Authentication, authorization & trust across workspace tech systems.

The first complexity with building the backbone for how workspace data is kept in-sync across the internet is Authentication, Authorization and Trust.

Welcome to the first post of our Tackling Complexities series.

You can learn more about the series in the intro here, but the idea is to share some of the complex tech (or tech-related) challenges we’ve had to dig into whilst building Syncaroo, the backbone infrastructure for how workspace platforms automatically keep each other in-sync.

In today’s post we talk about how we’re tackling the need to prove authentication, authorization and enable trust between workspace technology platforms, in a scalable way.

Summary.

When syncing any data between different systems over the internet, there’s a few questions that each side has to ‘ask’ or verify before deciding if they actually can trust the information they receive. 

This includes syncing workspace data (like workspace details, pricing, photos or availability) across different systems. 

It’d be absolutely chaotic if anybody could just send across information without any checks.

Platforms on each side of a sync need to verify that the information (or request for information) is coming from a known and trusted source and that the trusted entity has permission to update or change that specific information. 

With both of those checked, we then need to make sure we can trust that the request wasn’t tampered with, or changed, as it moved across the internet.

Some terms.

Solving the Authentication & Authorization challenges.

We started first with tackling the challenge of verifying the identifies and permissions between systems.

Syncaroo is built to continuously check the Authentication and Authorization of accounts across platforms, on a few different levels.

From making sure that somebody with the right authority gives Syncaroo permission to access the data inside property/asset/inventory management systems, to ensuring that accounts on each connected platform have adequate permissions to make changes or securely access and process workspace data.

To make syncing seamless, connections are setup manually once, but Authorization and Authentication checks are securely reconfirmed automatically behind the scenes. And if, for any reason, any of the checks fail, Syncaroo stops syncing to/from that platform and notifies workspace operators and our team that attention is needed to resume syncing.

We’ve designed the Syncaroo platform to work with numerous trusted and standard methods of Authentication & Authorization and each integrated platforms can pick their preferred methods depending on their internal tech stack and business logic. We recommend OAuth 2.0, with on-screen confirmation, short-lived tokens and well-scoped permissions.

A simple example as to how this works, with any manual actions in bold:

Solving the Trust challenges.

Photo by Brett Jordan on Unsplash

We live in a world where trust is critical, especially between auto-updating business systems and publicly-facing channels. 

And so we take the third part of this challenge seriously, implementing and continuing to develop and improve how the data synced between systems can be trusted.

Internally Syncaroo runs numerous checks, before notifying connected platforms that an update or sync is available. This updated data is supplied via a secured, authenticated and tightly-scoped REST API. This means that in the unlikely situation that an update sync notification is intercepted, the updated data itself isn’t directly accessible by just anyone.

To make the notifications even more trustable, Syncaroo signs the notification using top-tier encryption.

This allows integrated platforms to triple-check that a sync is trusted, before processing a single action on their internal systems.

From our very first version, here’s how we’ve enabled connected platforms to triple-check sync notifications via Syncaroo (simplified immensely for brevity):

This triple-checking takes mere milliseconds per sync but allows for Platform B to have full trust in the data syncs it receives from any platform via Syncaroo.

Can't every platform tackle these without Syncaroo?

Ofcourse. Authentication, authorization are trust are critical for any tech integration.

Where Syncaroo’s power shines through is that we offer a single secure integration that tackles these challenges (and others) for connecting to a growing number of platforms, services and products.

So instead of tackling challenges for each new integration, a single integration is setup, managed and monitored. 

Not only does this allow platforms to focus development time on their core products, differentiating features and business logic – but it also improves the stability and reliability of integrations across the entire proptech ecosystem through shared standards and schemas.

Run a platform or operate a workspace? Request access to the Syncaroo closed beta and become part of the data infrastructure the future of work is built upon. 

Insights, geekiness, and updates in your inbox?

Subscribe to get free Syncaroo updates via email today.

Share This Post

Customers

How Patch took control of their tech & processes

How a growing flex space network offloaded busy-work, automated many repetitive tasks and shifted their team’s focus back into building a strong community and business.

Industry Trends

The AI elephant sitting in every flex space boardroom

AI will change how office buildings and flex space businesses run, but there’s a very annoyed elephant stomping its feet and hurling important questions you should take some time to address.