Working principle

Why choose EasyStack Identity and Access Management?

• 

  Unified identity management

  The unified management of local and LDAP user identities is provided, and the flexible switching of departmental identity sources is supported, so that users in the local identity system of the enterprise can also directly log in to EasyHang cloud through IAM.

• 

  Flexible organizational structure

  Provide flexible organizational management capabilities, according to the actual internal organizational structure of the enterprise to create the corresponding department, build organizational isolation unit, but also according to the actual business situation in different departments planning corresponding projects, build resource isolation unit.

• 

  Fine-grained authorization management

  It supports service level, resource level, API operation level access control, and can use different granularity to grant specific permissions to different users, fine-grained control of their access to resources, and can support both RBAC and ABAC authorization model.

• 

  Rich account security policy configuration

  It provides a wealth of account security policy configurations such as account lock, password policy, session timeout, password complexity, and virtual MFA to improve the security of the system.

• 

  Secure identity credentials

  Users can specify role permissions to create multiple independent application credentials that allow programs, scripts, or developers to programmatically access the user's resources and can safely revoke them at any time.

• 

  Application identity management

  Based on SAML, OAuth, OIDC and other security authentication protocols, the application can be connected to IAM for identity management. Single sign-on can be realized through simple configuration, which unifies the identity authentication of enterprise internal application systems and effectively improves office efficiency.