#Japan #Tokyo #Authlete #Linc'well #OIDC

Linc'well Strengthens Healthcare Model with Authlete

In a significant move to enhance its healthcare services, Linc'well, a Japanese company specializing in medical platforms, has decided to incorporate Authlete's OAuth and OpenID Connect (OIDC) backend service. This integration aims to streamline user authentication and authorization across its various offerings, which include online medical consultations, clinic digital transformation support, and healthcare e-commerce.

The Need for Change

As Linc'well's services expanded, the company faced several challenges associated with its previous user management strategy, where individual services operated with separate user authentication systems. While this approach facilitated initial rapid deployment, it introduced several pain points:

1. Diminished User Experience (UX): Users were required to log in separately for different services, which hampered seamless cross-service interaction. Discrepancies in login processes further fragmented the platform's overall feel, leading to a disjointed user journey.

2. Increased Development and Operational Pressure: Each team managing its own authentication functionalities led to longer lead times for development. Staying compliant with the latest security standards became challenging, slowing down necessary updates in response to evolving threats.

To tackle these issues, Linc'well recognized the necessity for a unified authentication and authorization framework. They established a dedicated 'Authentication Infrastructure Team' to facilitate a transition towards an architecture utilizing OIDC for secure interconnectivity among all products.

Why Authlete?

Linc'well adopted a strategy combining the 'Buy and Build' approach, determining which functionalities to develop internally versus outsourcing. For instance, the company opted to build their common authentication page in-house while relying on Amazon Cognito for identity and credential management.

However, realizing how inefficient it would be to implement complex standard specifications from scratch for the OIDC Identity Provider (IdP) features, they chose to leverage Authlete's specialized expertise for protocol processing and token management.

Decision Factors for Authlete's Selection

Several critical factors influenced Linc'well’s decision to partner with Authlete:

• - Complete Control Over User Experience: Authlete operates as a headless API, allowing for comprehensive management of the user experience during the authorization flow.
• - Significant Reduction in Development Burden: By allowing Authlete to handle intricate tasks like error handling and state management, Linc'well could maintain lower development loads while creating an appropriate OIDC IdP.
• - Flexible Technology Selection: The entire suite of Authlete's features is accessible via API, independent of frameworks or programming languages. This facilitated the seamless integration of Authlete with Actix Web, the Rust-based web framework utilized by Linc'well for their OIDC IdP development.
• - Ease of Validation and High Technical Expertise: Through comprehensive reference implementations and free trials, Linc'well could validate that Authlete met their requirements, in addition to being reassured by the quality of the publicly available technical information.

New Foundation Implementation

In June 2025, Linc'well initiated design work on the new infrastructure, using Authlete as the backbone. Following development and testing phases, they systematically transitioned each product's authentication capabilities to this new base starting in March 2026 and concluded the migration across all products by April of the same year.

Benefits Realized with Authlete

The incorporation of Authlete has resulted in numerous advantages for Linc'well, notably:

• - Enhanced Productivity: Centralizing the implementation and operation of unique authentication logic optimized development efficiency.
• - Focus on Core Business Functions: Product teams were liberated from the burden of common functionality development, allowing them to concentrate on their primary business logic.
• - Strengthened Governance: Established a robust framework that enables the application of sophisticated security measures necessary in the healthcare domain across all services.

Comment from Kazuya Shida, Engineering Manager, Authentication Infrastructure Team
"By leveraging Authlete for our common authentication and authorization framework, we could efficiently advance our custom-built authentication capabilities, swiftly improving the user experience while alleviating the burden on our teams. As a company that handles sensitive medical data, we prioritize enhancing security, and we look forward to leveraging Authlete's high-quality OAuth/OIDC implementations further."

For more on how companies utilize Authlete, visit our customer case studies on our website.

About Authlete

Authlete provides a Web API that accelerates and simplifies the implementation of OAuth and OpenID Connect (OIDC) in authorization systems. Developed by experts involved in international standards, Authlete is OpenID certified and compliant with advanced security specifications such as FAPI and CIBA, as well as the latest protocols like OpenID for Verifiable Credentials Issuance. Authlete's solutions are widely adopted across a variety of industries, from startups to large enterprises in fields such as finance, media, retail, and technology.