Identity Management

Identity Management

System landscapes are becoming increasingly diverse and heterogeneous.
Where SAP systems were once predominantly in use, more and more systems from other
more and more systems from other manufacturers are being used.
In addition, more and more cloud systems are being used.
are being used.
We have opted for three IAM systems that cover your requirements
depending on the size of your company.

Arrange a consultation appointment

SAP IDM

The classic from the SAP world. The end of the SAP Netweaver platform also heralds the end of SAP IDM 8.0.
The maintenance phase ends in 2027 with the option to extend until 2030.
SAP will not provide an official IDM successor.

So, it’s a bit long in the tooth, but still going strong. Of course, we will continue to advise you on the solution and will not let you down.

midPoint

The IAM solution that is listed by Gartner and KuppingerCole as the leading open source solution.
MidPoint can do a lot if you spend a little time with it. Insider tip!

Pro:

  • OpenSource – no license costs
  • there are only optional costs for a support contract with evolveum (which definitely makes sense)
  • Connectors for all common systems are available (ConnId framework)
  • active community
  • Software can be extended to individual needs
  • can be operated via Docker containers
  • the solution can be completely configured via XML/JSON files

Cons:

  • No SAP SoD check on authorization objects possible in the standard system
  • if extensions are desired, special knowledge is required
    • UI: Apache Wicket
    • Connectors: ConnId-Framework

One Identity Manager

The complete system. Classified as a leader in Gartner’s Magic Quadrant.
Anyone looking for the “egg-laying wool-milk sow” will find it here, but it also comes with a certain degree of complexity.

Pro:

  • the UI is based on Angular and can be customized as desired
  • Many connectors available as standard
  • Cloud connectors can also be licensed via Starling Connect for a variety of systems
  • SoD checks possible at authorization object level (even SAP-certified)
  • Can be operated on-prem or as a SaaS solution
  • Own connectors can be developed using Powershell, C# or VB.NET

Cons:

  • relatively expensive
  • involves a certain degree of complexity
  • the SaaS solution currently has a performance problem when using the OIM client tools

Xiting Central Workflow (XCW)

The entry into the IAM world. Xiting offers a solution that is essentially the logical evolution of SAP CUA (central user administration).
In addition to user administration, there is a self-service area for your password, a role owner concept including a request workflow, Fiori apps and, of course, everything is documented in an audit-compliant manner.
The solution is suitable for “smaller” companies that only want to manage their SAP ABAP systems.

Pro:

  • lean solution
  • fits into the SAP look & feel
  • is operated in an existing SAP system and imported via transport
  • can be extended by a license-based module to perform SoD checks at authorization object level

Cons:

  • No connector for cloud systems
  • no connector for AD/LDAP
  • not extensible
  • limited to SAP ABAP systems