NashTech

Get in touch

Tide enhances user experience and security with launch of new features

By /

Tide enhances user experience and security with launch of new features

Industry
Financial services
Technology
AWS Fargate ClusterAWS S3AWS SNSJava 11JOOQMySQL DatabaseSpring Security
Introduction

NashTech worked closely with leading fintech, Tide, to help create new features that enhanced user experience and security of existing systems.

About Tide

Tide is one of the fastest growing fintech which is revolutionising how small businesses manage their money admin. Tide is creating the product from scratch, which takes the stress and paperwork out of the business admin.

Challenges

The existing system supports login for the one existing service that has all the users created within. Other services of tide, such as marketplace and other 3rd party services, do not have these users, and because of this these users have to create their credentials in their respective services, the main goal is to have a single user base that can be used across multiple services. Below are some challenges:

  • Current architecture provides access to all the APIs, because users with this scope can access other APIs which may not be required by the service. And this can increase the attacking surface
  • The token provided under the existing scope contains more than necessary information, this may be risky as 3rd party users also going to use tide as identity provider
  • The user has to create credentials again when accessing the other services.

Solution

NashTech worked closely with tide and helped create features that can replace all the challenges. Some of the important functionality that was developed are listed below:

  • Add support of new features to the service that completely changed the user experience
  • Create different applications in the gravitee for every client (where customisation of claims is required)
  • Configurable token claims as per the 3rd party requirement
  • Enhancement in the security as access to APIs is controlled by the scopes and claims
  • New ssl certificate configuration at gravitee so that client can sign its token with this certificate
  • Create the scripts for the local instances of the components for local testing

Architecture

Tide is a payment solution provider, and this solution was particularly built for Marketplace, which has different claims and tokens needed for different features, e.g., Tide existing user (under one client) can check their information by using the existing scopes and claims, and the same is used for accessing APIs related to the timeline. Tide wants to enable SSO between sites that make up Tide so that users can have a seamless experience of moving between sites. For the marketplace’s authentication service to use Tide’s auth server as its identity provider, the marketplace auth service must be a client of Tide’s auth service. The client should support the authorisation code flow, provide open scope, and have a token endpoint secured by basic auth. And the client should sign its tokens with a new certificate.

sso

Results

  • Ease of Use: Users can access different apis of different services just by logging once which makes users experience good.
  • Configurable Claims(Access/ID tokens): Configurable claims enhanced the security as now claims only contain the required information.
  • Configurable Scopes: Implementation and configuration of scope also gives fine grain control while accessing the different APIs. This is currently used by many tide services developed so far and also the 3rd party services where tide is acting as an Identity provider.

Read more case studies

Evri courier
Enhancing both courier and customer experiences for Evri

NashTech and Evri work closely together on the application and systems for the couriers to ensure that they are satisfied and well-trained.

AWSData
AWSData
Unified case study
Unified and NashTech: driving digital media excellence

Explore how NashTech helped Unified to overcome challenges in the startup phase by scaling technology resources as needed.

Big dataJAVA
Big dataJAVA
Trinity College London customer success story
From rising above adversity to riding the wave of digital transformation in the education sector

Explore how NashTech help Trinity College London ride the wave of digital transformation in the education sector

AWS
AWS
See all case studies

Let's talk about your project

Get in touch
  • Topics:

Our partnerships

docker-white-png
ibm-white-png
microsoft-logo
umbraco
confluent-white-png
databricks-white-png
hashicorp-white-png
lightbend-white-png
microsoft-modernization
aws-partner
ms-solutions-partner-logo
ms-data-and-ai
ms-digital-and-app-innovation
Scroll to Top
SAMPLE TITLE
sample short
sample heading lorem isump
Sample button
FREE WHITEPAPER
Unlock the power of knowledge with our new whitepaper
“Elevating User Experience for Product Owners”
Get your whitepaper
FREE WHITEPAPER
Unlock the power of knowledge with our new whitepaper
“Elevating User Experience for Product Owners”
Get your whitepaper