One of the largest producers of live music events in the world, was looking for an easily deployable, reliable, and user-friendly way to validate user identities before they redeemed tickets sourced from affiliates. Learn why they chose Descope to implement email OTP authentication for two flagship UK concerts.
About the Customer
The customer is a live entertainment company and a division of a global conglomerate which has over 28,000 employees and is the world’s largest owner of sports teams and sports events. They produce well-known music festivals and concerts with hundreds of thousands of people attending every year.
Relevant to this customer story are two of the most well-attended festivals in the UK. One had an estimated attendance of 50,000 people each day for a six-day concert, and the other regularly attracts audiences over 400,000.
Seeking fast, secure email authentication
With the customer’s music festivals attracting audiences from across the world, there are multiple ways for them to purchase tickets, including on affiliate sites. The challenge? Reliably confirming that the person redeeming the ticket with the customer is the same one that purchased the ticket.
To solve this, the customer were looking for an authentication solution that could support fast, secure, and interoperable email OTP for the two aforementioned UK festivals.
Fast: The solution had to be capable of being spun up and taken down quickly without spending tons of developer time on changing the app’s codebase.
Secure: Customer data had to be stored in the region they signed up from to ensure security, privacy, and compliance with regulations like GDPR.
Interoperable: The solution had to work with their existing stack. This meant a tight integration into their Node.js backend and the ability to support existing email delivery providers (Amazon SES).
Customizable: The team wanted to customize the experience to match their current interfaces and adhere to their current customer communication channels.
The VP of Engineering at the customer said:
“We want end users to have a delightful experience when interacting with any of our digital properties. To this end, we were looking for a CIAM solution that allowed us to customize email templates, for example to tell the users which device they requested the ticket from. We also care deeply about ‘unhappy’ user flows, so clear error handling, logging, and troubleshooting were priorities.”
The Descope experience
Descope met every customer requirement due to the platform’s flexibility across the board, with capabilities such as:
Supporting SDK-only implementation
The ability to use audit and mail connectors with SDKs
Letting customers have deep control over email customization
Multi-region data residency
Comprehensive and contextual logs and audit trails
When it came to email customization, the customer wanted the email containing the OTP to address each user by their name and display which device they originated from. At the same time, they wanted the authentication aspect to “just work” without needing any tinkering. They were able to achieve this balance between fully controlling the end user experience and reliably validating user identities via email OTP using the relevant Descope Backend SDK and the Amazon SES connector.
The VP of Engineering said:
“Descope met our needs and use case perfectly. The product is easy to deploy, we appreciate the SDK-level customization, and their team is super responsive to any enhancement suggestions. We’ve even been able to fall back on Descope’s own email connector during periods of high traffic.”
Descope is a flexible, drag-and-drop CIAM platform that helps organizations easily add authentication, authorization, and identity management to their apps. Customers use us for initiatives such as passwordless authentication, SSO, identity federation, strong MFA, and fraud prevention.
To get started with Descope, sign up for a Free Forever account. If you have questions about our platform, book time with our auth experts.
