5.3 Integrate identity as a third-party service

  • On-premise
  • Cloud
  • Hybrid

IDaaS or Identity as a Service is a new idea, where we outsource our Identity Management to a third party.  It is a single point of failure.

We can categorize IDaaS into three types

  • On Premise

    • An on-premise system is one that is hosted by the organization.  Examples include LDAP and Microsoft Active Directory.  AD is the most popular system in use.

    • When our applications are all hosted locally, then an on-premise system makes the most sense.  If our applications are in the cloud, then we need a way to have our on-premise system connect to them in order to provide authentication.

  • Cloud

    • A cloud-based system is hosted by a third party, off site.

    • When we have many cloud applications, then having a cloud system makes sense.  The cloud-based system must be able to connect to the cloud-based applications.

  • Hybrid

    • A hybrid system is one that is partially hosted by the organization and partially in the cloud.

    • When the organization has some local applications and some cloud-based applications, then a hybrid system is a good idea.

    • The two systems must be able to sync their data in real time.

    • A good example is Microsoft Azure Active Directory