New features

• Simplified SAML and provisioning configuration - we significantly simplified how admins configure SAML and provisioning integrations. We hid all advanced fields and made sure admins only need to input the minimal set of parameters. For some apps we truly preconfigured them where nothing needs to be manually entered. 
• Simplified HRMS integration - we simplified and enhanced the UI for how to connect idemeum to your HRMS systems. All systems come preconfigured, and all that is needed is to enter an API key or Authorize idemeum to access HRMS APIs. 
• SCIM 1.1 support - we added support for SCIM 1.1 protocol as some apps are still not supporting version 2.0. 
• Cloud staging environment - we creating staging environment so that we can seamlessly test new features, launch beta programs, and ensure stability and reliability of our production environment.

Fixes and improvements

• Fixed HRMS connectors returning group attributes with external names
• Enforced only fully onboarded users to have entitlements evaluated
• Ensured entitlement rules get disabled when HRMS in not configured
• Fixed the issue when switching to admin portal was visible to non admin users
• Fixed issue of oAuth provisioning pop up not working on Safari and Firefox
• Fixed Google Workspace provisioning for initial admin user
• Fixed logos missing for staging environment
• Fixed the issue of misaligned idemeum icon in the admin portal
• Added additional log messages for HRMS troubleshooting
• Made entitlement errors for users more friendly
• Added the ability to onboard admin in the background when HRMS is first configured
• Implemented Amazon SQS for asynchronous entitlement evaluation
• Implemented Amazon SQS for asynchronous provisioning

We are excited to share that we updated our integrations catalog.

Now it can be accessed via separate URL - https://integrations.idemeum.com 

We have improved styling, navigation, search, and discoverability of idemeum integrations. With top bar counters you can easily see how many and what types of integrations we are supporting today. 

We are constantly adding new integration across various categories.

You can learn more about integrations portal here. 

Rule based entitlements

With Rule Based Entitlements you can assign application to certain groups of users and have granular control for who has access to what. 

idemeum integrates closely with HR system of your choice and will pull information such as role, department, or country. You can use this information to assign applications to employees. 

The rules are organized based on if/then statements for ease of creation and maintenance. For instance, you can create a rule that entitles every Operations Manager to certain set of applications. 

idemeum stays in sync with HRMS system, and if the information in your HR system changes (new departments, updated employee records, etc.) idemeum will automatically readjust and recalculate entitlement rules, and conduct all necessary provisioning / deprovisioning.

Integrations catalog

We are launching our first iteration of integrations catalog.

To start with, we certified 30 integrations across various categories, including passwordless SSO, HRMS, and automated account provisioning. 

In addition to a summary table with all integrations that we support, we will be providing detailed step by step instructions on how to configure certain integration. 

You can access out integration catalog here.

https://integrations.idemeum.com 

End to end Passwordless Single Sign-On

At idemeum we envisioned SSO to be simple. To configure SSO you will need to do 3 simple steps: connect idemeum to HR system, set up SAML apps, and enable account provisioning.

Therefore, as part of this release we are launching:

1. HR system integration - connect your HR system to idemeum in order to automate provisioning and account management. You will be able to automatically create SaaS accounts when employees join and remove accounts when they leave. 
2. Single Sign-On SAML support - integrate idemeum with SaaS applications that support SAML for one-click centralized access..
3. Application provisioning - connect idemeum with SaaS applications that support SCIM in order to automatically create, update, and delete employee accounts. 

And of course our SIngle Sign-On access works closely with Passwordless MFA. All application access is performed with biometrics instead of any passwords. 

Meet idemeum Passwordless MFA

We are excited to share that we released our Passwordless MultiFactor Authentication product.

idemeum Passwordless MFA allows you to truly eliminate passwords across your organization. Instead of having to login with credentials and type in cumbersome one time codes, idemeum allows your employees to access any application with biometrics instead. 

User experience

• Unlike any existing solution, idemeum MFA is easy to set up - it literally takes 2 mins, and can be done without any IT admin involvement. 
• All logins are very secure and are protected by asymmetric cryptography and protocols such as FIDO2.
• When your employees login into applications they will simply scan the QR code or approve a push notification. No passwords. No codes to generate or type.

We support both iOS and Android.  

Demo

if you want to learn more, please take a look at the demo here: 

https://youtu.be/Btgn_9ncOGw