5.3 Integrate identity as a third-party service
- On-premise
- Cloud
- Hybrid
IDaaS or Identity as a Service is a new idea, where we outsource our Identity Management to a third party. It is a single point of failure.
We can categorize IDaaS into three types
- On Premise
- An on-premise system is one that is hosted by the organization. Examples include LDAP and Microsoft Active Directory. AD is the most popular system in use.
- When our applications are all hosted locally, then an on-premise system makes the most sense. If our applications are in the cloud, then we need a way to have our on-premise system connect to them in order to provide authentication.
- An on-premise system is one that is hosted by the organization. Examples include LDAP and Microsoft Active Directory. AD is the most popular system in use.
- Cloud
- A cloud-based system is hosted by a third party, off site.
- When we have many cloud applications, then having a cloud system makes sense. The cloud-based system must be able to connect to the cloud-based applications.
- A cloud-based system is hosted by a third party, off site.
- Hybrid
- A hybrid system is one that is partially hosted by the organization and partially in the cloud.
- When the organization has some local applications and some cloud-based applications, then a hybrid system is a good idea.
- The two systems must be able to sync their data in real time.
- A good example is Microsoft Azure Active Directory
- A hybrid system is one that is partially hosted by the organization and partially in the cloud.