A cloud identity bridge describes exactly what you might think – a utility that extends user identities to bridge the gap between on-prem and cloud infrastructure. The latest iteration of this tool is JumpCloud’s AD Bridge. While JumpCloud’s unified cloud directory is able to act as a standalone directory, AD Bridge was created for organizations that want to continue using Microsoft® Active Directory® as their identity provider. AD Bridge allows these organizations to maintain Active Directory as the authoritative source of truth, while also extending selected users and systems to web-applications, cloud infrastructure, non-Windows systems (Macs and Linux), and even unbound Windows systems.
Why Extend Identities to the Cloud?
Hybrid infrastructure is the product of a world in transition from on-prem to cloud infrastructure. We’re at a point in history where traditional Windows on-prem infrastructure is becoming obsolete in favor of cloud replacements like SaaS applications (e.g. Salesforce, G Suite, GitHub, Slack), hosted infrastructure (e.g. AWS, GCP), non-Windows systems (e.g. Mac, Linux) – the list goes on.
Yet, while on-prem infrastructure is dying out, it’s not going down without a fight. Directory services are a foundational element of an organization’s infrastructure. While many startups are able to go full-cloud from the onset, unfortunately many well-established organizations are caught with one foot on-prem and one in the cloud. These organizations are ideal candidates for AD Bridge.
History of the Identity Bridge
When AD was first released in 2000, there was no need for a cloud identity bridge. In fact, the concept of the cloud hadn’t really been fully developed yet. It was a point in time when web applications were only just being introduced and not widely implemented. Instead, most organizations leveraged Windows legacy applications and Windows-centric IT infrastructure, all of which was on-prem.
As web applications gained traction, IT admins ran into difficulties using AD to manage non-Windows resources and web services. The need to better manage access to web apps created an opportunity for SSO providers, as they are now called, to create cloud identity bridges to extend AD credentials to manage these new cloud resources.