All Research
Leadership Compass
I like this
I don't like this

Identity Fabrics

Martin Kuppinger
This report provides an overview of the market of providers of technology for building Identity Fabrics, which are comprehensive IAM solutions built on a modern, modular architecture. It provides a compass to help organizations find the solution that best meets their needs. We examine the market segments, product functionality, the market position of vendors, and the innovative approaches to providing solutions that serve customers best in building their Identity Fabrics.

1 Introduction

In this Leadership Compass, we evaluate solutions that can serve as a foundation for customers creating their own Identity Fabrics by delivering a wide range of capabilities in a modern architecture. To better understand the fundamental principles this report is based on, please refer to KuppingerCole’s Research Methodology.

Here is how we explained it in our foundational document on Identity Fabrics: The term “Identity Fabrics” stands for a paradigm and concept of a comprehensive and integrated set of Identity Services, delivering the capabilities required for providing seamless and controlled access for everyone to every service. Identity Fabrics support differing types of identities such as employees, partners, consumers, or things. They deliver the full range of identity services required by an organization.

Identity Fabrics are not necessarily or commonly based on a single technology, tool, or cloud service, but a paradigm for architecting IAM within enterprises. Commonly, the services are provided as a combination of several tools and services, with up to three solutions forming the core of the Identity Fabric, covering the core capability areas of identity and access management (IAM) such as identity governance and administration (IGA), access management, and Privileged Access Management (PAM). These core solutions are complemented by specialized solutions for advanced capabilities or filling functional gaps. Most organizations that use this paradigm to evolve their IAM capabilities tend to build on a core platform for major features and complement it with point solutions, as needed.

Recently, we have observed a trend toward deploying orchestration solutions as a core component of Identity Fabrics. Orchestration solutions extend IAM solutions to deliver integrated identity services, but they also help to provide integration with legacy IAM technology. Some vendors include orchestration as part of a comprehensive IAM suite / Identity Fabrics offering, while others provide orchestration as a standalone product.

Given the state of the market, this Leadership Compass analyzes which of the IAM offerings are best suited to form the foundation for an Identity Fabric that delivers:

  • a broad range of IAM capabilities, including a foundational level of both IGA and access management (including identity federation, multi-factor authentication)—or alternatively providing an orchestration platform for IAM
  • a comprehensive set of APIs for consuming identity services, beyond the admin and end user interface and user experience (UI/UX)
  • a modern architecture, following patterns for microservices architectures and container-based deployments
  • support for different deployment models, enabling customers to deploy in their preferred operating models (with some solutions being cloud-only)
  • support for all types of identities, including workforce, business partners, customers, devices, and services

In sum, solutions must not only deliver functionality and support for all types of identities, but also meet market requirements for architecture, deployment model, and their interoperability with traditional applications, cloud services, and new digital services.

1.1 Highlights

Identity Fabrics is the foundational paradigm for IAM, enabling organizations to define a holistic and integrated technical architecture for IAM. Since we first introduced the concept in 2019, an increasing number of organizations have successfully established their own Identity Fabrics that deliver modern, integrated IAM services to their organizations.

  • The market for Identity Fabrics is evolving quickly and the maturity of solutions has improved significantly. However, the market is still not at the same level of maturity as other established IAM disciplines, such as IGA or access management. Nevertheless, the Identity Fabrics market remains a center of significant innovation.
  • Few vendors provide all three major components of IAM, (IGA, Access Management, and PAM) natively. As a result, Identity Fabrics almost always require a multivendor strategy.
  • Major IAM vendors also leave space for leading-edge solutions in specialized segments. For example, Okta (which provides both IGA and PAM capabilities) integrates with pure-play IGA solutions from vendors such as SailPoint and Saviynt. Such solutions can well complement other vendors solutions to weave a comprehensive Identity Fabric.
  • A growing number of specialist vendors have emerged that add sophisticated features for authorization and orchestration across existing identity solutions and silos. These specialists can help organizations close gaps in core IAM platforms. These vendors include, but are not limited to, Cloudentity and Strata Identity.
  • The support for exposing capabilities via modern APIs is growing rapidly. Most vendors expose all relevant capabilities via an integrated and complete set of REST and other modern APIs.
  • Several vendors, including most of the “IAM veterans” such as Oracle, RSA, IBM, or Broadcom (which includes former CA Technologies), are still on their modernization journey for their platforms. Most of them are demonstrating considerable progress in executing on their roadmaps. The current state of transition must be carefully analyzed, nonetheless.
  • The deployment approaches supported by vendors range from supporting only multi-tenant, public cloud deployments to implementations that are single-tenant and run as managed service provider (MSP) or private cloud implementations. We advise customers to carefully analyze flexibility in deployment, but also the flexibility for customizations and the approach for updating and patches in this context.
  • The Overall Leaders are Microsoft, Ping Identity, IBM, Broadcom, One Identity, Oracle, OpenText, CyberArk, RSA Security, EmpowerID, and Exostar.
  • The Product Leaders are Ping Identity, Microsoft, IBM, EmpowerID, Broadcom, OpenText, One Identity, Exostar, Oracle, and CyberArk.
  • The Innovation Leaders are Ping Identity, Microsoft, EmpowerID, One Identity, IBM, Broadcom, Exostar, OpenText, Simeio, Oracle, CyberArk, RSA Security, Cloudentity, and Strata Identity.
  • The Market Leaders are Microsoft, IBM, Oracle, CyberArk, Broadcom, Ping Identity, OpenText, RSA Security, and One Identity.
Full article is available for registered users with free trial access or paid subscription.
Log in
Register and read on!
Create an account and buy Professional package, to access this and 600+ other in-depth and up-to-date insights
Register your account to start 30 days of free trial access
Register
Get premium access
Choose a package
Table of Contents
1 Introduction
2 Leadership
3 Correlated View
4 Identity Fabrics: Products and Vendors at a Glance
5 Product/Vendor evaluation
6 Vendors to Watch
7 Related Research
8 Copyright

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use