Identity-and-Access Management (IAM) in caralegal is only included in the Enterprise package. If you have booked a different package, we can activate and set up Single-Sign-On (SSO) and Identify-and-Access Management (IAM) for an additional charge.
Identity and Access Management (IAM) is a system that helps control who can access certain resources or information within a company or online service. It ensures that the right people (like employees or users) have the correct permissions to access specific tools, files, or data, and keeps out those who shouldn't have access. It's like a security system that checks your identity and decides what you can and cannot do based on your role.
We usually solve the following problem with Identity-and-Access Management (IAM):
Users are already maintained in a user management system
Administrators themselves do not have a good overview of which users belong to which organisational unit due to the large number of users and the branching of their own company.
This is a further development of single sign-on (SSO)
How does IAM work?
With IAM, we can synchronise the ‘Group ID’ (usually managed as a claim) with the caralegal units in the software.
Theoretically, we could also work with values other than ‘Group ID’, but it definitely has to be a claim and not an attribute.
The end result of the comparison looks something like this
azureGroupId | caralegalOrgUnitName | displayName (not important) | groupType (not important |
3f096ad4-xxxxxxx-ddeb488253e4 | Caratraining > Cara GmbH > Marketing | Caratraining | Microsoft 365 |