Virtual IdP

By Vince Lujan Posted January 26, 2018

The identity provider (IdP) is one of the most important pieces of technology within an IT organization. It connects users to the IT resources they need. The challenge has been that traditional IdPs like Microsoft® Active Directory® (AD) are complicated on-prem solutions. This is one of many reasons why IT admins are curious if a virtual IdP is available.

The good news is that a next generation virtual IdP has emerged called JumpCloud® Directory-as-a-Service®. However, in order to understand the benefits of this virtual IdP, let’s begin by describing the characteristics of legacy IdPs.

Characteristics of Legacy Identity Providers

Modern directory services are variations of the Lightweight Directory Access Protocol (LDAP). LDAP was created by Tim Howes, a JumpCloud advisor, and his colleagues at the University of Michigan. Their innovation kicked off the concept of the IdP in 1993.

Two of the most popular on-prem identity management platforms are based on LDAP. The first is OpenLDAP, the open source implementation of the protocol. The other solution combined LDAP with the Kerberos protocol and is known around the world as Active Directory.

Ultimately, AD would win over the commercial market primarily because of their tight integration with Windows®, which dominated the industry at the time. Nevertheless, AD and OpenLDAP are both successful on-prem IdPs that can trace their lineage back to the creation of LDAP.

The on-prem approach to identity management worked well until the IT landscape started to change in two major ways. The first change came from a proliferation of new platforms and operating systems (e.g., Mac & Linux). The other major change was the shift to the cloud via web applications (Salesforce, Dropbox, Box) and Infrastructure-as-a-Service (AWS, GCP). Both of these massive changes put pressure on the core identity provider within an organization, most often AD.

An entire generation of single sign-on (SSO) solutions were created in response to this pressure. These solutions were effectively add-ons designed to extend on-prem identities to the cloud and beyond. The add-on approach can be effective, and it remains one of the most popular methods of IT management today. However, it is far from ideal. This is because IT organizations must layer multiple add-on solutions to support the wide array of resources that cannot be managed with the on-prem IdP directly. In other words, IT will need an add-on for Macs, an add-on for Linux, one for Salesforce, another for G Suite, and so on.

It is easy to see how this approach is unsustainable, especially as more IT resources shift to the cloud and diversify. These are a few of the reasons why IT organizations are interested in a virtual IdP called JumpCloud Directory-as-a-Service. In short, this cloud identity management platform delivers simplicity by providing a comprehensive set of management tools for virtually any IT resource, without the hassle of maintaining a complicated on-prem infrastructure.

Next Generation Virtual Identity Provider

virtual true sso

JumpCloud Directory-as-a-Service is a next generation virtual identity provider with the power to connect users to their systems, applications, files, and networks. Said another way, this cloud directory platform is AD and LDAP reimagined. Yet, JumpCloud is more than just a hosted instance of AD or OpenLDAP. Rather, this comprehensive management platform can connect users to systems (e.g., Windows, Mac, Linux), on-prem applications (OpenVPN, Oracle), web applications (Salesforce, Dropbox), cloud infrastructure (AWS, GCP), cloud productivity platforms (G Suite, Office 365), cloud storage (Google Drive, Dropbox, Box), Samba file servers and NAS appliances (Synology, QNAP), networks via RADIUS, and more.

The cloud platform can even be a boon to security. IT admins can configure password complexity requirements, enable multi-factor authentication (MFA), and deploy JumpCloud Policies that are akin to AD GPOs on Mac and Linux devices as well as Windows. The best part is that JumpCloud Directory-as-a-Service effectively eliminates the need for on-prem identity management infrastructure. Instead, IT organizations simply pay for what they use, and JumpCloud takes care of the rest.

Learn More about the Next Generation Virtual IdP

Check out our video to get up and running with JumpCloud Directory-as-a-Service. You can also contact the JumpCloud team, or sign up for a Directory-as-a-Service account and see a virtual IdP in action. Your first ten users are free forever to help you explore the full functionality of our platform at no cost. We don’t even require a credit card to get started.

Vince Lujan

Vince is a writer and videographer at JumpCloud. Originally from a small village just outside of Albuquerque, he now calls Boulder home. When Vince is not developing content for JumpCloud, he can usually be found doing creek stuff.

Recent Posts