Managing identities and privileged access has become significantly more complicated for organizations as they move toward digital transformation. According to the Identity Defined Security Alliance (IDSA), 98% of surveyed identity and security professionals reported that the number of identities is increasing, primarily driven by cloud adoption, third-party relationships and machine identities¹. With a growing number of identities, organizations need a secure, cost-effective way to automate provisioning and manage the user credential lifecycle management in the cloud. System for Cross-domain Identity Management (SCIM) is an open standard that allows automation of user provisioning. When an administrator creates, changes, or deletes an account in their IAM system, SCIM automatically syncs the update with corresponding systems. SCIM helps organizations manage who can access specific applications and files within the company, increasing security and reducing end user friction.

How SCIM Works

SCIM defines a schema for users and groups and provides a REST API for managing identity lifecycles. The API allows organizations to perform Create, Read, Update, and Delete (CRUD) operations on the users and groups. SCIM connects the client (e.g. IdP user directory) to the service provider (SaaS or enterprise application). When the client creates, changes, or deletes an account, the update is automatically reflected in the service provider. With SCIM, organizations can keep their identity information in sync across their IAM ecosystem.

SailPoint and Axiad

On July 14, 2023, Axiad released a SCIM connector that connects and synchronizes users and groups with SailPoint IdentityIQ. This SCIM connector automates user provisioning and de-provisioning, as well as the synchronization of user and group attributes. Axiad’s SCIM connector can be leveraged using SailPoint’s standard connectors (Web Services, JDBC, LDAP, SCIM 2.0, etc.) and can offer complete CRUD operations for the application’s users and groups to SailPoint.

Without SCIM, IT administrators need to create and maintain user accounts manually—a very complex and time-consuming task. IT administrators must manage credentials in silos, while users are required to remember multiple, complex passwords. SailPoint and Axiad enable seamless identity management across multiple systems and platforms. This SCIM connector ensures that user or group changes are automatically reflected in SailPoint, improving security as access rights can be correctly and promptly updated across all systems. In addition, organizations can leverage Axiad Cloud to enroll users with phishing-resistant credentials. This allows organizations to achieve a more secure form of multi-factor authentication (MFA) that protects against phishing-based cyberattacks.

Customers can supplement their existing SailPoint investment with credential lifecycle management, process automation, and self-service capabilities by Axiad Cloud. Using SCIM to synchronize users and groups with Axiad Cloud allows organizations to simplify provisioning, de-provisioning, and credential management. Axiad Unified Portal provides an integrated view across the entire identity ecosystem, environment, and credentials. With Axiad MyIdentities, organizations can uniquely enable self-service into visibility and management of all end user credentials. Organizations can view and manage the status of credentials across the end user base, such as those which are active or that have been revoked. Axiad MyCircle enables self-service credential resets authorized by other members of their “trusted circle” – people known to them, as determined by the organization. Trusted circle members can include a manager, shift supervisor, or peer. Axiad MyCircle empowers the workforce and reduces calls to IT or help desk for credential resets.

Organizations can replace the use of multiple tools for enterprise deployment, management, and support of authenticators and credentials with Axiad AirLock. With this feature, organizations can automate MFA processes before an employee can gain full access to systems. Axiad AirLock allows organizations to streamline provisioning of credentials (one to many). Organizations can provide self-service credential lifecycle management including account recovery, expirations, renewals, and more.

Together, SailPoint and Axiad enable organizations to amplify their cybersecurity posture without friction and fragmented solutions. Organizations can improve end user experience by eliminating the need for users to remember complex passwords. With seamless provisioning and credential management, organizations can increase efficiency and ultimately become more systematic in their overall cybersecurity practices.

“SailPoint is deeply committed to delivering robust identity solutions that empower organizations to confidently navigate their digital transformation journey,” said Adam Creaney, Sr. Manager, Identity Alliances at SailPoint. “Our partnership with Axiad reinforces this commitment by enabling streamlined and secure identity management.”

Why SCIM Matters

SCIM offers several benefits to organizations looking to scale. Here are a few:

• Provides a standardized, secure methodology for exchanging information between IT systems, minimizing the need for expensive custom integrations
• Automates user and group provisioning, mitigating the risk of human error
• Streamlines employee onboarding and offboarding
• Eliminates the need for users to remember a separate set of credentials for every application they access

Axiad’s SCIM connector has been added to the SailPoint Connector Directory. For more information about our integration with SailPoint, please visit SailPoint Compass Community.

¹ New Study Reveals 84% of Organizations Experienced an Identity-Related Breach in the Last Year | Identity Defined Security Alliance (idsalliance.org)