Sugar Integrations: Best Practices and Identity Management
There are many factors to consider when integrating with Sugar: what your integration does, what your integration looks like, how to synchronize and access data, how to handle security, and more.
In this blog post, we’ll take a look at best practices for building and improving Sugar integrations, and how to create integrations as a cloud service.
SugarCRM defines 3 types of Integrations:
- Frontend integrations
- Integrated inside the SugarCRM Sidecar UI
- Backend integrations
- Data ingestion and extraction
- Bidirectional data manipulation
- Mobile or IoT integrations
Sugar integrations encounter the following pain points:
- No streamlined federated identity capabilities. For the uninitiated, federated identity management (FIM), refers to an arrangement between multiple platforms and/or networks to enable users to log into every system with the same set of credentials. As each integration to Sugar requires a separate set of credentials, it can get tedious if your Sugar instance is connected to many platforms.
- LDAP (Lightweight Directory Access Protocol) and SAML (Security Assertion Markup Language) have limited support on Mobile and Plugins.
- Too many credentials.
- No fine grained authorization controls.
Jelle Vink, Distinguished Engineer at SugarCRM, presented the following use case:
- I am a Sugar partner and I want:
- To build an integration
- Offer it as a cloud centric service
- The service can be used by multiple customers
- The system must have proper identity controls
To build out that integration, the SugarCRM developer proposed the following system:
This consists of an integration service which allows each user from any CRM instance to access all cloud services in use by all CRM instances, even if a user does not have accounts in every instance.
How would this particular use case get done? Jelle introduced Cloud Identity Services, with limited availability for Sugar Cloud customers via a Beta program.
Cloud Identity Services includes the following features and enhancements:
- Federated identity solution
- Industry standard OpenID Connect
- Built on top of OAuth2
- Enterprise SSO (Single sign-on) support
- Full audit capabilities
As developers of Sugar integrations, we are very excited to see and use Cloud Identity Services in our business solutions. We would also like to note that this service was announced at SugarCon 2018, SugarCRM’s annual event.