AAP Lehrerwelt GmbH is an e-commerce education company with offices in Hamburg and Augsburg. As part of the Klett Group, AAP operates a web shop for physical products for teachers, such as teaching materials and literature. AAP also operates a web platform under the "Lehrerbüro" brand to support teachers in preparing lessons. Schools or individual teachers have access to teaching materials, templates and presentations for download in various subscription models.
Whether it's an urgent bug fix, the customisation of a feature or the integration of our new SSO service - the Netresearch development team penetrates even the deepest depths of our TYPO3 system. Together we have already mastered many a challenge and can now look back on 3 years of successful collaboration. We are pleased to have Netresearch at our side as a competent and reliable partner.
Heike Schreiber
E-Commerce Project Manager
AAP Lehrerwelt GmbH
Previously, AAP Lehrerwelt customers used separate logins for the online shop and the download portal, meaning they had to log in with different access data and log in again each time they switched to the other platform. A standardised login should ensure that the user is logged into both systems with the same access data and can view all offers. At the same time, the introduction of a single sign-on was to be used to make the sometimes separate customer groups even more aware of the offers of the other platform and thus increase customer loyalty and sales.
AAP therefore commissioned us to integrate a single sign-on (SSO) solution into both systems (Magento and TYPO3). The SSO service had to be integrated during ongoing operations in order to minimise downtime for users. Users' familiar workflows should also change as little as possible. The new SSO service had to fit seamlessly into the existing system landscape and be open for connection to other systems that might be added at a later date.
For the SSO service, the choice fell on "Keycloak" as the identity provider and the community extension "OpenID Connect Authentication" for the connection to TYPO3.
A migration concept had to be developed to merge the two existing customer and login data bases, in particular to standardise overlapping customer data from both systems. Before going live, several migration runs were carried out in order to keep the customer bases of both systems, which continue to develop on a daily basis, up to date and to be able to import them seamlessly for going live. To avoid errors in advance, an additional test system for Keycloak was used for APP. As the AAP customers had taken out different subscription models, and some did not have a subscription at all, the subscription status of the customers must now also be transferred to the SSO system. In future, the ABO status will be kept up to date both in TYPO3 and centrally in Keycloak. This was easy to implement due to the flexibility of Keycloak. In addition to the login data, other customer account information can also be stored centrally.
One particular challenge was the special combination of the two systems at AAP with completely different business models. While permanent subscriptions are offered in TYPO3, customers order directly available goods in the web shop. As part of the SSO introduction, both models were combined for all customers for the first time, which meant that webshop customers in particular, who previously had no subscription, had to be treated separately in the download portal. The systems can now synchronise the subscription information very well in real time via the Keycloak API. In both TYPO3 and Magento, the form pages used by customers to update their own customer data have been customised for customers to see. The updating of login data is now transferred directly to Keycloak.
In addition to a significant improvement in the user experience for AAP customers, the first marketing approaches were also implemented on the basis of the new solution. AAP accompanied the introduction of the standardised login with a mail and letter campaign, thus achieving a significantly stronger "convergence" of the two web offers and increased attention within the previously separate customer bases. New approaches for marketing ideas can be implemented in the future. For example, customers who have already taken out a subscription could receive special offers in the web shop. Or, conversely, existing "ONLY" webshop customers could be offered a customised subscription.
Keycloak is already technically prepared for further applications at AAP Lehrerwelt. If the system landscape is expanded to include new components, these can also be connected, as Keycloak supports all relevant protocols with Saml, OAuth2 and OpenID Connect.
