Accounts and groups:

  • Create, manage and delete accounts on groups across systems.
  • Update attributes and assign/revoke group memberships.


  • Monitor one or more systems of record (SoR).
  • Generate requests to grant, revoke access.

Request portal:

  • Users can request for themselves or others.
  • Access control model limits visibility, requestability.


  • Initiated by the system (event, schedule).
  • Stake-holders review identities, entitlements.
  • Generates deprovisioning requests.


  • Invite authorizers, implementers, certifiers to act.
  • Built-in reminders, escalation, delegation and more.
  • Selects participants via policy, not flow-charts.

Policies, controls:

  • RBAC, SoD.
  • Risk scores, analytics.
  • Approvals, recertification.


  • 120+ bidirectional connectors, included.
  • Manage resources including mail boxes, home directories and badges.
  • Incident management, SIEM, e-mail, 2FA.
  • Manage building access, physical assets.