Single Sign In For everyone

The Department for Education (DfE) is a department of Her Majesty’s Government responsible for child protection, education, apprenticeships and wider skills in England.

In 2018, employees of local authorities, schools and academies experienced delays and complexities using DfE’s systems due to a disjointed landscape of signin solutions. This led to tasks like submitting student records or running reports turning into lengthy and painful exercises.

The main goal was to provide a seamless system to users that would reduce the existing disruption they’d experience carrying out their daily work.

DfE engaged eSynergy to:

• Design and architect a solution to reduce the perceived high risk of integration with IDAMs in legacy systems. A drop in replacement for legacy IDAMs, and integration with or replacement of modern IDAMS systems was needed.
• Build a solution to be a frictionless IDAMs replacement, while enabling tooling to be scaffolded around the solution to align with business processes.

eSynergy provided a multi-disciplinary agile team to re-visit and re-build the sign-in experience from scratch and provide users with a simple and secure solution. An in-depth user research phase preceded the build stage where evidence on the key pain points and downfalls of the current system was gathered.

With the help of eSynergy we have built a solution that simplified the life of our users tremendously, and we can onboard new services in a fairly automated way within a couple of hours. This is something we would have only dreamed of three years ago.

Product Owner, DfE

After analysis of the findings, the team opted for a hybrid, off-the-shelf open source solution to avoid vendor lock-in and allow customisation.

The solution is a composition of mature Open Source and bespoke (Open Source) components built using node.js as a cloud-agnostic solution allowing for easy integration of legacy and future services. The solution natively supports all industry-standard identity protocols and is highly configurable for bespoke implementations. Built with state-of-the-art security best practices in mind and regular IT health checks were administered on the platform to assure utmost security throughout.

A fully functional Beta version of the platform launched six months after kick-off, including onboarding, selfservice management and support. The pilot supported one service and 600 users. Over the following 24 months, 26 further services and around 140,000 users were onboarded. From a technical perspective, the solution was highly configurable and built in a way where it allowed integration of any given legacy service that would require connecting over time.