Hitachi ID Identity Manager enables automated, self-service and policy-driven management of users and entitlements with:
Identity Manager monitors one or more systems of record (such as HR) and detect changes, such as new hires and terminations. It creates, modifies and deletes accounts and groups and manages entitlements on integrated systems to reflect these changes.
Users sign into an Identity Manager web portal to create or manage user profiles, accounts or groups. This includes self-service, where requesters modify their own profiles or groups they own, or delegated access, where requesters ask to change another user's group memberships, assigned roles or identity attributes.
An included workflow engine validates and completes requests submitted via the request portal, API or CLI. The workflow engine invites users to participate in processes, by approving requests, reviewing and certifying identities and entitlements or manually completing approved changes.
Business stake-holders are periodically invited to review users, security entitlements and policy objects within their scope of authority. They either certify that each item remains business-appropriate or request corrections, such as transferring a coworker to a new manager, revoking an access rights, correcting an identity attribute or updating a role or SoD rule.
Identity Manager enforces a variety of policies, including:
Identity Manager includes many reports, dashboards and analytics, which answer questions about current and historical identities and entitlements, analyze workflow activity and trends, seek patterns in entitlements and roles and identify policy violations.
Identity Manager reads current-state information and automatically writes creates or updates accounts and groups on over 130 kinds of systems, including directories, on-premises and SaaS applications and various systems. Identity Manager also includes workflow processes to invite people to complete tasks, where automated integration is uneconomical or technically infeasible.
Identity Manager includes an inventory tracking system, used to track assets such as building access badges, tokens, etc. It automates the distribution and collection of such assets to/from authorized users.
Identity Manager merges and normalizes identity attributes from multiple sources to construct an internal meta directory. Changes are pushed out to integrated systems.