Search Results

What is Recertification? The Recertification addon provides the functionality to review access rights to make sure the users have access only to what they need.  This process increases security and makes the recertification process auditable and compliant. S...

Description Groups are a convenient way to apply policies to a collection of users. Groups allow administrator users to specify permission for multiple users in a quick and easy way. Groups are managed in a hierarchical way. A user can belong to a group, and ...

Description After defining the attributes to publish, it’s required to write a policy that defines which attributes will be allowed to share with each service provider. Soffid allows you to define security rules that apply to any attribute that should be del...

Description The attribute definition page displays all the auto-generated user attributes. Those attributes will be the attributes to deliver from the identity providers to the service providers depending on the defined rules. Soffid has a default implementa...

Description Companies are organized in different business units, departments or workgroups. In Soffid, they all are named as groups. These group can be categorized by a group type. Group types can be used in the definition of Holder Groups. Some roles can ...

Description The audit trail page allows you to query for audit records. Each action done at the Soffid console will be reported. Here you have a list of common Advanced searches, you only have to copy, paste and search, e.g. // User changes trace calendar ...

You can consult the list of Soffid attributes: User Object Account Object Group Object Role Object Grant Object Maillist Object Membership Object dispatcherService Authoritative change object User object A user objects are maps that hold the...

Introduction Active Directory Back Channel refers to a mechanism that allows Soffid to synchronize user information with an external Active Directory (AD) server in real-time or near real-time (Password synchronizer). This synchronization ensures that both So...

Description Operators can define the subnets that compose the internal network, in order to manage the IP address space. The main goal is to manage a limited resource as the IP address is. Soffid supports both static and dynamic IP assignments. Anyway, stati...

Definition Soffid could use different kinds of external authentication sources. These mechanisms could be selectively enabled or disabled. Screen overview Standard attributes Global status Soffid server host name Enforce TLS connections t...

Introduction Description This connector implements the LDAPS protocol and it is used to connect the Sync-Server with every server that allows this communication protocol. Managed System This connector has been performed to connect to the Active Directory s...

The purpose of this tutorial is to show how to install Jump servers and configure PAM using Dockers, to use critical resources without knowing the password required. Jump Server A jump server, jump host or jump box is a system on a network used to access a...

What is BPM? Business Process Management is a discipline for executing of management methodology to improve an organization’s business processes. That uses a combination of modeling, automation, execution, control, measurement and optimization of business act...

Description Soffid includes a BMP (Business Process Management) in its Smart Engine to provide useful workflows integrated with the processes and the policies of the Soffid core.  In order to add extra functionality to the console, you can upload different b...

Description BPM is a technology that allows modeling, implementing, and executing processes automatically to enhance efficiency and productivity in support of enterprise goals. Soffid includes a BMP (Business Process Management) in its Smart Engine to provid...

Description The Delegation Roles Process type is used to allow the users to delegate temporary their own permissions.  That process is defined by default with 3 steps, but you can add new, delete and update steps to customize your business process.  Start...

Description The Permission Request Process type is used to define business processes to request permissions. That process is defined by default with 4 steps, but you can add new, delete and update steps to customize your business process.  Start Approve ...

Description The Account Reservation Process type is used to configure the use of privileges accounts. That type of process will be launched when the end-users want to connect to a system using a privileged account through the password vault. Soffid allows yo...

Description The Permissions Management Process type is used to define processes used to create, update and remove permissions and account to identities. You can use the default template included on Soffid BPM Editor and customize it with your business needs....

Description The User Management Process type is used to define business processes to create and update identities and their attributes. You can use the default template included on Soffid BPM Editor and customize it with your business needs. Also, you can im...