PART 1

Customer/User Job-to-be-Done or Problem

SSO Aspect:

When logging into any Lightcast Software which I am subscribed to, I want to log in using my Identity Provider (IdP) so that I can minimize the number of separate credentials needed to login to various systems.

See also: Platform Initiative: Single Sign-on, which will rely on or be replaced by this work

Value to Customers & Users

This work will unify the authentication approach for all Lightcast Services (software and APIs) - part of this will enable net new features for clients like SSO across our products but most of this work is for Lightcast’s benefit.

Value to Lightcast

Central Authentication Service will:

• De-risk our current homegrown solution with limited tribal knowledge

• Free up opportunity costs by building/maintaining a completely custom solution

  • If possible we want this system to be an out of the box/open source solution

• Enable out of the box integration with SSO providers

• Ability to provision access and handle authentication for all Lightcast services - APIs and Software

• JWT tokens so we can jump between systems

• Integration with CRM (Salesforce)

  • Ability to have only CREATE transactions (no UPDATEs, no DELETEs)

• Just in time provisioning - with various levels of access

• Granular permissions scoping with the ability to scale with our services

• Admin Interface improvements - better workflow, limit human administration errors (scope setting, etc)

• Achieve three 99.9% uptime

Target User Role/Client/Client Category

All clients using Lightcast services

Delivery Mechanism

Updated authentication service with the ability to switch things over with minimal to no customer action.

Success Criteria & Metrics

Must maintain service levels of 99.999% uptime.

Improvement in overall security.

Unlock SSO capability.

Simplify user administration.

Aspects that are out of scope (of this phase)

What is explicitly not a part of this epic? List things that have been discussed but will not be included. Things you imagine in a phase 2, etc.

PART 2

Solution Description

Early UX (wireframes or mockups)

<FigmaLink>

Non-Functional Attributes & Usage Projections

Consider performance characteristics, privacy/security implications, localization requirements, mobile requirements, accessibility requirements

Dependencies

Is there any work that must precede this? Feature work? Ops work? 

Legal and Ethical Considerations

Just answer yes or no.

High-Level Rollout Strategies

• Initial rollout to [internal employees|sales demos|1-2 specific beta customers|all customers]

  • If specific beta customers, will it be for a specific survey launch date or report availability date 

• How will this guide the rollout of individual stories in the epic?

• The rollout strategy should be discussed with CS, Marketing, and Sales.

• How long we would tolerate having a “partial rollout” -- rolled out to some customers but not all

Risks

Focus on risks unique to this feature, not overall delivery/execution risks. 

Open Questions

What are you still looking to resolve?

Complete with Engineering Teams

Estimated Costs

Direct Financial Costs

Are there direct costs that this feature entails? Dataset acquisition, server purchasing, software licenses, etc.?

Team Effort

Each team involved should give a general t-shirt size estimate of their work involved. As the epic proceeds, they can add a link to the Jira epic/issue associated with their portion of this work.