Josh Kendall

Centralized User Databases

It occurred to me a few weeks ago that companies who build web apps, whether for themselves or for clients could benefit from implementing a centralized user database. Any user who signs up for an account for any of the company's applications would instantly be able to log in to all of its applications. If they eventually sign up for another one of the applications, the registration page wouldn't let them register, but would instead inform them that they already have a [whatever you call the id system] account and that they can simply login to use the account.

Building applications around a centralized user database means; you have less databases (or at least less tables) and you don't have duplicate data in multiple databases. 37signals recently launched their version of this idea called "37signals ID"; while their version doesn't allow you to sign into an application you haven't used before, it does make the sign up process considerably quicker. Thinking back to all of the projects I worked on at my former job, a centralized user database would of made things a bit easier, granted those were not applications 90% of the time. The concept is similar to OpenID with the benefit of being easy for those users who haven't heard of, nor want to deal with OpenId.

The easiest way I can see of implementing this would be to have a main user table that contains all of the users profile information (email address, password, password salt, first name, last name, zip, etc.) and then a table for each application that just stores the user's id. If they haven't used an application before, and they login; it automatically adds their user id to the application's user table and logs them in like they've been using it for years. This is something that I am doing a lot of planning and research on implementing into my own applications.

What are your thoughts on utilizing a centralized user database, and are you or would you ever consider adding it to your own applications?