Introduction

Transform Identity Engine is a modern platform for Customer Identity and Access Management (CIAM). Identity Engine provides APIs and a responsive web user interface to support login, registration, localized email, multi-factor authentication, reporting and much more.

If you’re looking for an employee log in or a replacement for Active Directory - you may be in the wrong place. While Identity Engine can be used for nearly any application, we do not offer native desktop integration and replacing Active Directory is not on our roadmap. However, if you’re looking for a solution to manage end-users that can perform at scale, then keep reading.

Core Concepts

Legacy identity technologies have complex hierarchy and cryptic terminologies like realms, principals, subjects and distinguished names. In order to simplify something perceived to be complex, the best approach is to go back to the basics, to the atomic elements and throw everything else away.

When we built Identity Engine we took the back to basics approach. We identified two atomic elements of identity, Users and Applications. Everyone has Users, and Users need to be authenticated to Applications. For this reason, Identity Engine is built upon four core elements:

• Users - someone that can log into things

• Roles - is something the user is assigned to

• Attribute - is the additional metadata about the user

• Applications - things that Users log into

• Identity Scope - scope that an application is assigned to.

• Connectors - additional identity provider, e.g. Azure Active Directory, Facebook, Google etc

• Zero Trust - used to restrict access to the identity engine