JumpCloud Office Hours: Join our experts every Friday to talk shop. Register today

What are Identity Federation Services?



What are identity federation services? Identity Federation Services refer to a category of identity management solution that is focused on extending user identities to a variety of IT resources such as web applications, cloud servers, disparate systems, and more. Some of the most popular examples of identity federation services include web application single sign-on (SSO), privileged identity management, and directory extensions.

Identity federation services are generally layered on top of legacy identity management solutions—usually Microsoft® Active Directory® (AD)—to extend traditional user identities to non-Windows or cloud-based IT resources. However, as more of these disparate IT resources come to market, more IT organizations have found that traditional identity federation services are starting to break down.

How did Identity Management get here?

The modern concept of identity federation services emerged in the early-2000s, as web applications such as Salesforce® and Google Apps (now called G Suite) came to market. Prior to that, virtually all IT resources were on-prem and Windows-based, and IT admins could use Active Directory to effectively manage them all. However, web applications like Salesforce and Google Apps were not Windows-based, nor were they on-prem. In fact, many cloud innovations such as these were a direct attack on long-standing Microsoft solutions such as the on-prem Office® suite of applications. Not surprisingly, Microsoft wasn’t interested in offering AD support for competing platforms. Consequently, many of these new innovations in the IT space couldn’t be managed directly with AD alone.

Of course, this is when first generation SAML-based identity federation services, otherwise known as Identity-as-a-Service (IDaaS) or Single Sign-On (SSO), emerged to bridge the gap. Then came similar add-ons for RADIUS, SSH, and other identity federation services. Through the years, IT organizations have seen this pattern repeat itself again and again as more non-Windows and cloud-based resources have come to market, each requiring their own flavor of identity federation services in an AD environment. And, while admins could continue to leverage a patchwork of siloed identity management solutions to support their modern identity management needs, most would rather shift to a comprehensive cloud identity provider that doesn’t require a list of third-party add-ons to shuttle identities to their disparate IT resources.

Where is Identity Management Going?

The evolution of directory services

Fortunately, a next generation cloud identity federation service has emerged that can securely manage and connect users to virtually any IT resource via a single, comprehensive directory services solution. This comprehensive cloud directory not only federates user identities, but can also play the role of the core identity provider, enabling IT organizations to securely manage user identities from one centralized location. It’s called JumpCloud® Directory-as-a-Service® (DaaS), and it is a cross-platform, vendor-neutral, protocol-driven approach to delivering directory services from the cloud—all without the need for additional third-party identity federation services.

Contact JumpCloud to learn more about the Directory-as-a-Service platform, and to see how it can consolidate all of your identity federation services into One Directory to Rule Them All®. Sign up for a free account and check it out for yourself. We offer 10 users free forever to help get you started.


Recent Posts
The MDM Custom Configuration Profile policy gives admins new device management controls that they can use fit to their organizations’ needs.

Blog

Deploying Custom Configuration Profiles to MDM-Enrolled macOS Systems using a JumpCloud Policy

The MDM Custom Configuration Profile policy gives admins new device management controls that they can use fit to their organizations’ needs.

OpenLDAP and Apache Directory Server are both popular solutions — but another alternative is cloud-hosted LDAP. Try JumpCloud free today.

Blog

Apache Directory Server vs. OpenLDAP

OpenLDAP and Apache Directory Server are both popular solutions — but another alternative is cloud-hosted LDAP. Try JumpCloud free today.

See all of the new features and updates available in Directory-as-a-Service in the July '20 edition of the JumpCloud Newsletter.

Blog

July ’20 Newsletter

See all of the new features and updates available in Directory-as-a-Service in the July '20 edition of the JumpCloud Newsletter.