Key Capabilities of OpenIDM
Information Storage and Extendable Data Model
OpenIDM provides a flexible object based model with an underlying storage in an embedded DBMS system, optimized to be scalable, lightweight, secure and transactional. There are no strict pre-defined objects and relations. Almost without any
limit now type of objects, attributes and relations can be introduced making it unnecessary for external data management systems.
Significantly decrease the required implementation period and the unit testing of the framework increase the stability of the customized system.
OpenIDM provides the necessary capabilities to define and enforce password policies through-out the enterprise as well as intercepting and synchronizing passwords from Microsoft Active Directory and ForgeRock OpenDJ, but also provide reset and retrieval functionalities.
Account Discovery and Reconciliation
OpenIDM offers a scalable method of discovering new, changed or deleted accounts on integrated resources as well as provide the necessary information to offer critical information about orphan accounts etc.
Active and Static Synchronization In near real time can OpenIDM detect changes in state to objects on resources. This means that a new user created on a resource can trigger an event inside OpenIDM to ensure he gets provisioned correctly with the proper access and entitlements – typically this allows enterprises to automatically drive provisioning activities from Human Resource systems or other authoritative sources. The synchronization also allows to call out to custom Java methods, workflows or rules.
Audit and Reporting
OpenIDM ensures that proper logging is done on all activities happening inside OpenIDM and offers the capability to provide reports distilled on the specific needs for customers. OpenIDM also provides an Event Publisher which allows third party reporting tools to integrate easily with OpenIDM to extract the necessary reports in well known formats.
Workflow and Business Processes
OpenIDM leverages the Open Source Identity Connector Framework (OpenICF) providing a rich set of mature connectors to a number of systems such as databases, directories and operating systems. The framework is also easily extended with additional connectors to support custom integrations to third party applications. See the Resource connector table for a list of available connectors.