KuppingerCole Report
By Richard Hill

Modular Decentralized Identity Architecture

A trend compelling IGA modernization is the need for an Identity driven security model; due to identity silos created by rapid cloud adoption. As organizations rethink their IAM/IGA systems, they may also need to utilize their existing systems while re-architecting their security environment to support new requirements. Keeping what it already has and having the ability to gradually migrate from these legacy systems to what it wants in the future using modern software architecture is pivotal. An Identity Fabric provides the agility and the integration support for what organizations already have while allowing organizations to move ahead at their own speed.

Commissioned by Kapstone

1 Introduction / Executive Summary

IT security is an ever-changing landscape that has evolved over time. The IT environment has moved on from the days of on-premises only application an ...

Login Get full Access

2 Highlights

The IT security environment is continuing to evolve to meet the growing list of requirements

Everything as a service is where everything in the IT w ...

Login Get full Access

3 The Ever-Changing IAM/IGA Digital Environment Landscape

It was once said that "The only constant in life is change" (), which is also true of Identity and Access Management (IAM). To get a sense of where ...

Login Get full Access

3.1 From Traditional IAM to Federation

Traditionally, the IT environment has run within the walls of their perimeter. IAM solutions were more monolithic and centralized. Identities were man ...

Login Get full Access

3.2 The Move to the Cloud

Cloud services gave organizations new options for IT, motivated by the business need to increase IT flexibility and scalability while reducing cost. U ...

Login Get full Access

3.3 Looking Beyond B2E and B2B

As organizations began reaching out to their customers and gathering information about the consumers using their products & services, they found that ...

Login Get full Access

3.4 Identity APIs

Now we are beginning to see Identity APIs platforms becoming available. This market is driven by the need to meet emerging IT requirements such as hyb ...

Login Get full Access

3.5 Identity Governance and Administration (IGA)

When organizations realize that Identity and Access Governance is needed, the question often asked is where does IGA fits into all of this?

The Kupp ...

Login Get full Access

4 Balancing the Existing IT Environment with New Requirements

Some of the areas discussed so far are of specific relevance to companies. Small to enterprise-sized organizations may often believe this is enough to ...

Login Get full Access

4.1 Shifts in the Market

A trend that is going well beyond Identity and Access Management is that everything is becoming a service. So, we see new solutions running as Softwar ...

Login Get full Access

4.2 Overarching Trends Affecting IAM/IGA

Some overarching trends are affecting IAM today. First, we now have this broader notion of Identity and Access Management. IAM is expanding beyond peo ...

Login Get full Access

4.3 Moving Towards Standardized Services for Digital Identities

At a high level, Identity Fabrics are how KuppingerCole sees Identity and Access Management environments in the future and how they should be construc ...

Login Get full Access

4.4 The Identity Fabric Provides an Identity API Layer

At a high level, organizations today have different types of identities that include more than just employees or even human identities that extend int ...

These Services also need to be delivered in modern architecture, and this may mean building a migration path from what an organization currently has t ...

Login Get full Access

5 Kapstone's Modular Decentralized Identity Architecture

Organizations working through its requirements related to the ever-changing application and infrastructure architectures need to take a step back and ...

Login Get full Access

5.1 The Kapstone Intelligent Identity Platform

The Intelligent Identity Platform is an abstraction layer that sits on top of multiple sources such as on-premises identity systems, Cloud PaaS, Cloud ...

Remember, Kapstone's Intelligent Identity Platform is a microservice container-based platform. Its modular architecture is one of the principles of th ...

Login Get full Access

5.2 The Kapstone Provisioning Gateway

The Kapstone Provisioning Gateway (KP) aligns with the Identity Fabric through its platform's ability to interoperate and integrate with multiple iden ...

Key Features of Kapstone Provisioning Gateway

  • SaaS solution with Rapid application onboarding through No Code application integration

  • Inte ...

Login Get full Access

5.3 Kapstone's Support for Standard APIs, Integrations, & DevSecOps

Another principle of Identity Fabrics is the use of Application Program Interfaces (APIs). APIs are vital to enabling a services-based approach to IAM ...

Login Get full Access

6 Recommendations

There are many factors to consider when approaching Identity Governance and Administration (IGA) in your hybrid IT environment, and KuppingerCole reco ...

Login Get full Access


©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.