DENVER, Colo. — June 11, 2013 — Ping Identity®, The Identity Security Company™, today announced PingFederate 7, a major upgrade to its identity bridge software and Cloud Identity Management Platform. The release delivers the first standards-based user provisioning, authentication, and authorization solution to the manual and proprietary obstacles that stand in the way of cross-domain – or federated – business integrations with customers and partners.
A highlight of PingFederate 7 is support for new identity standards: SCIM (System for Cross-domain Identity Management) and OpenID Connect. SCIM is a provisioning standard currently managed by the Internet Engineering Task Force (IETF). It is a lightweight, automated standard that provides inbound and outbound user provisioning for corporate directories and SaaS providers, replacing proprietary or manual provisioning methods. OpenID Connect, an emerging authentication and authorization standard from the OpenID Foundation, consolidates access control for both web and APIs into one, making it easier to secure web applications and their underlying APIs.
“Identity standards are fundamental to business in the cloud because they make it easier for people to work across multiple domains,” said Roger Oberg, vice president of marketing and product management for Ping Identity. “Imagine your employees automatically provisioned and then authenticated and authorized to use any cloud application in a single click. Consider what it would mean to give your partners the same experience with your applications. Support for SCIM and OpenID Connect in PingFederate 7 largely completes the standardization effort required for all identity use cases to scale out to the cloud and extends Ping Identity’s market-leading commitment to standards that gives our customers new ways to deliver seamless and secure user experiences.”
Building a Federated Business
Businesses today need to build federated relationships with customers, suppliers and channel partners to succeed. SaaS providers want their applications to appear as an extension of the security and identity management infrastructure their enterprise customers already have. The challenge is to build these cross-domain relationships while balancing the need for security and convenience.
The problem, according to Forrester Research, is that, “in today’s dynamic environment, IT should have the ability to enable all legitimate access by workforce members to software-as-a-service (SaaS) apps and by partners to internal apps – and block all illegitimate access. Unfortunately, most organizations have built multiple user stores that often lack quality data. This doesn’t scale well as the adoption of SaaS apps grows and the number of partners increases.”*
Automating provisioning with SCIM across domains ensures that legitimate users can access their applications easily while unauthorized users cannot. Support for SCIM in PingFederate 7 reduces potential threats that can result from accounts left open after an employee leaves an organization. Using PingFederate 7, identity providers can automate user provisioning from an organization’s identity store into SaaS applications, replacing a time-intensive manual or proprietary process. A service provider, such as an HR SaaS application chosen to manage employee information, can also provision a user back into their customer’s organization as part of an on-boarding process.
Future Proofing for Internet-Scale Identity and Access Management
With the proliferation of mobile and web applications, passing identity details to target applications requires developers to write an increasing amount of code. This adds complexity, cost and time to each application development effort and lacks scalability. With OpenID Connect’s lightweight, API-friendly framework, developers can extend identity details maintained in existing identity management products in a consistent and secure manner to cloud and mobile apps.
New support for OpenID Connect in PingFederate 7 gives IT a future path for an Internet-scale identity and access management solution that doesn’t compromise security. With PingFederate 7, developers gain a pathway to include identity in any application using the IT organization’s existing policies and investments in a centralized access management system.
“The addition of SCIM and OpenID Connect provides customers a single offering to solve a broad range of identity and access management problems for both web and API-based applications and services,” said Loren Russon, director of product management for Ping Identity. “The promise of OpenID Connect for Internet-scale identity and access management is still on the horizon, but we are working with customers today who want to utilize it for internal SSO as a lightweight alternative to heavy, proprietary integrations.”
In addition to SCIM and OpenID Connect, the latest release of PingFederate includes more than 80 enhancements to capabilities and integrations with leading IT products, making it easier for customers to configure and manage federated identities. More information about PingFederate 7 can be found at www.pingidentity.com/PingFederate7.
About Ping Identity | The Identity Security Company
Ping Identity believes secure professional and personal identities underlie human progress in a connected world. Our identity and access management platform gives enterprise customers and employees one-click access to any application from any device. Over 900 companies, including 45 of the Fortune 100, rely on our award-winning products to make the digital world a better experience for hundreds of millions of people. Visit pingidentity.com for more information.
* Evolve Your Identity Strategy For The Extended Enterprise, Forrester Research Inc., September 24, 2012
Ping Identity Contacts
Ping Identity Corporation
Follow Us on Twitter: @PingIdentity
Join our LinkedIn Group: Ping Identity Cloud
Subscribe to our YouTube Channel: PingIdentityTV
Like Us on Facebook: PingIdentityPage