EmpowerID Products and Solutions
- Learning Center
Welcome to the Learning Center
The EmpowerID Identity Warehouse and synchronization services are used to inventory connected systems, process changes through rules and policies, and then push the appropriate changes out to the affected systems. The Identity Warehouse and sync services use the inventoried information to perform identity correlation and link disparate application user identities with the actual people who use them.
In addition to these traditional Identity Warehouse functions, the EmpowerID Identity Warehouse acts as an Identity Warehouse and as a directory. As an Identity Warehouse, EmpowerID inventories and stores the resources that exist in managed systems, the rights assignments for these resources as assigned in those systems, and the definitions of rights (or roles) used by that system. The Identity Warehouse also stores EmpowerID RBAC information, such as the definition of EmpowerID roles, role assignments for managed system resources, business location structures for delegation, dynamic RBAC policies for provisioning or de-provisioning resources, and all other RBAC policies and settings.
As a directory, the EmpowerID Identity Warehouse is able to perform user authentication for EmpowerID and any other applications that support SAML, WS-Trust, OAuth, RADIUS, or the Microsoft Membership and Role provider model. The Identity Warehouse maintains a Person object for each human person that uses or is managed by the system and anchors any accounts that a person may own in foreign systems to that one Person object. The Person object is what authenticates a user into the EmpowerID system and allows them to perform any tasks authorized by their security assignments. Applications may leverage EmpowerID for authentication in lieu of requiring an Active Directory account or simply leverage EmpowerID for single sign-on (SSO).