SSO Easy enables System for Cross-domain Identity Management (SCIM) User Provisioning to ANY SCIM COMPLIANT SaaS solution -- including KnowBe4 -- while leveraging existing Microsoft Active Directory Federation Services (ADFS) server(s). This allows organizations to better manage KnowBe4 user subscriptions and fees, without having to upgrade from their existing Microsoft ADFS implementation. Organizations improve centralized security, while reducing operating costs.
With the SCIM For ADFS Solution, SSO Easy customers can:
SSO Easy's SCIM Active Directory Federation Services Solution implementations are:
With proper planning and coordination, Free Trials are typically completed in less than 15 minutes.
With SCIM User Provisioning for KnowBe4 using ADFS, users experience the following:
SCIM is an open standard that simplifies cloud identity management and allows user provisioning to be automated across multiple domains.
SCIM provisioning allows companies to manage user identities in the cloud efficiently and easily add or remove users within their enterprise -- benefitting budgets, reducing risk, and streamlining workflows.
Without SCIM, IT administrators would have to manually add identifying information needed by the application about users who are allowed to use the application. This manual process takes longer and has a higher margin for error. Using SCIM as a standard protocol for cloud-based applications and services solves this problem and streamlines the management of users, groups, and devices.
SCIM is a REST and JSON-based protocol that defines a client and server role. A client is usually an identity provider (IDP), like Active Directory, or AD, that contains a robust directory of user identities. A service provider (SP) is usually a SaaS app, like Box or Slack, that needs a subset of information from those identities. When changes to identities are made in the IdP, including create, update, and delete, they are automatically synced to the SP according to the SCIM protocol. The IdP can also read identities from the SP to add to its directory and to detect incorrect values in the SP that could create security vulnerabilities. For end users, this means that they have seamless access to applications for which they're assigned, with up-to-date profiles and permissions.
There are various benefits of SCIM provisioning, including:
With SCIM, admins no longer need to manually create and delete user accounts in web apps -- which saves them valuable time and reduces the chance for errors in the authorization levels granted to users.
KnowBe4 is the worlds largest integrated security awareness training and simulated phishing platform.
SSO Easy, founded in 2010, is a leader in cloud based Identity and Access Management (IAM) solutions. SSO Easy's Single Sign On and User Provisioning solutions are deployed in production by thousands of clients, enables secure and seamless Single Sign On for millions of users, who access thousands of SaaS services and internal applications. SSO Easy solutions, which leverage industry standard protocols, including SAML and SCIM, are implemented quickly, easy, and cost-effective. Free Trials of SSO Easy solutions are available -- typically completed in 1 hour or less.
Active Directory Federation Service (ADFS), made by Microsoft, enables Federated Identity and Access Management by securely sharing digital identity and entitlements rights across security and enterprise boundaries. Microsoft ADFS extends the ability to use single sign-on functionality that is available within a single security or enterprise boundary to Internet-facing applications to enable customers, partners, and suppliers a streamlined user experience while accessing the web-based applications of an organization.
Active Directory (AD) is a database and set of services, made by Microsoft, that connect users with the network resources they need to get their work done.
The database (or directory) contains critical information about your environment, including what users and computers there are and who's allowed to do what. For example, the database might list 100 user accounts with details like each person's job title, phone number and password. It will also record their permissions.
The services control much of the activity that goes on in your IT environment. In particular, they make sure each person is who they claim to be (authentication), usually by checking the user ID and password they enter, and allow them to access only the data they're allowed to use (authorization).