Media Contact:

One Identity

Date Posted:

22 May 2025

Category:

Security

One Identity

Date Posted:

22 May 2025

Category:

Security

One Identity

Date Posted:

22 May 2025

Category:

Security

What is One Identity?

One Identity offers a comprehensive suite of IAM solutions in the following domains:

• IGA (Identity Governance and Administration): One Identity Manager (OIM)

• PAM (Privileged Access Management): Safeguard

• Active Directory Management: Active Roles

• Access Management / SSO: OneLogin

Collectively, these solutions ensure complete security for digital identities throughout the organization.


Architecture of One Identity Manager

The structure of One Identity Manager consists of modular components designed for both scalability and security:

Web Portal: Facilitates interactions for users, approvers, and help desk personnel.

Application Server: Handles workflows and offers APIs.

Job Server: Manages scheduled tasks for provisioning and synchronization.

SQL Server Database: Acts as the main repository for all identity-related data and audit records.

Synchronization Engine: Establishes connections with external platforms (AD, SAP, Workday, etc.).

APIs: Supports REST, SCIM, PowerShell, and CLI for integration purposes.

This design enables organizations to expand horizontally and set up High Availability (HA) configurations.


Key Features

1. Automation of the Joiner-Mover-Leaver (JML) lifecycle.

2. Enforcement of policies through role-based access and Segregation of Duties (SoD) controls.

3. Self-service capabilities for access requests and approvals.

4. Periodic access audits through certification campaigns.

5. Immediate provisioning to Active Directory, Azure, SAP, and other platforms.

6. Comprehensive audit trails for all changes related to identity.

7. A scriptable engine that supports VBScript, SQL, and PowerShell.


Integration and Synchronization

OIM facilitates integrations with:

• Human Resource Systems: SAP HCM, Workday, Oracle HRMS.

• IT Service Management Platforms: ServiceNow, BMC Remedy.

• Enterprise Applications: Salesforce, SAP, Oracle Database.

• Cloud Services: Microsoft 365, Google Workspace.

It provides support for native connectors, SCIM, LDAP, JDBC, and REST APIs for identity synchronization.


Admin Tools

Tools

Function

Designer

Schema, workflows, policies, scripting

Manager

Admin UI for roles, users, requests

Job Queue Info

Monitor provisioning tasks

Sync Editor

Configure and test synchronization

connectors

Launchpad

Entry point to launch various tools


Scripting & Customization

OIM provides scripting support using:

  • VB.NET

  • SQL Queries

  • PowerShell

Use cases:

  • Auto-generate usernames based on rules

  • Conditional role assignment

  • Custom validations

  • SoD policy enforcement.


Logging & Problem-Solving

Logging serves as a fundamental function in OIM:

• Logs from the job server (including success/failure and duration)

• Sync logs (providing details on import/export)

• Approval logs (showing status and historical data)

• Debug logs intended for developers

• SQL Profiler for monitoring backend processes .


Deployment Models

• On-Premises: Set up on Windows servers utilizing a SQL database backend.

• Hybrid: A combination of on-premises Job Servers and a cloud-based web portal.

• Fully Managed Cloud: One Identity Cloud manages the infrastructure entirely.

• Provides support for High Availability (HA) and Disaster Recovery (DR).


Security & Governance Controls

  • Role-based Access Control (RBAC)

  • Separation of Duties (SoD)

  • End-to-end encryption (TLS, database encryption)

  • Privileged account governance (via integration with Safeguard)

  • Full audit trail for every change.


Top Use Cases

  • Automated provisioning and deprovisioning

  • Periodic access certification by managers

  • Delegated administration by region or BU

  • Time-bound, policy-driven access

  • Regulatory compliance and risk management

Conclusion

One Identity Manager (OIM) offers a versatile, secure, and scalable solution for managing identity lifecycles and governance. It connects effortlessly with enterprise systems, allowing organizations to implement policies, ensure compliance, and decrease manual effort. Regardless of whether your setup is entirely on-premises or hybrid cloud, OIM can adjust to your security strategy and expand alongside your business requirements.

Stay tuned to our blog to see more posts about

Sailpoint products implementation and its related updates.

Stay tuned to our blog to see more posts about

Sailpoint products implementation and its related updates.

Category:

Security

Stay tuned to our blog to see more posts about

Sailpoint products implementation and its related updates.

Stay tuned to our blog to see more posts about

Sailpoint products implementation and its related updates.

Category:

Category:

Security

Security

Get your

Tailored Quote for your

Organisation

Get your

Tailored Quote for your

Organisation

What is One Identity?

One Identity offers a comprehensive suite of IAM solutions in the following domains:

• IGA (Identity Governance and Administration): One Identity Manager (OIM)

• PAM (Privileged Access Management): Safeguard

• Active Directory Management: Active Roles

• Access Management / SSO: OneLogin

Collectively, these solutions ensure complete security for digital identities throughout the organization.


Architecture of One Identity Manager

The structure of One Identity Manager consists of modular components designed for both scalability and security:

Web Portal: Facilitates interactions for users, approvers, and help desk personnel.

Application Server: Handles workflows and offers APIs.

Job Server: Manages scheduled tasks for provisioning and synchronization.

SQL Server Database: Acts as the main repository for all identity-related data and audit records.

Synchronization Engine: Establishes connections with external platforms (AD, SAP, Workday, etc.).

APIs: Supports REST, SCIM, PowerShell, and CLI for integration purposes.

This design enables organizations to expand horizontally and set up High Availability (HA) configurations.


Key Features

1. Automation of the Joiner-Mover-Leaver (JML) lifecycle.

2. Enforcement of policies through role-based access and Segregation of Duties (SoD) controls.

3. Self-service capabilities for access requests and approvals.

4. Periodic access audits through certification campaigns.

5. Immediate provisioning to Active Directory, Azure, SAP, and other platforms.

6. Comprehensive audit trails for all changes related to identity.

7. A scriptable engine that supports VBScript, SQL, and PowerShell.


Integration and Synchronization

OIM facilitates integrations with:

• Human Resource Systems: SAP HCM, Workday, Oracle HRMS.

• IT Service Management Platforms: ServiceNow, BMC Remedy.

• Enterprise Applications: Salesforce, SAP, Oracle Database.

• Cloud Services: Microsoft 365, Google Workspace.

It provides support for native connectors, SCIM, LDAP, JDBC, and REST APIs for identity synchronization.


Admin Tools

Tools

Function

Designer

Schema, workflows, policies, scripting

Manager

Admin UI for roles, users, requests

Job Queue Info

Monitor provisioning tasks

Sync Editor

Configure and test synchronization

connectors

Launchpad

Entry point to launch various tools


Scripting & Customization

OIM provides scripting support using:

  • VB.NET

  • SQL Queries

  • PowerShell

Use cases:

  • Auto-generate usernames based on rules

  • Conditional role assignment

  • Custom validations

  • SoD policy enforcement.


Logging & Problem-Solving

Logging serves as a fundamental function in OIM:

• Logs from the job server (including success/failure and duration)

• Sync logs (providing details on import/export)

• Approval logs (showing status and historical data)

• Debug logs intended for developers

• SQL Profiler for monitoring backend processes .


Deployment Models

• On-Premises: Set up on Windows servers utilizing a SQL database backend.

• Hybrid: A combination of on-premises Job Servers and a cloud-based web portal.

• Fully Managed Cloud: One Identity Cloud manages the infrastructure entirely.

• Provides support for High Availability (HA) and Disaster Recovery (DR).


Security & Governance Controls

  • Role-based Access Control (RBAC)

  • Separation of Duties (SoD)

  • End-to-end encryption (TLS, database encryption)

  • Privileged account governance (via integration with Safeguard)

  • Full audit trail for every change.


Top Use Cases

  • Automated provisioning and deprovisioning

  • Periodic access certification by managers

  • Delegated administration by region or BU

  • Time-bound, policy-driven access

  • Regulatory compliance and risk management

Conclusion

One Identity Manager (OIM) offers a versatile, secure, and scalable solution for managing identity lifecycles and governance. It connects effortlessly with enterprise systems, allowing organizations to implement policies, ensure compliance, and decrease manual effort. Regardless of whether your setup is entirely on-premises or hybrid cloud, OIM can adjust to your security strategy and expand alongside your business requirements.