Identity Manager enables automated, self-service and policy-driven management of users and entitlements with:
Identity Manager monitors one or more systems of record (such as HR) and detect changes, such as new hires and terminations. It creates, modifies and deletes accounts and assigns or revokes entitlements on integrated systems to reflect these changes.
Users sign into a Identity Manager web portal to request changes to their own or others' profiles. Changes may include updates to identity information, such as contact information or organizational affiliation, or changes to entitlements, such as requesting membership in groups or assignment of roles.
An included workflow engine validates and completes requests submitted via the request portal, API or CLI. The workflow engine invites users to participate in processes, by approving requests, reviewing and recertifying identities and entitlements or manually completing approved changes.
Business stake-holders are periodically invited to review the users and security entitlements in their scope of authority. They either certify that each user or entitlement remains business-appropriate or flag it for removal.
Identity Manager enforces a variety of policies, including:
Identity Manager includes a many reports, dashboards and analytics, which answer questions about current and historical identities and entitlements, analyze workflow activity and trends, seek patterns in entitlements and roles and identify policy violations.
Identity Manager reads current-state information and automatically write updates to accounts on over 120 kinds of systems, including directories, on-premise and SaaS applications and various systems. Identity Manager also includes workflow processes to invite people to complete tasks, where automated integration is uneconomical or technically infeasible.
Identity Manager includes an inventory tracking system, used to track assets such as building access badges, tokens, etc. It automates the distribution and collection of such assets to/from authorized users.
Identity Manager merges and normalizes identity attributes from multiple sources to construct an internal meta directory. Changes are pushed out to integrated systems.