Skip to main content

Integration with Web Portals

Hitachi ID Password Manager can be embedded into the user interface of a number of portal products:

  • The user interface is totally customizable and can be:

    • Stripped down, making it suitable for embedding in a portal that proxies and embeds other web applications.
    • Decorated to match the portal page, including logos and navigation, so that it appears just like a normal part of the portal, despite being one of several peer servers that share a user interface and navigation structure.

  • (1)An API is exposed by Password Manager, supporting features such as user authentication, random password generation, password policy enforcement, security question validation, password and PIN resets, etc. This can be used by third party UIs and telephony systems, for example.

    The API is available in SOAP, Windows and Unix shared object bindings.

  • (2)A web services API is exposed by Password Manager, allowing other applications to access the workflow request queue and data about users and resources.

    The API is accessed using SOAP and includes a WSDL specification. This makes it accessible across a wide range of platforms and programming languages, including Windows and Unix, .NET and J2EE, Perl, Python and PHP, etc.

    The Password Manager API supports a wide range of operations, including:

    • Submitting new workflow requests. This includes requests to:
      • Create new user profiles.
      • Add login accounts to new or existing profiles.
      • Add users to or remove users from managed groups.
      • Assign roles to users or remove roles from users.
      • Get or set user identity attributes.
    • Initiating previously configured certification rounds.
    • Searching for users, groups or roles matching specified criteria.
    • Creating, updating or deleting roles.
    • Getting or changing the set of authorizers attached to a request.
    • Approving or rejecting open requests.
    • Enumerating users per entitlement or entitlements per user.
    • Running any report and consuming its output in a streamed format (e.g., orphan/dormant accounts, stale workflow requests, SoD violations, etc.).

    The API allows organizations to develop their own request forms without having to code custom validation or authorization logic and without having to develop integrations with target systems and applications where users will be provisioned. This is helpful for specialized onboarding applications or to connect Password Manager to an IT service catalog, for example.

  • Password Manager can be set up to "trust" portal authentication of users, rather than asking users to re-authenticate.

  • New passwords, reset or synchronized by Password Manager, can be automatically updated in a portal's internal database or directory, in the event that the portal will use them to provide single sign-on to other applications.
page top page top