API Platforms as the Secure Front Door to Your Identity Fabric

Identity and Access Management (IAM) is on the cusp of a new era: that of the Identity Fabric. An Identity Fabric is a new logical infrastructure that acts as a platform to provide and orchestrate separate IAM services in a cohesive way. Identity Fabrics help the enterprise meet the current expanded needs of IAM, like integrating many different identities quickly and securely, allow BYOID, enable accessibility regardless of geographic location or device, link identity to relationship, and more.

The unique aspect of Identity Fabrics is the many interlinking connections between IAM services and front- and back-end systems. Application Programming Interfaces (APIs) are the secure access points to the Identity Fabric, and can make or break it. APIs are defined interfaces that can be used to call a service and get a defined result, and have become a far more critical tool than simply for the benefit of developers.

Because APIs are now the main form of communication and delivery of services in an Identity Fabric, they – by default – become the security gatekeeper. With an API facilitating each interface between aspects of the fabric, it is potentially a weakness.

API security should be comprehensive, serving the key areas of an Identity Fabric. These include:

  • Directory Services, one or more authoritative sources managing data on identities of humans, devices, things, etc. at large scale
  • Identity Management, i.e. the Identity Lifecycle Management capabilities required for setting up user accounts in target systems, including SaaS applications; this also covers Identity Relationship Management, which is essential for digital services where the relationship of humans, devices, and things must be managed
  • Identity Governance, supporting access requests, approvals, and reviews
  • Access Management, covering the key element of an Identity Fabric, which is authenticating the users and providing them access to target applications; this includes authentication and authorization, and builds specifically on support for standards around authentication and Identity Federation
  • Analytics, i.e. understanding the user behavior and inputs from a variety of sources to control access and mitigate risks
  • IoT Support, with the ability of managing and accessing IoT devices, specifically for Consumer IoT – from health trackers in health insurance business cases to connected vehicles or traffic control systems for smart traffic and smart cities

API security is developing as a market space in its own right, and it is recommended that enterprises that are moving towards the Identity Fabric model of IAM be up to date on API security management. The recent Leadership Compass on API Management and Security has the most up-to-date information on the API market, critical to addressing the new era of identity.

Dive deep into API Management and Security with Alexei Balaganski's Leadership Compass.


Related Videos

IDaaS: Your Identity Fabric. Connecting Every User to Every Service, Seamlessly

Video

IDaaS: Your Identity Fabric. Connecting Every User to Every Service, Seamlessly

Making your service available to everyone, everywhere, without losing control. On their digital journey, businesses are constantly launching new digital services, chased by competitive and innovative pressure.

KuppingerCole’s Evaluation of Leading Vendors in the Identity API Platforms Market

Video

KuppingerCole’s Evaluation of Leading Vendors in the Identity API Platforms Market

Many different factors are driving Digital Transformation in the market today. One factor is the change in how businesses interact with their customers. Another factor is more on the technical side that addresses the implementation of new...


KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Stay Connected

Subscribe to our Podcasts

KuppingerCole Podcasts - listen anywhere


How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00