Software: Synchronizes databases so roles and authorizations are up to date
midPoint is an open source identity management and identity governance solution developed by Evolveum. It automatically creates and manages groups, organizational units, and user accounts. It synchronizes several identity repositories and databases, manages them, and makes them available in a unified form, addressing almost every aspect of identity management and governance.
The InCommon Trusted Access Platform architecture recommends midPoint as an entity registry for holding unique institutional identities and their associated attributes. It also has a powerful provisioning engine with a common connector framework, reducing time to integrate with applications. Connectors are available for Active Directory, SQL databases, and many applications. The platform includes a packaged version of midPoint, integrated with the rest of the components to ease the deployment and management of the entire suite.
- Offers identity management process automation. It has a built-in engine that can drive approval of access requests.
- Uses role-based access control (RBAC). midPoint automatically computes user privileges based on his or her membership in roles. The midPoint RBAC model is one of the most powerful models in the entire IDM field.
- Manages identity-related parts of the enterprise security policy. midPoint can check password quality, maintain segregation of duties, etc.
- Supports security auditing and reporting: midPoint keeps an audit trail of all user privilege changes. It has a built-in reporting engine to generate reports for identities collected from all of the connected systems.
- Provides non-intrusive integration using identity connectors. midPoint connectors are simple pieces of code that allows it to remotely connect to other system and manage identity data. The connectors are non-intrusive: the connected system does not need to be changed.
- Manages organizational structure and its synchronization to other systems.
- Manages complex policies that govern the business aspect of identity management.