Identity is a separately licensed web application that is leveraged by Aspenware Commerce, Aspenware Arrival, and can be utilized by other 3rd party applications (such as your mobile resort app) as the authentication platform, enabling a single login (SSO) across various applications. Aspenware Identity integrates with your resort point of sale and all your guest engagement points to provide single sign-on and secure access to data.
When an application is configured to use Identity, guests are temporarily routed from the application upon selecting “Sign In/Create Account” to Identity to facilitate logging in. This identity flow is hosted on an alias such as login.resortname.com. Once logged in, Identity returns users to the original application, such as Aspenware Commerce, as a logged in customer. Aspenware Identity is built using the OpenID Connect industry standard and OAuth2.0 for enhanced security, allowing applications to confirm guest’s identity in a secure manner and also obtain basic profile information about the guest and their household to provide a more personalized experience in the connected application(s).
While Aspenware Arrival requires Identity be leveraged for authentication, Aspenware Commerce and resort mobile apps can optionally use Identity for authentication. Once Identity is setup and configured, turning on Identity for Aspenware Commerce is enabled through installing a plugin and several settings within the Commerce platform. Benefits to using Identity for Commerce Authentication rather than native Commerce authentication include:
Implicit find me flows are more likely to catch guests who already have accounts, routing them to find their accounts and decreasing duplicate customers in your POS
If multiple applications use Identity as an authentication platform, a guest who is logged in to Aspenware Arrival will also be logged into Aspenware Commerce and the mobile app, so they can seamlessly navigate between applications.
More secure than standard login as Identity can require guests to reset their password if the password change date in RTP is past today’s date.