This document is intended for anyone needing to work with Topcon's CIAM infrastructure. Please read through it carefully before working with or asking questions about CIAM. Toward the end, there is a CIAM for Developers section that highlights key actions to take. However, it’s important to first read the whole document to gain full context and understand the bigger picture.
CIAM (Customer Identity Access Management) is crucial for any large organization that sells SaaS and connected device products. It safeguards customer data, protects customer identities, and serves as a foundation for creating a seamless user experience. CIAM acts as a central point where customers and sales channel users can self-manage their identity and access settings.
Topcon previously did not have a CIAM service, so it’s essential that over time, all dealer and customer-facing services integrate with CIAM. This ensures the necessary security for our customer data and improves the overall user experience for dealers and customers alike.
Topcon’s CIAM is built using industry-standard protocols and security best practices from the ground up. By partnering with Ping Identity, we've implemented robust registration flows, sign in flows, and security protocols supported by Ping One, Ping Da-Vinci, and Ping Federate.
At the core of our CIAM implementation is OAuth 2.0 (RFC 6749), along with extensions like Native App Flow (RFC 8252) and Token Exchange (RFC 8693). All OEM, dealer, and customer-facing web services and devices integrate with Topcon’s CIAM service using these standards.
By adhering to well-known standards, integration between Topcon Engineering and Topcon IT is simplified, aligning both teams on widely understood and documented technologies.