Highlighted
Super Contributor.
Super Contributor.
167 views

Access manager with Identity Governance

Jump to solution

Hi All,

In MF documentation, we have three options for integrating IG with an authentication service. Can anyone suggest me the best method from the below options 

1. Access Manager configured to connect to OSP

2. Access Manager

I am also planning to install IR.

Thanks in advance.

0 Likes
1 Solution

Accepted Solutions
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: Access manager with Identity Governance

Jump to solution
Greetings,
     ID Gov 3.5.x & 3.6.x and ID Reporting Core 6.5.x and 6.6.x support Access Manager providing the OAuth instead of OSP:
 
client --> NAM ==OAUTH==> ID Gov/ ID Reporting
 
 
 
However, at this time IDM Apps 4.7.x and 4.8.x do not support this model.  Therefore, if the customer will want to have SSO between the ID Gov/ID Reporting and ID Apps then you will have to utilize SAML from Access Manager:
 
client --> NAM ==SAML==> OSP ==OAUTH==> ID Gov/ ID Reporting  or  ID Apps
 
 
 
Sincerely,
Steven Williams
Principal Enterprise Architect
Micro Focus

View solution in original post

4 Replies
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: Access manager with Identity Governance

Jump to solution
Greetings,
    You have following options/configurations, where client == browser
 
client --> OSP (normal ID and Password) ==OAUTH==> ID Gov/ ID Reporting 
 
client --> OSP (reCapture) ==OAUTH==> ID Gov/ ID Reporting 
 
client --> OSP (Advanced Authentication) ==OAUTH==> ID Gov/ ID Reporting 
 
client --> Kerberos --> OSP ==OAUTH==> ID Gov/ ID Reporting
 
client --> %SAML Provider% ==SAML==> OSP ==OAUTH==> ID Gov/ ID Reporting
 
client --> NAM ==SAML==> OSP ==OAUTH==> ID Gov/ ID Reporting
 
client --> NAM ==OAUTH==> ID Gov/ ID Reporting
 
*NAM is Access Manager
 
 
The questions are:
1) Does the customer want/require the ability to Single Sign On with any of the other IDM Applications (SSPR or the ID Apps)?
 
2) Does the customer already have Access Manager?  If yes, what version?
 
3) Does the customer already have a SAML Provider (ADFS, Shibboleth, Access Manager, ...etc)?
 
4) What is the Business Requirement of the customer?
 
 
Sincerely,
Steven Williams
Principal Enterprise Architect
Micro Focus
Highlighted
Super Contributor.
Super Contributor.

Re: Access manager with Identity Governance

Jump to solution
Hi Steve,

Yes, we might integrate ID apps eventually. We are currently running on the NAM 4.5.2 version.

1. client --> NAM ==SAML==> OSP ==OAUTH==> ID Gov/ ID Reporting
2. client --> NAM ==OAUTH==> ID Gov/ ID Reporting

In the above approach, I have experience configuring OSP with NAM. I would like to know if NAM - IG integration without OSP will make any difference? I mean in terms of the best approach.
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: Access manager with Identity Governance

Jump to solution
Greetings,
     ID Gov 3.5.x & 3.6.x and ID Reporting Core 6.5.x and 6.6.x support Access Manager providing the OAuth instead of OSP:
 
client --> NAM ==OAUTH==> ID Gov/ ID Reporting
 
 
 
However, at this time IDM Apps 4.7.x and 4.8.x do not support this model.  Therefore, if the customer will want to have SSO between the ID Gov/ID Reporting and ID Apps then you will have to utilize SAML from Access Manager:
 
client --> NAM ==SAML==> OSP ==OAUTH==> ID Gov/ ID Reporting  or  ID Apps
 
 
 
Sincerely,
Steven Williams
Principal Enterprise Architect
Micro Focus

View solution in original post

Highlighted
Super Contributor.
Super Contributor.

Re: Access manager with Identity Governance

Jump to solution
Thanks for your response Steve, very useful to me.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.