Reference document

Identity Repository Management Application

The Identity Repository Management Application enables users to manage the repository of identities recognized within an enterprise. It supports the concept of enterprise-wide, single and unique digital identity for each entity recognized within an enterprise by providing and managing centralized Identity Repository. Identities in the repository are defined by a set of attributes * unique, global identifier (GUID) assigned when identity is created, * core identity data last and first name, date of birth, telephone number, etc., * credentials digital certificates, biometrics data etc., * entitlement related data role, duties, location, qualifications, etc. The repository allows to define a profile (set of attributes) for each type of identity (user, device, service, application, etc.). The repository doesn’t and in most cases shouldn’t be the original source and storage for identity information. Instead it relies on external authoritative identity data sources to provide identity attributes. Different attributes can be provided by different sources. The repository provides a mapping between logical enterprise level identity attributes and the source attributes stored in authoritative data sources and as a result builds coherent enterprise identity representation based on most trusted sources of identity information. The repository is also a base for provisioning of the accounts in the systems entities require an access to. In this case such accounts are treated as identities in systems-specific contexts. Repository allows to maintain a link between these identities/accounts and the enterprise logical identities and enables data synchronization between these sources.

Identity Management Applications