Symplified Offers Single Sign-On for the Cloud

Symplified Sync makes use of so-called identity routers—operated by Symplified, or by the local IT group—that provide the exchange between a directory store and a targeted application. What makes this particularly useful for administrators who are supporting both Active Directory and one or more cloud applications is that this doesn't require user provisioning to be done through unfamiliar tools. Adds, changes and deletes are still performed through the existing tools for Active Directory, but are pushed up to the cloud without the need for administrator intervention.

Symplified Virtual Directory goes beyond this bridging function to provide an impressive array of services that accommodate organizations with multiple identity stores, offering attribute mapping, data transformation, normalization and related functions for numerous LDAP and RDBMS (relational DBMS) systems on the one hand, and cloud-based services on the other. By offering these capabilities in a one-to-many model, Symplified claims that the Virtual Directory removes the need to fiddle with schemas or write custom code in order to exchange data between repositories.

All of this is managed through the SinglePoint Studio, a Web-based application that from all appearances is truly a browser-neutral tool. I was even able to use Safari on Mac OS X to access its functions, although most of my tinkering was done through an installation of Firefox 3.6 on Windows XP.

For my testing, I used a cloud-based setup of the Symplified applications. It's relatively easy to become comfortable with the processes of configuring and applying policies to various groups. Even higher-level functions, such as configuring user identity stores, are readily accessed and managed.

SinglePoint Studio defines applications with one or more "relative paths"—these don't correspond to any portion of a file system, but are better thought of as reflections of an organizational chart. One might have an application defined for sales, another for operations and so on. Within each application, relative paths can be defined to separate manufacturing from warehousing, if those groups have different rules for accessing a supply chain function that's common to the operations group.

The studio's dashboard page shows at a glance how a SinglePoint system is configured: applications, identity routers, user stores and pending configuration changes are all displayed for easy reference.

SinglePoint Studio's management functions are rather well thought out, offering a "Super Administrator" role that backstops the standard administrator role. "Supers" have the ability to add, delete and edit administrators and super administrators, and both groups have the power to define and manage the various aspects of the access control and authentication policies. "Supers" also have the power to reboot the all-important identity routing service.

It's relatively easy for SinglePoint customers to incorporate new public cloud services into their application mix. Once Symplified's engineers digest a service's authentication scheme, it becomes available to Symplified's entire customer base. That's as forward-looking as one could hope for.