What are identity federation services? Identity Federation Services refer to a category of identity management solution that is focused on extending user identities to a variety of IT resources such as web applications, cloud servers, disparate systems, and more. Some of the most popular examples of identity federation services include web application single sign-on (SSO), privileged identity management, and directory extensions.
Identity federation services are generally layered on top of legacy identity management solutions—usually Microsoft® Active Directory® (AD)—to extend traditional user identities to non-Windows or cloud-based IT resources. However, as more of these disparate IT resources come to market, more IT organizations have found that traditional identity federation services are starting to break down.
How did Identity Management get here?
The modern concept of identity federation services emerged in the early-2000s, as web applications such as Salesforce® and Google Apps (now called G Suite™) came to market. Prior to that, virtually all IT resources were on-prem and Windows-based, and IT admins could use Active Directory to effectively manage them all. However, web applications like Salesforce and Google Apps were not Windows-based, nor were they on-prem. In fact, many cloud innovations such as these were a direct attack on long-standing Microsoft solutions such as the on-prem Office® suite of applications. Not surprisingly, Microsoft wasn’t interested in offering AD support for competing platforms. Consequently, many of these new innovations in the IT space couldn’t be managed directly with AD alone.
Of course, this is when first generation SAML-based identity federation services, otherwise known as Identity-as-a-Service (IDaaS) or Single Sign-On (SSO), emerged to bridge the gap. Then came similar add-ons for RADIUS, SSH, and other identity federation services. Through the years, IT organizations have seen this pattern repeat itself again and again as more non-Windows and cloud-based resources have come to market, each requiring their own flavor of identity federation services in an AD environment. And, while admins could continue to leverage a patchwork of siloed identity management solutions to support their modern identity management needs, most would rather shift to a comprehensive cloud identity provider that (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/identity-federation-services/