[midPoint] existing 'IGA' ; dev / test /production
Anwar Mahmood
anwar.mahmood at outlook.com
Wed Mar 18 18:24:11 CET 2026
Hello,
Midpoint looks amazing!
I'm curious.
imagine I have an established non-trivial identity environment;
*
AD DS
*
Microsoft Entra ID
*
on premises applications
*
IIS
*
Accounts
*
Marketing
*
etc
*
SaaS applications that...
*
...use OIDC and SAML to authenticate to Microsoft Entra ID
*
...some use SCIM for provisioning
*
some use FTP uploads
*
DBs as 'source of truth' for different user profiles
Over the years, there is a high degree of integration, and it is custom.
It does some of the things that we would now call an IGA platform.
It does what it does really well. It's just that we need it to do more, and that isn't easy.
When a user in a DB is ready to provision, they are provisioned through AD DS, home directory, NTFS quota, Microsoft Entra Connect Sync to propagate to Microsoft Entra ID. Then, another PowerShell script licenses them and sets SSPR details, configures their Exchange Online mailbox. Another process notifies the user at their personal email address that their account is ready to use.
Real time; mature; works.
LOTS more connectors, of course.
I have a dev and test instance of AD DS and Microsoft Entra ID, but not all apps. Some SaaS apps do have test instances, but they are connected to the production Microsoft Entra ID instance [it's test for the user, but not in terms of identity]
It is going to be complicated.
Q: How easy is it to deploy Midpoint IGA when there is already an existing 'IGA' platform
Q: Do I need to establish a [permanent] dev instance of Midpoint + AD DS + Microsoft Entra ID so I can do IGA safely, and setup the connectors?
These are very much the low level elements.
May be it's...
*
you should - it makes things easier - but we're a 200K user company and we managed fine with only test and production
*
etc
Really appreciate your thoughts!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20260318/eb863683/attachment.htm>
More information about the midPoint
mailing list