Identity and Access Management.
Gör det enkelt att logga in på Element för slutanvändare i din organisation genom att integrera din användarkatalog (t.ex. MS Active Directory) och din leverantör av enkel inloggning (SSO).
Vad är identitets- och åtkomsthantering?
Den här funktionen gör det möjligt för en organisation att använda sin befintliga användarkatalog och/eller autentiseringsleverantör för enkel inloggning (SSO) i stället för Elements standardautentiseringssystem. Element kan integreras med användarkataloger som Active Directory och SSO-lösningar inklusive SAML 2.0, OIDC och CAS. Alla dessa leverantörer kräver olika inställningar men vi stöder dem alla idag.
You can connect Element Server Suite Pro (ESS Pro) with an LDAP or Active Directory (AD).
You can connect Element Server Suite Pro (ESS Pro) with an LDAP or Active Directory (AD).
Single Sign-On (SSO)
ESS Pro also connects with OIDC-based external Identity Providers for central authentication, enhanced security and a great user experience due to Single Sign-On (SSO).
Depending on the capabilities of your Identity Provider product, this also allows you to employ more sophisticated authentication security measures like Multi-Factor Authentication (MFA), password security controls or adaptive/risk-based authentication policies.
Depending on the capabilities of your Identity Provider product, this also allows you to employ more sophisticated authentication security measures like Multi-Factor Authentication (MFA), password security controls or adaptive/risk-based authentication policies.
Supported Identity Provider products include
-
Keycloak
-
Microsoft EntraID (formerly Azure AD)
-
Univention Nubus
-
Okta
-
Auth0
-
Ping Identity
-
ForgeRock
… and basically all other products that support OpenID Connect
LDAP and SCIM integration
LDAP and SCIM integration is an extension in ESS Pro with the objective of integrating external user management and authentication systems as tightly as possible so that they are the authoritative source of truth where an organization manages all their users and respective information.
The integration supports LDAP and SCIM protocols for data exchange and provides the capabilities below.
The integration supports LDAP and SCIM protocols for data exchange and provides the capabilities below.
User attribute sync
Automatically keep user profile information (display names, email addresses, etc.) in Element up-to-date with changes in the external user directory.
User lifecycle management
Onboarding och offboarding av anställda kan vara en enorm tidssänkning för IT-team. Denna funktion gör det möjligt att hantera användare via en enda ingångspunkt: den befintliga användarkatalogen.
Group access control
Automatically enforce room memberships to safeguard your conversations and to prevent information leakage due to accidental room invites. LDAP and SCIM integration will enforce room memberships based on user attributes in an external user directory (i.e., group memberships). When a user accidentally invites someone who is not entitled to get access to a room, the invite will automatically be withdrawn, protecting sensitive information.
Automated space/room memberships and permissions
Automate space and room membership and permission management based on attributes in the external user directory. This allows you to mirror organizational structures and to make sure that the respective users are members of the rooms with the appropriate permissions.
You might, for instance, have a ‘Marketing’ space with the rooms of the Marketing team underneath it. LDAP and SCIM integration will automatically add all team members to that ‘Marketing’ space, giving them access to Marketing team resources and making sure they are equipped with the right permissions for these rooms.
You might, for instance, have a ‘Marketing’ space with the rooms of the Marketing team underneath it. LDAP and SCIM integration will automatically add all team members to that ‘Marketing’ space, giving them access to Marketing team resources and making sure they are equipped with the right permissions for these rooms.
Admin privilege sync
LDAP and SCIM integration allows organizations to set administrative access privileges based on user attributes in the central user directory. It will automatically synchronize these and equip the respective ESS users with the appropriate privileges.
Integrations
-
Hookshot
-
Integration Manager
