In order to build the right social strategy, IT leaders must understand the technical options for social software integration. Here's what you need to know.

Tulu Tanrikorur, Contributor

November 11, 2012

3 Min Read

Security Integration

The security mechanisms used by social containers manage authentication and authorization for their respective platforms. A number of open source protocols are in use today, such as OpenID, SAML and OAuth2.0.

The OpenID protocol does not rely on a central authority (identity provider) to validate a user's credentials. One of the major criticisms of OpenID as an authentication protocol for federated identity has been that it is complex. That has given rise to proprietary alternatives like Facebook Connect. A more recent effort, the OpenID Connect proposal from the OpenID Group, won the 2012 European Identity Award for best innovation/new standard. Time will tell if vendors will embrace the standard in the future.

SAML, on the other hand, continues to be more common in private social platforms for enterprise customers. Unlike OpenID, it can support explicit trust between parties of identity and service providers, making it a favored choice for business partners.

Currently, vendors are increasingly accepting the OAuth 2.0 protocol, which is a welcome move for interoperability. This protocol is also being included as part of the OpenID Connect proposal. While better known for authorization, OAuth also supports an optional authentication method. OAuth is already an industry standard for allowing third-party applications to access Web resources on behalf of the user. The authorization process includes a request flow between an application, a resource/authorization server, and a specific user in order to create a special authorization (access) token. There are language-specific OAuth libraries for Java, JavaScript, PHP, Perl, Python and Ruby available from community sources.

The Journey Ahead

Social business means much more than simply having a presence on public network sites, or defensive monitoring. Waiting on the sidelines is not an option for organizations that want to stay competitive. Ignoring social business will mean missed business opportunities and profits, so social business integration is unavoidable. Here are some suggestions to help your enterprise get started:

-- Start thinking about how to socially enable your existing solutions, use-cases, and business scenarios.

-- Learn about the privacy and compliance regulations applicable to your industry.

-- Decide which of the integration methods described above would be most suitable to the use cases you're considering.

-- Review your vendors' product roadmaps to understand their plans for social business integration before you start building custom solutions.

-- Be selective in deciding which specific social platform to integrate with. Remember that these platforms vary by purpose of community, characteristics of its members, and even world regions.

-- Choose your strategic internal social platform and identify duplicate capabilities for potential consolidation.

-- Keep an eye on interoperability standards such as OpenSocial, ActivityStreams and Oauth2.

-- Minimize the effect of API changes in popular public sites by loose-coupling methods such as wrapping calls and declarative configurations.

As the social business market continues to evolve, today's social platforms include many useful capabilities. They do not simply enhance collaboration and communication; they also store a wealth of information. Enhancements such as the ability to create custom objects and actions in social graphs, to receive activity stream data, to use embedded experiences within widgets, and provide a richer mobile experience make them even more attractive to business. In order to take full advantage of this great potential, organizations need to plan ahead, research different solutions, and consider their options carefully.

InformationWeek's last Enterprise Social Networking Survey found huge interest, widespread use -- and lukewarm satisfaction with the results from enterprise social networking. Now in its fifth year, our annual survey assesses the growth of enterprise social networking and its impact on internal and external operations. Take our Enterprise Social Networking Survey Survey now. Survey ends Dec. 7.

About the Author(s)

Tulu Tanrikorur


Tulu Tanrikorur is a corporate vice president in technology group at New York Life Insurance Company. He has written numerous articles. He can be contacted at [email protected].

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights