We spent nearly all of last week at Gartner's Catalyst Conference talking with some 1,400 attendees about a new category Gartner analysts are calling the Identity Bridge.

The bridge concept came from the growing need for organizations to better manage their adoption and transition to cloud services while leveraging their current investment in identity and access management technologies.

It's no secret that cloud services, mobile, API access and social networking make it just as likely today that applications, and those that need to use them, are outside corporate walls as inside. And it's no secret that corporate IT is struggling to secure these new hybrid use cases.

You will be hearing more of this bridge message in the industry and from Ping as vendors and solution providers start to align their products and services with this new market category.

This is great news for Ping customers as PingFederate has been providing this capability for years.  And our release in September of PingFederate 6.10 will expand the story with new "bridge" features.

As we talk with analysts and press about these new concepts, many agree that Ping is already the leader in this category as we provide cloud identity management services that enable organizations to bridge their on-premises identity management solutions with cloud services directly or via Identity-as-a-Service solutions, like PingOne.

In addition, Ping is differentiated in our product's ability to simply and securely bridge service providers with their clients and customers. This has all been done while maintaining our strong commitment to standards adoption and interoperability with the identity community at large. 

While the identity bridge model is a work in progress, the concepts were well received by Catalyst attendees. The feedback we got from numerous architects, CSSOs, IT directors and industry leaders was that the Identity Bridge concept outlines how to get a handle on the rapidly changing IT and business landscape using products and services from vendors like Ping.

Some suggested that even their non-technical executives understand the idea that something needs to be put in place to bring the on-premises and cloud worlds together in a secure and manageable way.

On the technical side, the identity bridge is an on-premises appliance that can be either a physical machine or run virtually.

At its heart, a bridge connects users, applications and identity management across corporate and software-as-a-service.

It provides a number of services with each one described as a bridge, including: directory synchronization, federation for IDPs and SPs, standards-based authorization, mobile security via OAuth 2.0 and just-in-time provisioning.

 In addition, the bridge leverages caching, automation and transformation to ensure an efficient use of information and resources.

We think this is the future, and so does Gartner, which is building the concepts into its identity management models - what they call Reference Architectures.

To back up our belief in this directions, we announced at Catalyst that Mark Diodati, who was the lead author and analyst on Gartner's identity bridges document, will join Ping Identity starting in September and will help our customers understand, build and deploy this bridge architecture.

In the mean time, we have a number of resources you can explore:


I did not know about Gartner's Catalyst Conference but published my solution in InfoQ at the same time (Do we really need identity propagation in SOA and Clouds?).

I argue that " Identity-as-a-Service solutions, like PingOne" is not needed, is too and unnecessary risky, and commercially does not and will not sound for the work between different clouds (providers). In one (Ping's) security realm it is OK, but try to cross your realm boundaries into, e.g., Microsoft's or Abra-Cadabra's realm and you'll see that those guys will not recognise and respect an authority of your Identity-as-a-Service. Yes, I do promote myself and say that my solution is free from this problem and technically-and-economically sounds better for inter-cloud security. I am open for direct contacts via LinkedIn.

* Required Fields