What are Identity Federation Services?

Written by Vince Lujan on March 4, 2019

Share This Article

What are identity federation services? Identity Federation Services refer to a category of identity management solution that is focused on extending user identities to a variety of IT resources such as web applications, cloud servers, disparate systems, and more. Some of the most popular examples of identity federation services include web application single sign-on (SSO), privileged identity management, and directory extensions.

Identity federation services are generally layered on top of legacy identity management solutions—usually Microsoft® Active Directory® (AD)—to extend traditional user identities to non-Windows or cloud-based IT resources. However, as more of these disparate IT resources come to market, more IT organizations have found that traditional identity federation services are starting to break down.

How did Identity Management get here?

The modern concept of identity federation services emerged in the early-2000s, as web applications such as Salesforce® and Google Apps (now called G Suite) came to market. Prior to that, virtually all IT resources were on-prem and Windows-based, and IT admins could use Active Directory to effectively manage them all. However, web applications like Salesforce and Google Apps were not Windows-based, nor were they on-prem. In fact, many cloud innovations such as these were a direct attack on long-standing Microsoft solutions such as the on-prem Office® suite of applications. Not surprisingly, Microsoft wasn’t interested in offering AD support for competing platforms. Consequently, many of these new innovations in the IT space couldn’t be managed directly with AD alone.

Of course, this is when first generation SAML-based identity federation services, otherwise known as Identity-as-a-Service (IDaaS) or Single Sign-On (SSO), emerged to bridge the gap. Then came similar add-ons for RADIUS, SSH, and other identity federation services. Through the years, IT organizations have seen this pattern repeat itself again and again as more non-Windows and cloud-based resources have come to market, each requiring their own flavor of identity federation services in an AD environment. And, while admins could continue to leverage a patchwork of siloed identity management solutions to support their modern identity management needs, most would rather shift to a comprehensive cloud identity provider that doesn’t require a list of third-party add-ons to shuttle identities to their disparate IT resources.

Where is Identity Management Going?

The evolution of directory services

Fortunately, a next generation cloud identity federation service has emerged that can securely manage and connect users to virtually any IT resource via a single, comprehensive directory services solution. This comprehensive cloud directory not only federates user identities, but can also play the role of the core identity provider, enabling IT organizations to securely manage user identities from one centralized location. It’s called JumpCloud® Directory-as-a-Service® (DaaS), and it is a cross-platform, vendor-neutral, protocol-driven approach to delivering directory services from the cloud—all without the need for additional third-party identity federation services.

Contact JumpCloud to learn more about the Directory-as-a-Service platform, and to see how it can consolidate all of your identity federation services into One Directory to Rule Them All®. Sign up for a free account and check it out for yourself. We offer 10 users free forever to help get you started.

Vince Lujan

Vince is a writer and video specialist at JumpCloud. Originally from the horse capital of New Mexico, Corrales, he has lived in Boulder, Colorado for three years. When Vince is not developing content for JumpCloud, he can usually be found at the Boulder Creek.

Continue Learning with our Newsletter