Home » Security Bloggers Network » Group Attributes Streamline Access to AWS and Other Web Apps

Group Attributes Streamline Access to AWS and Other Web Apps

JumpCloud’s Directory Platform has a new way for administrators to assign attributes to groups of users to simplify and strengthen SAML-based federated access to work applications.

New group inherited user attributes — for String, Number, Boolean, and JSON attributes — let admins define roles for applications and RADIUS reply attributes that will automatically apply to all the members of that group within JumpCloud. This not only saves admins the chore of assigning attributes one by one to users, it also makes sure the right end users have appropriate roles and access permissions for the work applications they need without friction.

Find feature details below, and info on how group inherited user attributes can be applied to one of the most popular work applications at modern offices: AWS.

Managing Secure Access to Apps at Work

Many diverse cloud applications are used at organizations today; there’s an app for everything an employee needs to achieve (and if one doesn’t exist already for a specific need, it probably will before long). To make sure end users can access their work apps, IT admins need a way to securely federate core user identities to cloud-based services and connect end users to the tools they need.

The concept of identity federation services has been evolving from early generations of SAML-based services and now includes other authentication protocols as well. When Microsoft^® Active Directory^® (AD) was still the primary directory solution available but IT environments were expanding to include more than just Windows and on-premises resources, IT needed to federate AD user identities to non-Windows^® (meaning, Mac^® and Linux^® devices) and cloud-based services such as web applications. That initially caused organizations to patch together different identity management solutions for different resources, resulting in a tech stack with siloed point tools and third-party add-ons.

Today, JumpCloud’s comprehensive device, identity, and access management platform lets administrators connect employees to the resources they need securely, handling federated access for SAML assertions without any other third-party identity services. What does this look like in action? Read on for a description of how it works for (Read more...)