<img alt="" src="https://secure.norm0care.com/164647.png" style="display:none;">
Breaking News: Onegini and iWelcome are now OneWelcome | READ PRESS RELEASE  

B2B2C for Insurance: manage agents, brokers & business customers

Paul Vriens
January 11, 2021 at 4:36 PM

Insurance companies have a diverse set of external user groups that will all require some sort of access to the applications and services needed to perform activities for or on behalf of this insurance company. Think about agents, brokersbusiness customers and so onThese users are neither employees nor end consumers, and as such require a specific IAM approach.

Company mandate models that are typically required to assign access permissions for a multitude of business applications and infrastructure to company users cannot be just replicated for these diverse user groups that are part of a modern insurance eco-system. In this blog we will describe some of these user groups and we will give some examples of how they could ideally be managed in an Identity Management system.

Agents and brokers 

Insurance companies don’t always sell directly to end consumers. They often work with independent agents and brokersthat typically require access to the same business applications that internal users would require to serve any end-user (i.e. consumer).

Being however burdened with managing the access needs of large and potentially ever-changing groups of users at agents and brokers will introduce a higher workload for IT-departments, application owners and customer care teams.

A flexible and sophisticated delegation solution is required to allow for Access Management, User Management and Customer Care activities to be delegated to the agents and brokers themselves. Administrators at these user groups can thus be handed the ability to add or invite, change but also offboard users. They are now able to assign and revoke access to business applications; of course, within the limits of an insurance company’s own access and security policies. All actions can be recorded so these actions can be audited. Administrators at larger agents and brokers should be allowed to further delegate specific management aspects.

User-friendliness is key for these users at agents and brokers. The designated delegated administrators are usually not people with an IT background. They need a clear and intuitive UI to efficiently manage the users at their end.

Business customers 

Insurance companies often have a background in collective insurance for organisations. Collective insurance can be part of an employee benefit package, and as such handled by an HR representative at an organisation. These business customers have different rights then end consumers and can also get a delegation role to manage accounts for insured within their company scope.

These users need a system that is easy to handle, and that gives the option to create accounts or invite for self-registration. All sorts of levels of trust can be built in, varying from trusted email address extensions to Multi-Factor or step-up Authentication solutions.  


Business processes are sometimes outsourced to specialist companies whereby the users of these external companies will require access to applications and services, often collaborating with internal users. These applications are the same applications and services that your internal users use, this in contrast with the agents and brokers.

These external companies will often integrate with the identity provider of that company, therefore allowing them to use their own accounts and leaving the user management with the integrated company. In a similar fashion, these companies should be able to manage the access to your applications and services. All of this by utilising Delegated User Management model to allow (delegated) administrators to assign and revoke access to your applications, provide users with self-service capabilities and allow them to request access.

Due to the nature of being more intwined with the daily operations when it comes to application access, the need for reporting and auditing capabilities is even greater with these user group. Your identity management together with a sophisticated delegated user management becomes a must to facilitate online collaboration in a world where outsourcing and offshoring has become part of everyday business life.   

Service Desk and Customer Care 

Service desks and customer care come in many forms. Insurance organisations usually have their own customer care and helpdesk employees, but external users can also have this role within the user groups already described. Think about Business Customers and brokers that are the first line of support for end users that they service in a B2B2C scenario.

So, functionalities for customer care and helpdesk employees should be highly flexible.
A customer care employee at an insurance company should be able to have access to the account reset and password recovery settings of many users. On the other hand, a delegated administrator at an organisation that has group insurance should also be able to access these settings, but then for a very specific user group. A very fine-grained delegation model with structures, groups, etc should be in place to manage these scenario’s in an optimal way.


Overall, we see that the user scenarios at insurance companies can be countless. Identity & Access Management solutions need to be more and more flexible and fine-grained in order to manage this. iWelcome offers an extended module that offers this functionality, so users at many levels will have enough rights to properly manage their users and work efficiently without compromising on security by giving too many rights to people that don’t need it.

Read the whole series

This blog is part 4 of a series of 5 blogs about identity challenges in the insurance industry. You can read the insurance blog series here:

  1. The best customer experience for Insurance, with CIAM
  2. How Insurance companies can orchestrate the best User Journeys with CIAM
  3. Frictionless User Interaction
  4. B2B2C for Insurance: How to serve different user groups
  5. Conversion from prospect to customer

Feel free to repost this blog on your website! But when you do so, please be so kind to mention the source and give us a notice via marketing@iwelcome.com.

You May Also Like

These Stories on CIAM

Subscribe by Email

No Comments Yet

Let us know what you think