Imagine managing multiple logins across systems, manually assigning permissions to new hires, and rushing to revoke access when someone leaves, all while ensuring security at scale. This was the reality of our old identity setup. As Gomibo Platforms evolved,the need for a robust, centralized Identity & Access Management (IAM) solution became unavoidable.
I’m Jarno Jellesma, software engineer at Gomibo Platforms. Over the past months, I’ve been leading the IAM project to make sure our authentication and authorization processes are more secure, scalable, and seamless across all services.
This project was both challenging and rewarding. Designing the architecture, making technical decisions, and working with colleagues across teams gave me the chance to grow as an engineer, and to strengthen the foundation of our platform that telcos around the world now rely on.
In the previous version of our platform, user authentication and authorization were scattered across applications. Employees had to juggle multiple credentials, making onboarding and offboarding inefficient and error-prone. For a telco-grade SaaS platform like ours, this kind of fragmentation increases both administrative overhead and security risk.
That’s why we set out to implement a modern IAM system that:
For telcos using our software, this means faster processes, stronger compliance, and smoother user experiences.
Rolling out IAM in one big move would have been too disruptive. Instead, we chose a phased approach.
We first integrated IAM and SSO into our newly updated service-oriented system. Starting here was crucial: our SOA required a scalable, standardized identity layer from the beginning.
The next step is extending SSO to existing inhouse applications, including third-party tools. This way, authentication becomes unified across all our systems, allowing this to be a feature that can be rolled out to our telco clients. By working incrementally, we ensured stability while steadily improving security and usability.
For us, IAM is not just about security, it’s about creating a frictionless experience. Employees and agents should be able to log in once and access everything they need without hassle.
We chose Okta as our identity provider, giving us cloud-based scalability, Multi-Factor Authentication (MFA), and automated provisioning. We implemented OAuth2 with OpenID Connect for a standardized, secure login experience, and Role-Based Access Control (RBAC) tied to HR data for dynamic permission management.
To remove manual account handling, we adopted the industry-standard SCIM protocol. With it, user accounts are created and revoked automatically, saving IT time and reducing risk. We even built a custom SCIM service that publishes updates to our event bus, keeping all connected services aligned without direct dependencies, showed in the figure beneath.
This setup now allows our telco clients to benefit from the same secure, efficient, and scalable IAM backbone that powers our platform.
Implementing the new system brought challenges that required us to rethink how we approached identity. In a service-oriented platform, each service must rely on a central IAM layer. That makes reliability and standardization highly critical.
We had to go deeper into protocols like OAuth2, OpenID Connect, and SCIM, which are standards that are straightforward on paper but complex when applied across a distributed environment. The goal was always to balance security with usability, ensuring that authentication flows were both robust and seamless.
This shift from our old local, manual management to a scalable, federated approach, was key in turning IAM into a SaaS-ready component that strengthens Gomibo Platforms and delivers value to the telcos using our platform.
For Gomibo Platforms, IAM has now become a scalable SaaS component of our commerce platform. It ensures security, improves efficiency, and provides a consistent experience across all channels.
Whether you use Okta or opt for a different identity provider, our SaaS platform provides a robust backbone to ensure high quality IAM.
For telcos, using this component allows:
Modernizing IAM is just one example of the system-level challenges we tackle at Gomibo Platforms. Each of these improvements strengthens our platform’s ability to deliver a true omnichannel commerce experience for telcos worldwide.