Regardless of how revolutionary a technology appears to visionaries often it takes a giant to validate the message and the market.
Thank you, Salesforce.com.
Hello, federated identity and identity-as-a-service.
In one powerful motion this morning, Salesforce CEO Mark Benioff moved the identity game from the side stage to center stage.
The tools, the technologies and the standards that are now de facto in the identity space received the validation stamp from a billion-dollar juggernaut.
I'm not suggesting it guarantees success, but the curtain is up and the big show is on.
At its annual Dreamforce conference, which opened today, the company announced Salesforce Identity, a platform that will provide single sign-on across all Salesforce applications. It's an access control strategy that gives Salesforce users a single log-in to all the platform's apps.
But it also has other important elements. There is a federation piece to integrate non-Salesforce apps/data and a provisioning part for adding, deleting and managing users.
And It's all based on standards, OAuth, OpenID Connect and SCIM, all of which we have talked about here for years.
Make no mistake, Salesforce is not launching the identity market, there are dozens of vendors and hundreds of enterprises here already, but Salesforce now has the megaphone.Â Greetings identity management vendors, ID architects, and CSOs, did you feel your boat rise?
Salesforce Identity isn't an add-on that makes for nice marketing materials and a generous up-sell. It's baked into the platform. It's the way identity should be delivered; integrated and expected.
Salesforce also is tapping into the social identity revolution with Salesforce Chatter, it's Twitter-like social platform that has been upgraded so all other social apps can push data into the Chatter feed.
That is the type of federation that some forward thinking companies (Bechtel, GE) and one government-led initiative (NSTIC) also have adopted in their strategies for the future.
And Salesforce is including a central management platform to administer users and provide access controls from the online giant's swelling user directory.
That's the kind of centralized control of employees that enterprises want as their identity landscape begins to climb over corporate security boundaries and on to the Internet.
Ian Glazer, who tracks (and influences) the identity market as research director for Gartner's Identity and Privacy Strategies team, said in his blog:
"These identity services, with undoubtedly more to come, are woven into not only crucial business applications (like CRM) but into Salesforce.com's PaaS infrastructure. Identity just happens! This is the future of identity services. Identity gets delivered in the context of something the business and IT as a whole cares about."
Ben Kepes, a wickedly sharp technology evangelist and business adviser, had this observation:
"Identity that works across all Salesforce properties as well as wider into the general cloud space is incredibly powerful - arguably as revolutionary as Active Directory was within the organization but on a much bigger scale."
Those are insightful comments.
Windows 2000 and Active Directory led a revolution into enterprise computing by first organizing management of Exchange e-mail users before moving on as a corporate network anchor.
But that time is passing into the clouds, even Microsoft is acknowledging the shift with its Windows Azure Active Directory and Graph API.
Make no doubt, Salesforce is going to take on Microsoft here and it is going to be a titanic battle.
I can't predict what success Salesforce.com will have with its identity strategy, but I can say it is headed in the direction the rest of the industry is going. Welcome.
If you didn't get identity before, you better get it now.
Here at Ping we have created the mantra "Identity is the New Perimeter." It was the theme at our Cloud Identity Summit this year and we think it provides context for the enterprise.
Today it is ironic that Benioff has moved identity to center stage, because the task now is to move it back to the side stage.
That is where it will function, doing what it does to protect transactions, privacy and other user and machine interactions. Slotted in as a layer across the Internet. Expected to be there; expected to do its job so companies and end-users can securely do theirs.