What is OpenIAM?

Business systems can be unstructured and require many resources to manage accounts and access to each application, service, etc. One user can have multiple accounts in connected systems, but the problem is that it is very difficult to know that these accounts all belong to that same user.

Besides the obvious challenges in creating a unified user profile one cannot readily determine what access a person has in each application, why they have it and when it was granted. The problem goes deeper as the number of users grows. The more users, the more resources and time are needed to ensure a reliable level of security.

Here, an IAM solution steps in, being a set of solutions to provide digital identification of a person. The identification feature may include account, synchronization, management, passwords, access control and many more. IAM systems are, in fact, based on the pattern that Each user must have the right access to the right resources at the right time.

To achieve this objective IAM solutions provide integration with one or more authoritative sources such as an HR system and business applications so that they can create a framework by which access can be granted to the right applications to the right users at the right time.

OpenIAM addresses these challenges using a converged architecture, easy-to-use interface and flexible deployment model.

Aside from its direct purpose, OpenIAM as identity and access management platform, can provide end users with the following capabilities:

  • Unified view of identity across all applications (both on-premise and in the cloud).

  • Flexible role based access control (RBAC) model.

  • User life cycle management with the ability to provision/deprovision identities and permissions across applications.

  • Access to SelfService portal supporting:

    • Password resetting
    • Workflow-based request/approval
    • Single sign-on
    • Profile management
  • User access reviews

  • Various authentication possibilities:

    • MFA
    • Adaptive authentication
    • Social login
  • Single Sign-On (SSO) with support for:

    • SAML 2, oAuth 2, and OIDC
    • Legacy application using the reverse proxy

Watch the video below for some more details about the platform.