Authoritative source or Identity store is the source of the data that flow down to the Identity Management System. An authoritative source or identity store is simply a directory or database that contains people’s identity detail. Usually this Authoritative source contains information like employeeId, fistname, lastname, telephone, e-mail, department, etc.
One of the challenges to implement the Identity Management solutions is to determine what the Authoritative source is. Sometimes the information or the identity data is not consolidated in one place and the Identity Management system needs to pull out identity data from multiple locations (Human Resource System, Directory Server System, Paper or any other company identity source).
A good practice when the company doesn’t have a unique authoritative source is to use a virtual directory, database view or table just for identity management system.
Some common authoritative sources are:
- Microsoft’s Active Directory, Novell’s eDirectory, the SunONE directory
- MySQL , DB2 for MVS applications, Oracle for Oracle applications, SQL for .NET applications
To start gathering the requirements from the Authoritative source on identity management solution, you need to ask:
o Do you have identified your authoritative sources?
o What’s your authoritative source?
o Is there an HR database involved?
o How unique id’s are generated for employees?
o What is my corporate identity store?
o Is there a single authoritative identity store where all my users reside?
o Do you have more than one authoritative resource?
o How many data sources are there?
o How often is the data updated?
o What attribute are available?
o Which attributes uniquely identify users?
o Which attribute identify a user state? What states exist?
o In what format is the data available?
o Which attributes are unique?
o Which attributes are required?
o Which attributes are multi-valued?
o How will missing values is handled?
o Are there default values?
o Do we need a clean up before push those data into the identity management solution?
o Which attribute will always have values? Which might have multiple values?
o Are there attributes that must be set on create, but not when modifying a person?
- Identity and access management strategy: Time to modernize?
- Step up authentication OpenID Connect
- What is the current market scenario of United States Cloud Identity And Access Management Market?
- CA Strong Authentication offers businesses low-cost MFA and 2FA
- Quest Defender protects businesses with two-factor authentication
- Forrester’s Risk-Driven Identity And Access Management Process Framework
- Has ForgeRock Betrayed Its Community?
- Okta Adaptive MFA gives companies flexible authentication
- The NotPetya Global Pandemic – CyberArk Labs Analysis
- Okta Extends Canadian Presence with New Downtown Toronto Office
Top Posts & Pages
- Configure database settings for Sailpoint IdentityIQ
- Gartner Magic Quadrant for Identity Governance and Administration 2014
- Installing PWM (Open Source Password Self Service for LDAP directories)
- New User Registration Self-Service in Oracle Identity manager 11gR2
- Configure Change Password in Open Source Password Self Service for LDAP directories (PWM)