Why IDaaS is more than Single Sign-On

Written by Rajat Bhargava on November 21, 2016

Share This Article

Identity-as-a-Service or IDaaS, as it is widely known, is most associated with web application single sign-on. The SSO providers coined the term many moons ago as a catchy name for their cloud-based identity management platform. Of course, the analyst firms jumped on board, and the market has started to coalesce around the term.

The challenge is that nobody really knows what the term means. Vendors use it to mean whatever they want. Analysts use it to mean a submarket within the broader identity and access management space. IT organizations are understandably confused.

IDaaS is More than Single Sign-On

It is true that identity management is moving to the cloud and being delivered as-a-service. Many infrastructure-related solutions are moving in that direction. It isn’t a leap to say that cloud identity management will be the way that IT organizations handle their core user management functions.

The challenge is that IDaaS has – until now – had a pretty narrow definition. IDaaS has been most associated with web application single sign-on. Due to the way the IAM market has been structured, it didn’t make sense to have a broader meaning of the word.

Segments of the IAM Market

IdaaS vs SSO: Why IDaaS is more than Single Sign-On

The IAM market only had a few different segments until now:

Directory Services

The core, authoritative identity provider is the user store for credentials. It has also been the authentication, authorization, and device management source for many organizations. This category has been associated with Microsoft Active Directory and OpenLDAP.


This web application single sign-on service sits on top of AD or LDAP.

Privileged Identity Management

This category was for access to critical infrastructure and servers. For a variety of reasons, this category is largely fading away and being subsumed by the directory service.


Multi-factor authentication was once a separate category and segment in the IAM space. This category, too, is being subsumed into the directory services and IDaaS categories for system-level and application-level MFA.

Directory Services Consolidate the IAM Market

Categories of Idnetity and Access Management

The change in the market is really starting at the foundation. Directory services are being transformed from a once sleepy category owned by Active Directory to a dynamic, innovative approach that is becoming the central identity management platform.

In fact, modern, cloud directory services are subsuming all of these categories. The virtual identity provider is enabling access to systems, applications, and networks. It is authenticating with passwords, SSH keys, multi-factor authentication, and more. On-prem applications are as easy to manage as web applications.

The concept of identity management is changing from a layered set of solutions to an integrated, core directory service that enables and controls access to virtually all of an organization’s IT resources.

IDaaS is True Single Sign-On™ and So Much More


And that’s exactly what IDaaS should mean since it extends well beyond web application SSO now. IDaaS is the core, authoritative identity management solution for an entire organization. If you would like to learn more about the IDaaS platform from JumpCloud®, drop us a note. Also, feel free to give it a try. Your first 10 users are free forever.

Continue Learning with our Newsletter