Identity and Access Management

Everything the cloud has to offer in one secure place.

The AppDirect Cloud Management Suite’s Identity and Access Management solution empowers you with administrative control over cloud consumption within your organization, while offering your team members the most secure and convenient cloud experience available today. We offer a powerful set of tools including single sign-on, multi-factor authentication, directory integration, user management, thousands of pre-integrated applications and much more to drive organization productivity and security. Let your users experience the power of cloud services with AppDirect Cloud Management Suite.

Single Sign-On

All apps, one set of credentials

AppDirect Cloud Management Suite eliminates the need for passwords by offering secure single sign-on to applications using industry standards SAML 1.1/ 2.0, OpenID, OpenID connect, Oauth 2.0, WS-Federation. By signing in once through AppDirect, users can launch all their web applications from their MyApps page. Users no longer have to remember URLs, usernames and passwords, which increases productivity and strengthens security. Our service catalog includes thousands of pre-integrated applications and you can add in-house applications as needed.

AppDirect App Manager

Build and save complex filters from service, content type, data range combinations. Get powerful advanced search capabilities or simply refine by author, title or document type. The advanced search capabilities allow users to drill down across cloud applications, find specific content types, restrict results by date ranges and sort content.

Thousands of Apps

AppDirect offers an exhaustive service catalog populated with thousands of the leading web applications, all pre-integrated for you to easily one-click install and assign to team members. If you are using any applications that we do not support, let us know and we will add them for free.

No Passwords

With a single password to AppDirect, users can now access all their apps without needing to remember countless usernames and passwords. Single sign-on not only offers the convenience of accessing all your solutions from one secure MyApps page through any device, but also allows you to concentrate security efforts on a single point of access greatly minimizing risks.

Personal Apps

For added convenience admins can also allow end users to add their personal apps to their MyApps page. This allows end users to access personal apps like Facebook, Airing or LinkedIn with single sign-on. Helping team members protect their own personal information can also help protect the company as the lines often blur; many malicious attacks start from vulnerable personal applications which contain work related information.

Multiple Instances

AppDirect lets you create as many logins to the same application as needed. If you have multiple twitter or google accounts for example, you can install the respective app as many times as needed, give each instance a unique name so you can tell them apart on the MyApps page, and save credentials for each one giving you single sign-on access to every instance.

Group-Based Access Control

Our group management functionality allows you to manage access at scale. You can assign users to groups such as “Sales” or “Engineering” and then assign apps by groups. For example, when on-boarded a sales rep assigned to the Sales group gets granted access to Salesforce while an engineer gets GitHub and Jira. We allow users to belong to multiple groups and you can also assign apps to team members on an individual basis.

Directory Integration

Control the entire cloud directory from your fingertips.

With AppDirect you can seamlessly sync your directory infrastructure to the AppDirect network of cloud solutions. IT administrators can on-board team members by simply adding them to the existing company directory and assigning them to groups such as Sales. Once configured, AppDirect handles the heavy lifting creating the user accounts on both AppDirect and all applications relevant to Sales. On the other hand, deleting a user in your directory signals to AppDirect to de-provision the user from all their company cloud applications adding an indispensable security layer to your IT organization. We also allow you to connect multiple directories to AppDirect so that you can unify for example your LDAP, Google Apps, and Workday directories in relation to your cloud apps.

Easy Setup Wizard

You can quickly enable Active Directory or LDAP support on AppDirect by downloading the required Directory Connector agent. Download the connector behind your corporate firewall with our quick installation wizard and it will serve as the communication bridge between Active Directory or LDAP and AppDirect.

User Synchronization

The Directory Connector synchronizes data between Active Directory and AppDirect in real-time or pre-defined intervals. Users that are defined in Active Directory can have accounts automatically provisioned and de-provisioned on the AppDirect marketplace. If scheduled synchronization is configured, the AppDirect Directory Connector can synchronize Active Directory data to the marketplace platform on pre-defined time intervals.

High Availability

AppDirect can help ensure high-availability of your directory to ensure that users can always sign into AppDirect and access their applications. If your Active Directory suffers downtime AppDirect acts as a failsafe by offering full redundancy as a temporary Directory service to ensure users can always access their apps.

Password Synchronization

At your option we allow you to defer user authentication to Active Directory, and as a result, AppDirect relies on the Active Directory password, avoiding additional login information. However, you can choose to enable User Synchronization without User Authentication, which will make AppDirect the authentication service instead of Active Directory.

AD-FS and Other Identity Providers

The AppDirect Directory Connector was built to replace ADFS functionality to reduce the configuration complexity. However, AD FS 2.0 can be used in lieu of installing the Directory Connector. In addition, AppDirect’s SAML Service Provider lets you sign users into AppDirect to access all their apps with SAML and we also support most other major Authentication standards.

Strong Authentication

Protect your organization with next generation security access control.

AppDirect acts as a central point of access to all applications allowing you to apply authentication policies for all users in your organization across all their apps. You can create a wide variety of security policies by defining factors such as password complexity and expiration cycles. You can then apply different policies by context such as role or location to address the varying security needs of your organization. While centralizing access control strengthens company security, it also provides a better end user experiences eliminating the need for countless credentials.

Multi-Factor Authentication

IT administrators can require users to use a second authentication factor to add a layer of security at sign in on top of passwords. For example, you can require users to enter a PIN code send to them via text message after they complete password authenticating to AppDirect. At your request, AppDirect can offer a leading selection of authentication options including PKI certificates as well as solutions from RSA, Symantec, Duo Security, VASCO and Yubico.

Security Policies

AppDirect allows IT administrators to set their own security policies. For example, they can manage the levels of password character complexity, password length requirements, time period for session timeouts and max number of failed logins. They can also set password expiration cycles to ensure their users continuously change their passwords for added security. Last, IT admins can set policies by groups to address varying security needs across their organization.

REST API and SAML Toolkits

You can delegate the user provisioning and authentication process for your in-house applications to AppDirect by leveraging our REST API and SSO toolkits. You can use AppDirect’s OpenID and SAML toolkits to eliminate passwords and connect all your in-house apps to your directory service via our User Management API.

Password Vaulting

Encrypt your credentials for security and convenience.

The AppDirect Password Vault offers a secure and convenient way to access applications that do not support single sign-on industry standard such as OpenId and SAML. As an alternative, AppDirect can securely store passwords server-side and inject credentials into a web login page to offer a single sign-on experience with all applications.

Shared Credentials

Securely share login credentials for single user apps such as Twitter, Facebook or SurveyMonkey. Instead of sharing the password and username information to grant access, with AppDirect you can easily assign access from their MyApps page without revealing the credentials.

Audit Logs

AppDirect audit logs record all key activity from basic user updates to login attempts including application single sign-on attempts. Company Admins can then scan this information or export the data with our reporting engine to analyze it anyway they want.

Password Encryption and Security

AppDirect applies multiple layers of encryption to keep passwords safe. We never store passwords client side and we never cached them in the browser or on your computer. In addition, we only transmit passwords securely over SSL.

Browser Extension

AppDirect’s browser extension ensures that we provide secure single-sign on to all applications you need access to. The AppDirect extension supports all major browsers including Chrome, Firefox, Internet Explorer and Safari.

Personal Apps

Personal apps such as Facebook, LinkedIn and many others do not support industry standards for single sign-on such as SAML, but the AppDirect Password Vault also covers these apps adding extra convenience and security to your end-users. Users often use the same passwords for personal and company apps, for this reason, keeping all their apps safe serves as a great security solution.

User Provisioning and Deprovisioning

Manage access for all apps for all users in one secure place.

As your organization scales, manually creating, updating and deleting user accounts across cloud apps becomes increasingly difficult and time consuming. Managing who should have access to which app from each application as employees come and go from your organization poses financial and security risks. Without central governance, you cannot effectively track if former employees still have access to your company’s applications, which will waste SaaS seats and expose confidential data to outsiders. With AppDirect you can control all user management functions centrally including roles, groups, application access and much more. You can create, delete and manage users on AppDirect or your directory and our platform will sync changes across all designated apps.

Centralized User Administration

AppDirect offers a broad set of user management tools including efficient user onboarding workflows, role management, 3rd party app access management, analytics, service adoption flows and much more. IT administrators can track user service consumption and behavior patterns through an activity feed or a dashboard. If a service bought by a user gains widespread usage within his or her organization, you can choose to adopt the subscription and manage it going forward. With AppDirect you can decide which level of IT enterprise consumerization you’re comfortable with by deciding which IT workflows you want to delegate to end users if any, or gradually change policies over time.

Group Management and Access Control

AppDirect allows you to create groups and assign users to those groups to efficiently manage employees as your organization scales. You can assign a user to multiple groups and then use these groupings to assign apps to members of that group. For example, you can select the sales group to grant everyone in sales access to a new CRM tool or when a new member of the sales organization joins you can add them to the sales group to make sure they get access to all sales related apps.

Role Management

The AppDirect platform allows IT administrators to delegate responsibilities by role type within their virtual workspace. You can assign privileges to different users based on their seniority or work responsibilities. For example, you can give billing administration responsibilities to a procurement officer or controller.

Entitlement Exchange

AppDirect allows you to centrally control entitlements within other applications. A user’s entitlements might differ by application whereby they may need administrative privileges in one application but not another. A member or you Tech Ops team for example might need admin rights to a software performance management tool, but only base end user rights to your time and expenses software. With AppDirect, when you provision an application to an end user we allow you to select which privileges that user should receive with their access rights.

One-click Provisioning and Deprovisioning

AppDirect not only makes it easy for your organization to use applications with single sign-on, but also makes it equally easy to manage access to applications. IT administrators can assign (provision) or un-assign (de-provision) users to applications from one simple interface. You can simply click on an application icon, and then on the users you want to grant access to, or vice versa. There’s no better way to drive a positive return on your IT investments than by making it easy for your employees to securely access and use the products they love. On the other hand, the ability to centrally revoke access to any app adds an important security layer by, for example, preventing unauthorized access to company data from former team members.