Community vs Enterprise
OpenIAM is available in two versions: Community and Enterprise.
Major differences between CE and EE
User life cycle management
- Business rules engine: The EE includes a browser-based business rules engine to greatly simplify how entitlements are assigned and revoked. In the CE, this functionality needs to be implemented using groovy script.
- Orphan management: The EE provides a feature to detect and manage orphaned accounts. This functionality is not part of the CE.
- Improved performance: The EE includes performance and architectural improvements that allow for large datasets to be processed efficiently.
Single Sign-On (SSO)
Access request workflows
|OTP over SMS||Y||Y|
|OTP over email||Y||Y|
|OTP over IVR||Y|
|OpenIAM authenticator with push||Y|
|Single sign-on (SSO)|
|User life cycle management|
|Joiners (new users)||Y||Y|
|Movers (position change)||Y||Y|
|Leavers (disable, terminate)||Y||Y|
|Business rules engine||Y|
|Flexible RBAC model||Y||Y|
|Entitlement viewer and editor||Y||Y|
|Custom entitlement types||Y||Y|
|Unified view of IAM and target system entitlements||Y||Y|
|Entitlement synchronization from target applications||Y||Y|
|Entitlement provisioning to target||Y|
|Access request and approvals (workflow)|
|Service catalog and shopping cart-based request-approval||Y||Y|
|Integrated into self-service portal||Y||Y|
|SLAs and escalations||Y|
|Line-item level approval/rejections||Y|
|Request administration (monitor, delegate, cancel)||Y|
|User access reviews|
|User-based certifications||Y||Y (Improved)|
|Entitlement-based certifications||Y||Y (Improved)|
|Privileged and service account||Y||Y|
|Supports integration with third party IdP for SSO||Y||Y|
|Unified SSO application launch pad||Y||Y|
|Self-service password reset (SSPR)||Y||Y|
|View your access||Y||Y (Improved)|
|View your direct reports and their access||Y||Y (Improved)|
|Integrated access review||Y||Y|
|Corporate directory lookup||Y||Y|
|Flexible password policy||Y||Y|
|Active Directory password filter||Y|
|Self-service password reset|
|SMS-based one-time token||Y||Y|
|Supports High Availability (HA)||Y|
Managing identity can be complex. Let OpenIAM simplify how you manage all of your identities from a converged modern platform hosted on-premises or in the cloud.
For 15 years, OpenIAM has been helping mid to large enterprises globally improve security and end user satisfaction while lowering operational costs.