Cloud Identity Provider Comparison

The identity provider (IdP) market is a cornerstone of the world of IT. The market itself has largely been confined to
Microsoft® Active Directory® (MAD or AD) and OpenLDAP™ over the last twenty years. In the cloud age, however, new challengers are entering the IdP scene. The thought of a new era in identity management and engaging in a cloud IdP comparison is an exciting one.

The Reigning IdP Champions

The Reigning IdP ChampionsAs stated earlier, the traditional IdP space was dominated by MAD and OpenLDAP. During their heyday, most (if not all) IT environments were Windows®-based, so creating identities for the workforce’s end users was quite simple. Since IT resources were under the same platform “umbrella,” one identity could authenticate user access to everything, be it Exchange™, Office™, Outlook™, etc.

With the advent of cloud technology, however, the IdP champions’ belts came under contention. New web-based resources, such as Salesforce, AWS®, G Suite™, Dropbox™, etc. revolutionized the way that the workforce operated. They also presented an interesting challenge to MAD and OpenLDAP. Both IdPs were optimized for on-prem, Windows-based enterprises, so these new cloud applications were very foreign to MAD and OpenLDAP’s sensibilities.

And In this Corner…

directory services vs SSOIf you think of identity providers on a per platform basis where the platforms are cloud providers, then looking at Google, Microsoft, and Amazon will make a lot of sense. Each of these providers has a cloud IAM solution, Google Cloud Identity, Azure® Active Directory, and AWS IAM, respectively. Each one acts as a user management system for the company’s proprietary services, and then usually a single sign-on solution for web applications. Their approach, though, is hardly an identity provider in the original sense of the phrase.

The IDaaS vendors or web application single sign-on (SSO) folks will also consider themselves to be identity providers. However, in actuality they are the identity federators to web applications. Their identities are often generated from other identity providers such as Active Directory or OpenLDAP. Just like with per platform solutions, these don’t perform as a robust identity provider either.

Results (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at:

Zach DeMeyer

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

zach-demeyer has 190 posts and counting.See all posts by zach-demeyer