Identity and Access Management.
Vereinfachen Sie die Anmeldung bei Element für Endbenutzer in Ihrem Unternehmen, indem Sie Ihr Benutzerverzeichnis (z. B. MS Active Directory) und Ihren Single Sign-On (SSO) -Anbieter integrieren.
Was ist Identitäts- und Zugriffsmanagement?
Diese Funktion ermöglicht es einer Organisation, ihr vorhandenes Benutzerverzeichnis und/oder ihren Single Sign-On (SSO) -Authentifizierungsanbieter anstelle des Standardauthentifizierungssystems von Element zu verwenden. Element kann in Benutzerverzeichnisse wie Active Directory und SSO-Lösungen wie SAML 2.0, OIDC und CAS integriert werden. Alle diese Anbieter benötigen unterschiedliche Konfigurationen, aber wir unterstützen sie heute alle.
You can connect Element Server Suite Pro (ESS Pro) with an LDAP or Active Directory (AD).
You can connect Element Server Suite Pro (ESS Pro) with an LDAP or Active Directory (AD).
Single Sign-On (SSO)
ESS Pro also connects with OIDC-based external Identity Providers for central authentication, enhanced security and a great user experience due to Single Sign-On (SSO).
Depending on the capabilities of your Identity Provider product, this also allows you to employ more sophisticated authentication security measures like Multi-Factor Authentication (MFA), password security controls or adaptive/risk-based authentication policies.
Depending on the capabilities of your Identity Provider product, this also allows you to employ more sophisticated authentication security measures like Multi-Factor Authentication (MFA), password security controls or adaptive/risk-based authentication policies.
Supported Identity Provider products include
-
Keycloak
-
Microsoft EntraID (formerly Azure AD)
-
Univention Nubus
-
Okta
-
Auth0
-
Ping Identity
-
ForgeRock
… and basically all other products that support OpenID Connect
LDAP and SCIM integration
LDAP and SCIM integration is an extension in ESS Pro with the objective of integrating external user management and authentication systems as tightly as possible so that they are the authoritative source of truth where an organization manages all their users and respective information.
The integration supports LDAP and SCIM protocols for data exchange and provides the capabilities below.
The integration supports LDAP and SCIM protocols for data exchange and provides the capabilities below.
User attribute sync
Automatically keep user profile information (display names, email addresses, etc.) in Element up-to-date with changes in the external user directory.
User lifecycle management
Das Onboarding und Offboarding von Mitarbeitern kann für IT-Teams eine enorme Zeitverschwendung sein. Diese Funktion ermöglicht die Verwaltung von Benutzern über einen einzigen Einstiegspunkt: das vorhandene Benutzerverzeichnis.
Group access control
Automatically enforce room memberships to safeguard your conversations and to prevent information leakage due to accidental room invites. LDAP and SCIM integration will enforce room memberships based on user attributes in an external user directory (i.e., group memberships). When a user accidentally invites someone who is not entitled to get access to a room, the invite will automatically be withdrawn, protecting sensitive information.
Automated space/room memberships and permissions
Automate space and room membership and permission management based on attributes in the external user directory. This allows you to mirror organizational structures and to make sure that the respective users are members of the rooms with the appropriate permissions.
You might, for instance, have a ‘Marketing’ space with the rooms of the Marketing team underneath it. LDAP and SCIM integration will automatically add all team members to that ‘Marketing’ space, giving them access to Marketing team resources and making sure they are equipped with the right permissions for these rooms.
You might, for instance, have a ‘Marketing’ space with the rooms of the Marketing team underneath it. LDAP and SCIM integration will automatically add all team members to that ‘Marketing’ space, giving them access to Marketing team resources and making sure they are equipped with the right permissions for these rooms.
Admin privilege sync
LDAP and SCIM integration allows organizations to set administrative access privileges based on user attributes in the central user directory. It will automatically synchronize these and equip the respective ESS users with the appropriate privileges.
Integrations
-
Hookshot
-
Integration Manager
