Capabilities of an IDaaS Solution

IDaaS capabilities

The term IDaaS (Identity-as-a-Service) was created by analysts to describe the web application single sign-on (SSO) category. It’s not really clear why they chose the term because it wasn’t technically accurate, but it seems to have stuck. Today, the meaning of the term is changing to a more accurate description. Identity-as-a-Service is morphing from being a web app SSO construct to a much broader description of the cloud identity management market. In this post, we will examine the capabilities of an IDaaS solution, and how it got to where it is today.

Origins of IDaaS

As mentioned, the term IDaaS was originally created to refer to web application SSO providers. The market evolution that led to this started with the advent of web applications (e.g., Salesforce®, Google Apps a.k.a G Suite). When web apps came into prominence, the core identity provider for most organizations was Microsoft® Active Directory® (AD). AD was designed to control access to on-prem Windows systems and applications, and it did so well. When combined with a domain controller, AD was the mechanism used to authenticate users into the network.

The directory was important to the origination of the IDaaS term because of its limitations. As web applications began to appear, Active Directory struggled to manage access to these non-Windows resources located in the cloud. Instead of adapting to the innovations, however, AD decided to let third party vendors do the work. The result was a generation of web application single sign-on providers that moved in to solve the problem. These solutions would leverage the AD identity provider as the authoritative source of truth, and extend those identities to web applications. As these web application SSO solutions started to be delivered from the cloud, analysts and vendors jumped on the term Identity-as-a-Service or IDaaS.

While the name may be a misnomer for the category due to the fact that the core identity is really with the on-prem directory service, it still caught on. It’s now a term that is thrown around the industry a great deal.

(Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Jon Griffin. Read the original post at:

Jon Griffin

Jon Griffin works as a writer for JumpCloud, an organization focused on bringing centralized IT to the modern organization. He graduated with a degree in Professional and Technical Writing from the University of Colorado Colorado Springs, and is an avid learner of new technology from cloud-based innovations to VR and more.

jon-griffin has 169 posts and counting.See all posts by jon-griffin