Identity is messy. MESSY. Companies might have multiple IdPs. Every SaaS is a user store with local accounts. You might keep your contractor source of truth in Gusto or–womp, womp–a spreadsheet. You might use your IdP as the source of truth for SSO users, but your HR system as the source of truth for employment status. And those two systems are not always in sync!
The relationship between your people and the accounts in business apps, infrastructure, and backoffice can be tough to untangle. And therein lies the problem: you can’t govern and secure what you don’t understand.
Today we’re excited to announce our unified directory feature. ConductorOne has always mapped the ownership of human users to identities and accounts in applications, but with a unified directory, we go a step further. You can now:
- Source users from multiple HR directories, IdPs, and/or any identity datasource (even spreadsheets!)
- Create custom user attributes from HR systems, IdPs, or any identity datasource
- Resolve account ownership automatically to one or more email addresses or identifiers for a human user
- Sync HR status, directory status, job title, department, and user type to your unified directory
The unified directory feature provides you with a single, consolidated source of truth for all humans that interact with your organization.
How does this help? With an authoritative view of employees and contractors in your organization you can:
- Surface HR status, job title, department, and user type context on access requests and reviews
- Identify orphaned accounts where no human is responsible
- Identify active accounts for terminated employees
- Drive contextual access decisions based on job, department, directory, or employment status
The unified directory feature allows you to securely govern your identities and access and achieve least privilege by maintaining an authoritative, up to date, view of your people.
