Unique User Identity
The Enterprise User Management, Corporate Central SaaS Portal and Tracker TRM all use a single database called the Unified Enterprise Database™. One of the most important design goals of the Unified Enterprise Database™ is to serve as a central repository for uniquely identifying every person that your company works with and to serve as a corporate wide directory service.  The Enterprise User Management system plugs into the Unified Enterprise Database™ and takes full advantage of identity management to resolves the inefficiencies associated with maintaining user IDs separately in each of the various backend systems. In addition to person identities, the Unified Enterprise Database™ is also designed to establish unique identities for all organizations, physical and digital addresses, calendars and events.

Single Sign On
With the Enterprise User management and the Corporate Central SaaS Portal, users authenticate only once and gains access to all appropriate systems. Single sign-on reduces your security administration significantly since you only have to deliver one password instead of many. Single sign-on increases security as end users only memorize and use one user account and password, as well as a single centrally managed account policy.

Centralized Administration
Integrate all your user master data and relevant attributes with the Unified Enterprise Database™ to create a corporate wide Unique ID for every person that your company interacts with.  You minimize administration and keep user master data consistent. Overtime, you can move many backend processes to work natively (i.e. read and write data from and to the Unified Enterprise Database™) to reduce synchronization processes.

For systems that cannot be integrated to work natively with the Unified Enterprise Database™ we use the appropriate combination of the following methods:

Unified Enterprise Database™ Synchronization
In many cases, it will still be necessary to keep person (and therefore user) data at separate stores. For those cases, synchronization with the Unified Enterprise Database™ establishes a ‘lookup view’ to serve as a cross reference between a singular person identified in Unified Enterprise Database™ and all the records that this person may have in various other systems.

LDAP Directory Integration
Enterprise User Management 5.0 supports integrated LDAP (Lightweight Directory Access Protocol) directory services and enables user synchronization or provisioning to and from the directory service.

You can also upload custom data such as your HR master data into the Unified Enterprise Database™ directory, thereby enabling automation with employees. The same applies to any other type of data source with different types of users and their attributes. No user synchronization is needed between your systems that natively operate with the Unified Enterprise Database™.

Pass Through Sign-On
The Enterprise User Management’s Authentication Service supports Pass Through Sign-On authentication which allows integration with Trusted Authentication Systems TAS™ (such as Microsoft Active Directory).   The TAS™ can perform the authentication for users and pass the Authenticated User Token to the Enterprise User Management’s Authentication Service, which can return role based access information and access tokens back to the requesting service or device without requiring a local authentication to be performed.

Proprietary Directory Integration
Many systems do not provide an open method for directory integration. We commonly work with our customers and 3rd party vendors to developer protocols for proprietary directory integration. Remember that even though it is clear that the integration of some of your older or proprietary systems may be more difficult, almost any system can be integrated.   Where legacy integration isn’t cost effective it is OK to have exceptions that will be resolved in the medium to long term.