Thales Blog

Delegated User Management: The Key to Secure Online Collaboration

February 15, 2024

Marco Venuti Marco Venuti | IAM Enablement & Acceleration Director More About This Author >

In the digital age, collaboration between human beings has leapt out of the confines of the physical office and the individual organization. Geographical boundaries no longer limit businesses, and they now frequently engage with partners, suppliers, and remote teams worldwide. However, this online collaboration brings forth its own set of challenges. At the heart of this challenge is user identity and access management. These demands are where Delegated User Management comes to the rescue.

What is Delegated User Management?

Delegated User Management comes in place whenever an organization needs to deliver access to selected applications they centrally manage to users belonging to suppliers or partner organizations.

It’s about dealing with external user access, empowering trusted users at the partner organization with the authority to handle user identities without granting them full administrative control.

Take this practical example to understand its significance: Consider the European Central Bank (ECB), which plays a pivotal role in monetary policy within the Eurozone. The ECB doesn't operate in isolation. Instead, it collaborates extensively with national central banks from various member states. The collaboration involves access for national banks to applications managed centrally by ECB.

Now, each national bank has its own set of users, systems, and access requirements. It's impractical and potentially risky for the ECB's central IT team to manage the access rights of every individual user from all these partner banks. This is where Delegated User Management stands out.

With Delegated User Management, the ECB can “delegate” each national bank to handle its user access. For instance, the Bank of France could be delegated the authority to manage access for its staff, while the Bundesbank in Germany handles its own. This ensures that each bank maintains control over its users, while the ECB ensures adherence to overarching security protocols and guidelines.

Such a system promotes efficiency (no waiting times for access permissions), enhances security (local breaches remain localized), and ensures adaptability (each bank can customize access based on its unique needs). In this interconnected framework, Delegated User Management isn't just a technical solution; it’s an operational imperative.

For organizations like the ECB, Delegated User Management isn’t just about efficient identity management; it’s about safeguarding the integrity of interbank collaborations on a continental scale.

Why is Delegated User Management Important?

In the vast digital landscape where data access and user roles are pivotal for smooth operations, understanding the importance of Delegated User Management becomes paramount for businesses.

1. Security: One of the most critical aspects of any digital operation is security. Delegated User Management ensures access rights are not centralized, reducing the risk of mass data breaches. With delegated access, the damage is often localized and contained even if a malicious actor gains entry.

2. Scalability: As organizations grow and evolve, the number of users accessing systems can exponentially increase. Delegating the administration of users provides a framework that scales with the company, ensuring that user management never becomes a bottleneck.

3. Flexibility and Speed: Allowing individual departments or partner teams to manage users means quicker and smoother response times for access requests and modifications. The partner user no longer has to wait for the central IT team to grant new access.

4. Diverse Collaboration: Today's businesses frequently collaborate with external entities such as partners and suppliers. Delegated administration enables organizations to grant these external entities limited rights to manage their users, ensuring smooth collaboration without compromising security.

Managing Identities: Beyond the Internal Workforce

While employees are the backbone of any organization, external collaborators like partners, suppliers, and customers are becoming increasingly integral to our interconnected business ecosystem. Efficiently managing the identities of these external user groups isn't just about security; it’s about enabling smoother collaborations and optimizing operational efficiencies. Here's a closer look at the broader benefits:

1. Empower Users: Delegated User Management doesn't lock down access; it empowers. Organizations instill a sense of ownership and responsibility by giving partners and suppliers the autonomy to manage their own user identities within predetermined boundaries. This empowerment can lead to more proactive collaborations and improved efficiency.

2. Adapt to Business Needs: Business environments are dynamic. A one-size-fits-all approach to identity management might not always align with specific project requirements or collaborations. Delegated user administration provides the flexibility to adapt user access based on evolving business needs, ensuring that rigid access controls never hinder collaborations.

3. Business User-Friendly Delegation: Not everyone is tech-savvy. Modern user delegation systems are designed with user-friendliness in mind, ensuring that even non-technical business users can easily manage access without requiring constant IT intervention. This boosts productivity and reduces potential bottlenecks.

4. Scale with Ease: As collaborations grow and more external entities come into play, the sheer number of users requiring access can skyrocket. Delegated User Management ensures that identity management can scale seamlessly without overwhelming the central IT team or compromising security.

In essence, it's about managing identities and enhancing collaborations. By weaving in these benefits, companies can ensure that their approach to identity management aligns perfectly with broader business objectives, paving the way for streamlined operations and enhanced growth.


Delegated User Management is more than just a technical solution; it's a strategic approach to managing digital identities in a modern collaborative environment. As organizations continue to expand their online interactions and collaborations, the importance of robust, scalable, and secure user management cannot be overstated. Embracing this approach ensures businesses remain agile and adaptable and reinforces a strong foundation of trust and security.

The Thales OneWelcome Identity Platform enables you to protect digital identities across your B2B ecosystem. The cloud-based CIAM solution offers Delegated User Management features that allow businesses to easily assign the correct amount of autonomy and responsibility to each B2B partner, allowing them to manage their business better while also ensuring you have total visibility.

Don’t just take our word for it. OneWelcome Identity Platform is named by experts as a top CIAM platform. Do you want to discover more? Download our solution brief on Delegated User Management.