Every company needs engaged employees who live the brand. These true believers are more satisfied and productive, drive great customer experiences, and help reduce employee stress and turnover. In other words, they directly impact the bottom line.

Brand Integrity is an engagement company who is disrupting business as usual with the new rules of engagement. With their sustainable solutions, they are helping their clients in various industries to synchronize their brand’s values, culture, and reputation to create a reputable and compelling brand that employees, customers, partners, and the market understand and trust.

That boost starts with an advanced web application platform, backed by Stormpath’s API for authentication and User management.

Brand Integrity Potential Point Diagram

A Web Platform for Employee Engagement

“Clients use our web platform as an ecosystem where employees can recognize each other for going above and beyond” explained Suraj Bhagavan, a software developer at Brand Integrity. “There’s an activity feed similar to what you would see in Facebook or LinkedIn that captures and shares successes and allows employees to engage socially and learn from best practices.”

Brand Integrity’s web platform, the Brand Integrity Platform allows companies to teach and reinforce positive behaviors with three key applications: employee assessments, employee recognition, and customer assessments. The platform manages, measures and shares employee experience so management – and employees – can decrease turnover, grow sales and revenue, replicate top employees’ behavior, and create lifelong customers.

Authentication and user Management in the Potential Point system is powered by Stormpath. Brand Integrity simply passes user authentication data collected from the user to Stormpath, where the authentication is handled and the credentials are stored securely. Brand Integrity’s development team can focus on their clients’ needs. Stormpath also takes the burden of user data security off of Brand Integrity’s software developers.

Potential Point’s Web Services Architecture

Like all software, the Brand Integrity Platform has evolved over years of iteration and customer feedback, and recently got a new backend architecture based on APIs and web services built in .NET with a Knockout frontend.

“The model that we have now is to consume our own API to build out our site,” explained Bhagavan. “Our product is API-based; we use third-party services to make use of things we’re not expert in, and our own API to get everything else in the data.”

This architectural approach not only allows Brand Integrity to manage their software, it also creates the potential for clients to design an employee engagement platform that is tailored for their business. “Clients can sign up for different packages and get different pieces and components – it’s all plug and play.”

Complex Login… Streamlined

As the Brand Integrity team began rearchitecting, one of the initial challenges was authentication, specifically integrating with external protocols and user stores, like SAML and LDAP.

Brand Integrity’s clients have users who need to login using many different mechanisms. “We have users who come in from wide variety of sources and we needed figure out a way to streamline all that without having to write a whole ton of code ourselves. But just getting into the security code — that is like building a company by itself.”

Brand Integrity was able to offload authentication to Stormpath, freeing up time to improve user experience and application functionality, without getting bogged down in user security and maintenance.

Unlike other access management services, Stormpath handles the entire backend, giving clients peace of mind. “We don’t want to really do all the login and all the user security, because that’s not really where we are experts,” Bhagavan explained. “It’s more of knocking around and hoping that it works. Stormpath was the solution that allowed us to get off that and just focus on our app.”

Although Stormpath does not yet have a .NET SDK, Bhagavan and his team were able to easily connect directly with Stormpath’s REST+JSON API.

Separating User and Application Data for Clarity

The company uses Stormpath’s authentication API to store user accounts in Stormpath, along with user identification information and credentials (username, password, and other pertinent information pertaining to login). Other information related to the user’s interaction with the product is stored elsewhere.

This separation of account information from usage information ensures clarity in data, and prevents the development team from having to maintain user data security. “We’re not storing any of the user information that we don’t want to store.” More and more development teams like Brand Integrity use this separation approach to limit liability and make it easier to comply with customer requirements. The model also lends itself to connections with user stores controlled by the customer, like an on-premise Active Directory server.

Stormpath has saved Brand Integrity not only many hours in setting up a user management backend, but also the hassle of building and securing authentication and authorization features.

In the future, the company plans to integrate SAML into their API. “A lot of these clients that we deal with have their own internal HR systems and internal login from their internet and right now we’ve set up a custom build,” explained Bhagavan. “We use SAML libraries and we custom build around it.” Stormpath is working to bring SAML to Brand Integrity in the near future.