Password Management Overview
There are three different areas in which password is managed in IDHub. They are as follows:
- IDHub product
- Connector / Target system
- Sath Account
In IDHub, password management is done via KeyCloak. KeyCloak is an independent Identity management tool which is leveraged by IDHub to store and retrieve passwords, SSO with target systems or setting up of MFA of identities as well
For the connector / target system, we use Vault to manage the secrets for the connector configuration and secrets. Besides this, a connector manager UI is also given so that the administrator can manage the secrets from there as well.
For purchasing IDHub cloud (or other implementation or support services), you first need to create a sath account. For creating and managing a sath account, we use Auth0 for the authentication server. Therefore all the sath account credentials are stored and managed via Auth0
Benefits of IDHub Password Management module
- Easy way of providing default password to users for login via Service Request
- IDHub provides for KeyCloak for managing password and SSO management capabilities for each tenant
- Provides for User Federation capabilities
- Provides SSO/SML capabilities
Features & availability of IDHub Access Management Module
- Default password via SR - IDHub provides an easy to create users via service request and provides them default passwords to login
- KeyCloak for advance password management - As an admin user you can access KeyCloak to manage the passwords for the user individually
- SSO capabilities - IDHub inbuilt KeyCloak provides admins an easy way to manage and setup SSO for the user login
- User Federation - From the KeyCloak Administration tool of IDHub you have the ability to configure user federation
- Centralized Login - You can configure the SSO/SML capabilities using the KeyCloak, so that users are allowed to login with authentication system of another application and hence it enables keep a centralised login to all their applications.