protocol.
- Active Directory— Local AD, Azure AD
Active Directory is a directory service that stores user and device account data in a central location for Windows-based network, device, application, and file access. This is introduced by Microsoft/Windows as an on-prem directory service and later moved to the cloud as Azure AD. AD is comprised of more features than Open LDAP. This also follow a hierarchical tree structure and supports LDAP protocol.
- Relational Data Base Management System — MySQL, PostgreSQL, Oracle DB
A relational database is a type of database that stores and provides access to data points that are related to one another. They are based on the relational model. Each row in the table will contain a unique key and the columns of it will hold the attribute data to build up the relationship between data points. There are many vendors in the market who sell RDBMS-type databases. MySQL is a common opensource DB type used by many consumers
- No-SQL — Mongo DB
These use a non-SQL or not only SQL approach to design databases and to store and query data outside the traditional model. Instead of a typical tabular structure, No SQL uses one data structure such as a JSON document. This DB is a distributed database type that offers rapid scalability compared to other types. To manage high data volumes at high speeds, these types of databases are used.
How to select the best user-store type for your requirements?
When selecting the user store, you need to identify your key requirements as well as the budget you have.
For companies who are looking for strong technical capabilities at less price— open-source tools can be a smarter choice. The majority of them have free licenses to download and try them out to build up the POC. Thanks to the large open-source community and the contributors, Open Source software are very stable and well tested. Hence, open-source user-stores can be the best alternative for your projects if you are looking for a cost-effective solution.
What is better AD/LDAP or JDBC?
In a nutshell, if you are dealing with more than one million users and if you require a more scalable database with high performance, it is better to select a JDBC type database over LDAP or AD. No-SQL database is a bad choice for user data as they are more designed for big data and analytics.
Moreover, many open source IAM vendors like WSO2 Identity Server does not support NoSQL databases as a user-store.
So based on the pros and cons of each user store type you can decide which to pick!
Hope this will help you out in making decisions!