IDaaS

Make identity management a painless experience and eliminate Identity Silos

The Beta™ Version of IDaaS is now available in Singapore

Identity & Access Management (IAM)

Alibaba Cloud Identity as a Service (IDaaS) is a cloud-based identity and access management service (IAM) covering comprehensive functions that enable user portal, user directory, flexible authentication, single sign-on, centralized authorization, and audit reporting.

Provide Enterprise-Level Unified Identity Service

IDaaS plays a central role in enterprise identity management by removing ID silos and enabling one account-access-all function. IDaaS incorporates advanced security technologies that will facilitate identity management and enable enterprises to enhance their identity security to improve management efficiency.

Eliminate Redundant Passwords for All Users

IDaaS supports all standard SSO protocols, which allows enterprises to connect to all mature enterprise services. Passwords are eliminated and security risks are reduced significantly. Users can painlessly and securely store dozens of passwords.

Connect Identities among Sources across Cloud Platforms

IDaaS may serve as a bridge for other cloud platform identities to be connected to Alibaba Cloud. A cloud identity management solution is usually the fundamental requirement for an enterprise to set foot in cloud services. IDaaS can bridge identities between Alibaba Cloud, private environments, and several public cloud providers.

Cloud-Based Identity Security Platform

5A Unified Certification Platform

Application

Docking web applications, mobile applications, desktop applications, and IoT devices provide users with integrated services that include access control, single sign-on, and application portals.

Authorization

According to the department or role of the user, the accessible range can be managed easily. Authorization or revocation can be centralized to achieve one configuration and take effect globally.

Account

Provide unique user identity data for enterprise information construction with complete account life cycle management.

Audit

Trace user behaviors and provide real-time audit reports to keep managers informed about the efficiency of the company’s digital assets.

Authentication

Centrally verify user identity, configure multi-factor authentication (MFA), and support third-party authentication sources.

How Can I Use It ?

1

Data initialization

Push the data from the identity source to IDaaS to complete the initialization of the IDaaS account data. IDaaS supports excel import, SCIM push, and AD/LDAP import to achieve this goal.

2

Application Integration

Integrate all current applications into IDaaS. Complete single sign-on integration through the standard single sign-on protocol or through IDaaS customization for large clients.

3

Provisioning Integration

Integrate according to standard the SCIM/LDAP protocol to provision from and to IDaaS. IDaaS may also provide customized services to integrate with other incompatible third-party applications.

4

Permission System Integration

Define the resource, role, and permission relationship in IDaaS through API to complete the permission integration of the application system.

5

Authentication Integration

Use AD credentials, biometrics, SMS verification, code and common social logins as external authentication sources to access IDaaS. Enable our Authentication Adapter Management menu after some simple configuration.

Use Scenarios

  • Single Sign-On for Enterprise Applications
  • Unified User Directory
  • Unified Identity Authentication
  • Centralized Access Authorization
  • Unified Behavior Audit
Single Sign-On for Enterprise Applications

Help companies build proprietary portals

Employees, partners and customers of the enterprise can access all authorized applications with one click through the unified portal provided by IDaaS.

Solutions

  • Decentralized login address and password management issues

    The application systems introduced by enterprises are increasing year after year, and users need to remember more addresses and passwords. This can easily lead to problems, such as reduced work efficiency and difficulty in promoting new applications.
    At the same time, some countermeasures commonly used by users when managing multiple passwords, such as simple passwords and the same passwords, also bring more security risks that allow attackers to access your system easily.

Unified User Directory

Cloud-native directory service

Provide unique user identity data for enterprise information construction, and centralized account lifecycle management, with updates automatically synchronized downstream, unlimited expansion, and permanent online.

Solutions

  • Solve the problem of employee account information silos and management omissions

    Due to the information solis problem caused by development isolation between multiple application systems of the enterprise, the process of employee onboarding and transfer is complicated and time-consuming, and the account permissions are not completely recovered after leaving the job.

  • Additional R&D and O&M costs

    The local deployment of directory services by an enterprise requires a large amount of operation and maintenance resources and requires periodic application for authorization for capacity expansion. At the same time, the repeated construction of account management by each application system brings new R&D and maintenance costs.

Unified Identity Authentication

Provide a unified multi-factor certification center

It can centrally configure authentication factors other than multiple passwords, including biometrics such as dynamic tokens, certificates, faces, and fingerprints. A variety of common third-party certification sources can be integrated. At the same time, it provides a developer API to support other applications to use IDaaS's identity authentication capabilities.

Solutions

  • Security issues caused by password vulnerability

    Easy password settings places enterprise IT system under huge security risks causing system vulnerability of both database and application from illegal cyber activities. It has been proved countless incidents of credentials leakage and even customer digit assets lost that had caused irreversible economic results.

Centralized Access Authorization

Provide visual centralized authorization capabilities

According to the user name or the department where the user is authorized to access it, it can be configured once and take effect globally.

Solutions

  • Decentralized authorization management issues

    When dealing with requirement of various applications authorization distributed over multiple domains, extra resources are required and is therefore placing enterprise subjected to additional IT management cost.
    Whenever there occurs organization structure change that causes possible improper authorization operations there would always trigger risky interruption to daily enterprise operation.

Unified Behavior Audit

Help managers understand user behavior and asset usage at any time

Detailed records of all user behaviors and administrator operations, and the formation of visual reports, allowing managers to keep track of the use of corporate digital assets at any time.

Solutions

  • Decentralized audit log issues

    Traditional logging systems is not regarded as management friendly and to build up from ground a centralized log-based auditing system normally introduces increased IT development cost.
    Meanwhile setup of identifying system of malicious access or other potential risky behaviors by users’ historical behaviors would not be possible with current decentralized logging systems.

Upgraded Support For You

1 on 1 Presale Consultation, 24/7 Technical Support, Faster Response, and More Free Tickets.

1 on 1 Presale Consultation

Consulting by experienced cloud experts.Learn More

24/7 Technical Support

Extended service time from 10 hours 5 days a week to 24/7. Learn More

6 Free Tickets per Quarter

The number of free tickets doubled from 3 to 6 per quarter. Learn More

Faster Response

Shorten after-sale response time from 36 hours to 18 hours. Learn More

Do you have any question about IDaaS?