IdentityIQ is SailPoint's identity and access management (IAM) solution for enterprise customers who prefer an on-premise deployment. IdentityIQ resource connectors provide pre-packaged integrations with enterprise databases, directories, healthcare, platforms and business applications running in their on-premise datacentres. The connectors allow businesses to provision and aggregate external user, account, entitlement and authentication credentials from a centralized location.
The SailPoint IdentityIQ RSA Authentication Manager resource connector enables RSA SecurID customers to manage RSA Authentication Manager users and groups, administrative roles, SecurID tokens and RADIUS profiles. The SailPoint IdentityIQ solution supports Multi-Factor Authentication (MFA) for logging into IdentityIQ. IdentityIQ can be configured to work with a variety of MFA providers, one of the out of the box integration is RSA SecureID.
This section describes the ways in which SailPointIdentityIQ can integrate with RSA SecurID Access. Use this information to determine which use case and integration type your deployment will employ.
End User Logon Experience - When integrated, users must authenticate with RSA SecurID Access in order as part of the End User Logon Experience .
User Management - When integrated, User Management of SecurID users can be done with IdentityIQUser Management.
SecurID Admin SDK integrations can provide a rich user interface with all RSA SecurID Access features within the partner application. Refer to the Supported Features section in this guide see which features this partner application has implemented.
This section shows all of the supported features by integration type and by RSA SecurID Access component. Use this information to determine which integration type and which RSA SecurID Access component your deployment will use. The next section contains the steps to integrate RSA SecurID Access with SailPointIdentityIQ for each integration type.
SailPointIdentityIQ Integration with RSA Cloud Authentication Service
SailPoint IdentityIQ integration features
View, Add, Modify and Delete RSA Authentication Manager users
View, Add, Modify and Delete RSA Authentication Manager groups
Reconcile RSA Authentication Manager identity source with the IAM data store.
Reconcile RSA SecurID tokens with the IAM data store.
Assign/Unassign RSA administrative roles
Add, Modify and Delete RSA Authentication Manager RADIUS profiles
View, Assign/Unassign Radius Profiles
MFA using SecureID tokens
Not yet tested or documented, but may be possible.
The following links provide instructions on how to integrate SailPointIdentityIQ with RSA SecurID Access.
This document is not intended to suggest optimum installations or configurations. It assumes the reader has both working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators should have access to the product documentation for all products in order to install the required components. All RSA SecurID Access and SailPointIdentityIQ components must be installed and working prior to the integration.