• Download a trial
  • Sales
  • Support
  • Login
logo
  • Home
  • Products
  • Solutions
  • Partners
  • About Us
  • Consulting
  • Resources
Request a Quote
  • Workforce Identity
  • Customer Identity
  • Comparison
  • Subscriptions

All Features

Overview of all features in Workforce Identity

User Onboarding and Offboarding

Automate joiner, mover, leaver processes

Access Request

Access requests with multi-step approvals

User Access Reviews

Save time with user access reviews

Self-Service Portal

Self-service portal for all end user activities

Segregation of Duties

Detect and remediate SoD violations

Password Management

Enforce password policies and enable synchronization

Single Sign-On (SSO)

Enable SSO using standards - SAML, oAuth, OIDC

Authentication and MFA

Improve security with adaptive authentication and MFA

3rd Party IdP Integration

Integrate with your existing identity provider

Integration API

Use the REST API to add identity into your applications

Connector Library

Integrate on-premise and SaaS applications

Modern Architecture

Microservice architecture that supports deployment using RPM, Kubernetes or OpenShift

Workforce Identity Concepts

All Features

Overview of all features in Customer IAM

Authentication and MFA

Improve security with adaptive authentication and MFA 

Single Sign-On (SSO)

Enable SSO using standards - SAML, oAuth, OIDC

Password Management

Enforce password policies and enable synchronization

Modern Architecture

Microservice architecture that supports deployment using RPM, Kubernetes or OpenShift

Customer Identity Concepts

Community vs Enterprise

Summary of the differences between the Community and Enterprise editions

Subscription Benefits

Overview of the benefits provided by an OpenIAM subscription

  • Integrations
  • Verticals
  • Workforce Use Cases
  • CIAM Use Cases

Active Directory

Manage identity in Active Directory

Azure (O365)

Manage identity in Office365

SAP

Manage identity in SAP S/4 Hana and SuccessFactors

Education

Manage identity for students, staff and alumni

User Access Requests

Empower end users and improve compliance with user access requests

Strong Authentication

Improve security with adaptive authentication and MFA

Single Sign-On (SSO)

Improve customer experience with SSO

  • Partners

Current Partners

Our Current Partners

  • About Us

About OpenIAM

Learn about OpenIAM

Press Releases

References to OpenIAM press releases

OpenIAM in the Media

References to OpenIAM in the media

Careers

Learn about open positions at OpenIAM

  • Consulting

Proof of Value

Customized engagement to confirm defined proof of value objectives

Jump Start

Customized engagement to rapidly deliver a solution into production

Solution Implementation

Engagement with the objective to deliver a complete IAM solution based on customer requirements

  • Resources

Videos

Collection of videos describing how OpenIAM can be used to solve common use cases

Community Portal

Collaborative community portal to learn more about OpenIAM

CE Documentation

Documentation for the Community Edition

Blog

Musings on identity penned by the OpenIAM team

Webinar Calendar

Upcoming webinars and training sessions

Workforce Identity Concepts

Customer Identity Concepts

What is a Service Provider (SP)?

Understanding the role of service providers (SPs) in identity management

A Service Provider (SP) is a website or application that offers services to users. This might be any type of SaaS program, including a B2B project management tool or a design platform.

If you're developing an app, the SP is you! (More particularly, your application).  As the service provider, you are not required to verify users personally. Instead, you can rely on a trusted third party, known as an Identity Provider (IdP), to verify a user's identity. All your app has to do is validate the authentication replies it receives from the IdP before logging in users.

How do service providers and identity providers collaborate during SSO?

To support SSO, SPs and IdPs collaborate by transmitting authentication requests and user information back and forth. The SP transmits the authentication request to the IdP, which returns a token. This token includes identification data that indicates whether or not the user has been confirmed, how long the login will be valid, and other important identifying information such as a username and email address.

A single IdP can serve several SPs, allowing users to authenticate once with the IdP and obtain access to the associated applications. That is SSO in action.

This is feasible because to SSO protocols such as Security Assertion Markup Language (SAML) and OpenID Connect (OIDC), which specify how user data is structured and safeguarded throughout the login process. They provide a common language that IdPs and SPs may both comprehend.

Service provider-initiated SSO: How it works

As the name implies, SP-initiated SSO begins on the SP's side. With "Sign In With" identity providers such as Apple or Google, the SP often exposes a login button that, when clicked, takes the user to the IdP for authentication.

In most workplace contexts, the SP includes an input box where the user may enter their email address. After the user enters their email address, the SP detects which IdP (if any) they use and redirects them to it.

This is how it works:

  1. After clicking the login button, the app produces an authentication request and leads the user to the IdP.
  2. The IdP checks the user's identity and creates a token before redirecting the user back to the application.
  3. The app validates the answer: Is it coming from a trustworthy IdP? Was it tampered with? Does it state the user is authenticated?
  4. Once validated, it allows the user access.

Let’s Connect

Managing identity can be complex. Let OpenIAM simplify how you manage all of your identities from a converged modern platform hosted on-premises or in the cloud.

For 15 years, OpenIAM has been helping mid to large enterprises globally improve security and end user satisfaction while lowering operational costs.

Download a Trial Contact Sales
footer-top-logo
openIAM-white-logo

All modules of our IAM platform share a common infrastructure allowing customers to see one unified identity solution versus a collection of disparate products.

  • linkedin-icon
  • facebook-icon
  • twitter-icon
  • youtube-icon

sales@openiam.com

(858)935-7561

Copyright © 2024 OpenIAM. All rights reserved.
  • Privacy Policy