16
OpenIDM 3.0 Identity Administration for Users, Devices and Things Anders Askåsen, Senior Technical Product Manager

OpenIDM 3.0 - What's New

Embed Size (px)

Citation preview

Page 1: OpenIDM 3.0 - What's New

  OpenIDM 3.0 Identity Administration for Users,

Devices and Things

Anders Askåsen, Senior Technical Product Manager

Page 2: OpenIDM 3.0 - What's New

2

Evolution of Identity

Employees

Consumers

Employees &Partners

Things

PerimeterPerimeter Federation

Perimeter-lessFederation

Cloud / SaaS

Perimeter-lessFederation

CloudSaaS

Mobility

AttributesContext

Stateless

Relationships

Page 3: OpenIDM 3.0 - What's New

3

OpenIDM Lightweight provisioning

Next generation modular architecture

Built on resource oriented principles

Highly extensible

Self contained

Page 4: OpenIDM 3.0 - What's New

4

OpenIDM: Target Use Cases■Embeddable

– Account Management– Self-Service

■Extranet / Customers / Partners / Suppliers– Large scale user management– Federated provisioning [Bridge]

■Enterprise– Sun IDM replacement (for target use cases)– Internal & External (hybrid) environments

Page 5: OpenIDM 3.0 - What's New

5

Core Use Case Functionality• Basic CRUD via RESTful API

• Automate (digitize) workflow processes

• Authoritative-source [HR] provisioning

• Password synchronization (AD intercept)

• Synchronize identity data

• Reporting & Compliance

• Self-service and password management• Profile & entitlement management

Page 6: OpenIDM 3.0 - What's New

6

Flexible Architecture“Plug & Play” Architecture

■ All services are designed as standalone modular resources.

■ Use & run only those modular services needed.

■ Examples of Modularity:– Repository

– Reporting

– BPM / Workflow Engine

– Scripting languages

Embeddable Architecture

■ Tiny footprint and 100%

open source for embeddable

IDM

■ Out-of-the-box REST

interfaces that use standard

development tools for all

programming languages

(e.g. -- Java, C, Perl, PHP,

Ruby, Groovy, etc)

Page 7: OpenIDM 3.0 - What's New

7

Simple API & Scripting ModelREST API

■ Manage all core functions using

REST– UI, user admin, sync,

reconciliation.

■ Mirrors World Wide Web, and

uses HTTP protocol – something

ALL developers understand

■ Platform and language

independent for enterprise,

cloud, social and mobile

environments.

JavaScript and Groovy

Scripting

■ Super friendly languages for

scripting custom rules and

business logic.

■ Standard scripting languages

attractive to massive number

of developers.

■ Scripting approach is agile,

lightweight and can be

dynamically modified at run-

time.

Page 8: OpenIDM 3.0 - What's New

8

OpenIDM 3.0 Highlights

FORGEROCK.COM | LEGAL INFORMATION

Page 9: OpenIDM 3.0 - What's New

9

OpenIDM 3.0Key Feature: Role-Based Provisioning

• OpenIDM exposes a new managed object called Managed Role that can be assigned implicitly via business logic or explicitly.

• Allows a consistent assignment and removal of entitlements and resources via a role based approach.

Page 10: OpenIDM 3.0 - What's New

10

OpenIDM 3.0Key Feature: Aggregated View (first cut)

• Provides visibility into the "link" tables.

• Aggregates identity information into a single view accessible via an endpoint.

• GET https://localhost:8443/openidm/endpoint/linkedView/managed/user/bjensen

Page 11: OpenIDM 3.0 - What's New

11

OpenIDM 3.0Key Feature: Pass-thru Authentication

• Support pass-through authentication to (nearly) any remote Resource.

• When configured, users can login to the UI based on their external credentials.

Page 12: OpenIDM 3.0 - What's New

12

OpenIDM 3.0Key Feature: Cloud Integration and Connectors

• New OpenICF Cloud Connectors- Flexible Scripted Connector- PowerShell

• New OpenICF 1.4 Framework- A widened community- Performance- Better error handling- Complex object representation

Page 13: OpenIDM 3.0 - What's New

13

OpenIDM 3.0Key Feature: User Interface Enhancements

• Easier to customize the OOTB UI with an expanded folder structure

• Customizations can be made without editing default UI files

• Configuration-based theming options - color values, background image paths, and a few other common styling values.

• Performance enhancements to manage high scale environments.

Page 14: OpenIDM 3.0 - What's New

14

OpenIDM 3.0Key Feature: Product Enhancements

• Out of the box Cluster Configuration and High Availability

• Workflow defaults and samples, including:

• User on-boarding/off-boarding• Password Change Reminders• Manager-Subordinate Certification• Manual Matching and Linking• Orphan Account Detection• End-user Access Request

Page 15: OpenIDM 3.0 - What's New

15

OpenIDM 3.0Key Feature: Scripting enhancements

A lot more power with Groovy as a product wide scripting language.

A richer ecosystems with prebuilt components. Interoperability with JVM is seemless with in your scripts!

Powerful development environment

Modular component development – maintainable code base, reuse code.

Completely dynamic script loading

Optimize caching

Business Value: Quicker to deploy, Quicker to customize, Easier to work with, Faster.

Page 16: OpenIDM 3.0 - What's New

16

Q & A

FORGEROCK.COM | LEGAL INFORMATION