Introduction to Identity-as-a-Service (IDaaS)

By Zach DeMeyer Posted February 18, 2019

Introduction to IDaaS

The term Identity-as-a-Service (IDaaS) joined our lexicon in the late 2000s as a description for web application single sign-on (SSO) platforms. Since then, though, the term has taken on a new and broader meaning. In this article, we’ll provide a modern introduction to Identity-as-a-Service.

Establishing IDaaS

When web application SSO solutions first emerged, they wanted to brand themselves as a more significant solution than just connecting users to web apps. These vendors were interested in differentiating themselves from their on-prem identity provider brethren. Although they were mostly used in tandem with directory services like Microsoft® Active Directory® (AD), web app SSO solutions were cloud-based. So, to accentuate their cloud heritage and Software-as-a-Service (SaaS) delivery, SSO developers coined the term, Identity-as-a-Service.

Of course, to get a category name to stick, you need to convince the analysts and pundits that it is a new and interesting one. These constituents were also excited to create a new category because of building interest in cloud-based IT management tools at the time. While the name wasn’t very accurate (it was cloud-based web application SSO, after all), it stuck and a fancy new category in the identity and access management space was born.

Early IDaaS


The first generation of IDaaS was just what we said, web application SSO. IT organizations would have their on-prem directory service, in most cases Active Directory, and federate those credentials to the web application SSO platform. While the identity was really stored within the on-prem directory service and the IDaaS platform was essentially just extending it to web applications, the concept was still quite useful.

Over time, these first generation Identity-as-a-Service platforms became quite popular. The IT landscape underneath them, however, was shifting and morphing with new resources. macOS® and Linux® systems, AWS® cloud infrastructure, NAS appliances and Samba file servers, and more entered the space. These new options gave first generation IDaaS solutions a run for their money, as these SSO solutions couldn’t help federate AD to the new types of IT resources. The result was not necessarily that first generation IDaaS solutions weren’t useful, but rather that the core directory service needed to be rethought.

Reimagining AD and IDaaS

With that thought process, a new generation of cloud directory service was created to connect users to virtually all of their IT resources including systems, servers, file servers, networks, and, of course, web and on-prem applications. This modern approach to cloud identity management includes web application SSO within their platform and acts as the core identity provider for an organization.

Now, this approach sounded a lot more like true Identity-as-a-Service, where a single identity could be connected to virtually all IT resources. This includes Windows®, Mac®, and Linux systems, web and on-prem applications such as GitHub, Slack, Kubernetes, and more, AWS cloud servers, file servers, and wired and WiFi networks. Such an IDaaS experience is available from JumpCloud® Directory-as-a-Service®.

Learn More

Now, after making it through the introduction to Identity-as-a-Service, explore modern IDaaS with JumpCloud. You can try Directory-as-a-Service completely free, with ten users included to get you started. If you have any questions about JumpCloud IDaaS, feel free to contact us.

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

Recent Posts