KuppingerCole Report
Executive View
By Martin Kuppinger

OpenIAM Identity and Access Management

OpenIAM provides a comprehensive suite for both Identity Management and Access Management, covering the full range from Identity Provisioning and Access Governance to Enterprise SSO, Cloud SSO, and Identity Federation. The product is based on a modern, well-thought-out software architecture and exposes its capabilities through a consistent API layer, which makes it an interesting option for organizations looking for an “identity platform”.

1 Introduction

IAM (Identity and Access Management) requirements of organizations not only differ vastly, but are also undergoing massive change. The history of IAM started with homegrown solutions and evolved to COTS (commercial off the shelf) software for various areas of IAM. Now we observe both a growing number of organizations moving to SaaS models and, on the other hand, more organizations which need to integrate their IAM solutions tightly with their business processes and applications. This latter trend drives the demand for “Identity Platforms”, which allow for flexible customization of the IAM solution and integration into business solutions.

We observe such demand in both customer-facing scenarios and in employee-facing environments. IAM is increasingly considered to be not only a turnkey solution but also a capability that needs to tightly integrate with existing and future applications. This requires both a strong set of out-of-the-box features and a comprehensive set of APIs that allow for flexible integration with other types of applications and services.

Thus, there is a growing need for Identity Platforms, be it as an on premises platform or an API platform run as a cloud-based service. Traditional Enterprise IAM is focused on efficient and complex processes in a structured environment, with little integration into other applications. This is changing, with integration being a challenge in many organizations, but also when it comes to new types of services such as Consumer IAM and managing consumer IoT devices. There, such integration is essential to provide one consistent interface to the customer, not only and not even primarily for the management of his identity and access, but for the business functions that rely upon well-managed identities, flexible authentication, and the coordinated management of things.

From the KuppingerCole perspective, there are some key requirements for such platforms. One is scalability. A second key requirement is flexibility. Identity Platforms must provide a good baseline level of user interfaces and standardized capabilities, but, in particular, they must deliver flexibility for integration into business applications and services. Supporting that integration, starting with a comprehensive and well-thought-out set of APIs, and flexible customization are essential for such platforms.

Finally, there is the need for strong standards support. When interacting with consumer devices for authentication, when being integrated into existing customer business application and services, and when being built for growth and a flexible and rapid extension and adaptation to new requirements, standards take on a central role. Identity Platforms deliver the backend and the services for building new customer-facing solutions, by delivering both APIs and broad standards support.

They thus also must follow a modern architectural paradigm, providing the flexibility for customization and expansion of such platforms. Microservice architectures are the choice of today, moving away from complex, monolithic software architectures to more flexible and expandable approaches. Also availability in different form factors, including soft appliances and managed service or cloud-based deployments, are essential for covering the variety of customer requirements.

2 Product Description

OpenIAM is a vendor which has been in the IAM market for several years now. They have moved from an open source model to a model which mandatorily inv ...

Login Get full Access

3 Strengths and Challenges

In sum, OpenIAM is an interesting alternative for both on premises IAM implementation and IDaaS B2E deployments (IDaaS B2E being focused on managing h ...

Login Get full Access


©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.