One User Profile Everywhere

CYM-Identity allows you to share your user profile information across your applications. All user claims are centralized within your Salesforce Org and shared, whenever required, to other applications.
Unified ProfileUnified Profile

Claims and Scopes

CYM-Indentity follows the same principle as OpenID Connect when it comes to claims.
You can define as many scopes as required and for each you'd be able to link a set of claims which will be shared with applications.
For example, the profile scope from OpenID Connect will release the claims name, family_name, given_name, middle_name, nickname, preferred_username, profile, picture, gender, birthdate, zoneinfo, locale, updated_at.
You can create a custom scope account_profile where you could release the claims accountId, accountName, accountAddress for each User.
Now each application with the account_profile scope will receive these claims during authentication.
One of the benefits of this approach is that you have clear control over what data each applications sees about the user. Making it easier for you to audit and comply with different regulations regarding user Personal Identifiable Information (PII)
CYM-Identity provides a hook where you can handle fetching these custom claims. The plugin handler attached to the realm must handle actions get:claims
Right now, we only provide a programmatic way to specify the page.
Below is an example implementation for account_profile claims
global with sharing class RealmExtensionCallable implements Callable {
global Object call(String action, Map<String, Object> args) {
if (action == 'get:claims') {
Id user_id = (Id) args.get('user_id');
String[] claims = (String[]) args.get('claims');
User u = [SELECT Account.Name, Account.BillingAddress, Account.Id FROM User WHERE Id = :user_id];
return new Map<String, Object> {
'accountId' => u.Account,
'accountName' => u.Account.Name,
'accountAddress' => u.Account.BillingAddress // For example, we rename BillingAddress to Address
};
}
return null;
}
}