Chat now with support
Chat with Support

Identity Manager On Demand - Starling Edition Hosted - Quick Start Guide

About this guide

The One Identity Manager On Demand (Starling Edition) Quick Start Guide provides an overview of the architecture of our One Identity Manager On Demand offering and its core capabilities. It also provides information about the customization limitations and prerequisites you will need before installing the One Identity Manager On Demand on-premises components, and how to set up, install, and update One Identity Manager On Demand on-premises components.

This guide is intended for, system administrators, consultants and any other IAM professionals using the product.

Available documentation

You can access One Identity Manager On Demand documentation in the Manager and in the Designer by selecting the Help > Search menu item. The online version of One Identity Manager On Demand documentation is available in the Support portal under Technical Documentation. You will find videos with additional information at www.YouTube.com/OneIdentity.

One Identity Manager On Demand overview

One Identity Manager On Demand is a cloud service offering from One Identity that provides a fully-functional implementation of the One Identity Manager application, deployed to customers over the cloud (https://cloud.oneidentity.com) and supported by the One Identity operations team.

One Identity Manager On Demand simplifies the process of managing user identities, access permissions and security policies. You allow the company control over identity management and access decisions while the IT team focuses on their core competencies.

With this product, you can tackle all Identity Governance and Administration core functions:

  • Identity life cycle: Maintaining digital identities, their relationships with the organization and their attributes during the entire process from creation to eventual archiving, using one or more identity life cycle patterns.

  • Entitlement management: Maintaining the link between identities and access rights to be able to tell who has access to what and who is responsible for maintaining an account or access right. This includes maintaining and curating the entitlements catalog to describe the types of accounts, roles, group memberships and other entitlements.

  • Access requests: Enabling users, or others acting on behalf of a user, to request access rights through a business-friendly user interface.

  • Workflow: Orchestrating tasks to enable functions such as access approvals, notifications, escalations, manual fulfillment requests and integration with other business processes. For example, this allows managers or resource owners to approve or deny requests.

  • Policy and role management: Maintaining rules that govern automatic assignment (and removal) of access rights; providing visibility of access rights for selection in access requests, approval processes, dependencies and incompatibilities between access rights; and so on. Roles are a common vehicle for policy management.

  • Access certification: Requiring people like managers and resource owners to review and certify the access rights that users have on a periodic basis to ensure access continues to comply with policies.

  • Fulfillment: Propagating changes initiated by One Identity Manager On Demand to target systems. Automatic fulfillment (often called "provisioning") connects with user account target systems, while manual fulfillment utilizes a workflow or external process to complete actions.

  • Auditing: Evaluating business rules and controls against the current state of identities and access rights, providing a means for alerting control owners of exceptions (such as changes made directly on target systems) and allowing for orderly remediation.

  • Identity analytics and reporting: Providing means to: (a) evaluate risk based on identity information insights; (b) apply techniques to cleanup excessive, outlier or wrongful entitlements; and (c) enhance the continuous process of identity governance, including risk reporting.

Every one of these core functions is based on an automation-optimized architecture that addresses major Identity Governance and Administration challenges at a fraction of the complexity and time of "traditional" solutions.

Architecture overview

The architecture overview shows the different components of One Identity Manager On Demand. One Identity Manager On Demand cloud components are managed and monitored by the One Identity operations team. One Identity Manager On Demand on-premises components must be installed and configured locally to connect and synchronize on-premises target systems with One Identity Manager On Demand cloud components.

Figure 1: Overview of One Identity Manager On Demand components

Using One Identity Manager On Demand as a Starling service

One Identity Manager On Demand is integrated as a Starling service in One Identity Starling (https://cloud.oneidentity.com). One Identity Manager On Demand is available as a time-limited trial version and as a paid subscription.

  • To use One Identity Manager On Demand for a limited time period, contact One Identity. One Identity can enable proof of concept for your product trial. You will be notified once proof of concept has been added to your organization's account. The product performs exactly how it would with a test instance with no restrictions. A proof of concept trial is limited to 30 days but if you need more time, you can ask for an extension before the trial subscription ends.

  • To use a paid subscription, contact One Identity to set up the subscription. You will receive a subscription confirmation email from One Identity.

    A paid subscription offers you full access to the product for the length of your contract and with a fixed number of user licenses. With a paid subscription, you get a test instance and a production instance.

To use One Identity Manager On Demand as a Starling service, you require a Starling organization. You can add the Starling service to an existing organization or set up a new one. For more information about organizations, see the One Identity Starling User Guide under Organization creation and management.

To start a subscription

  1. Log in to the One Identity Starling portal.

  2. Configure your subscription.

    • To configure a product trial, on the home page, select the View On Demand Services section.

      1. Select One Identity Manager On Demand (Starling Edition) and click Trial.

        This creates a trial subscription. One Identity Manager On Demand (Starling Edition) is shown as a new tile in the My Services section and can be used until trial period ends.

      2. On the home page, in the My Services section, click the One Identity Manager On Demand (Starling Edition) tile.

    • To configure a paid product, click on the One Identity Manager On Demand (Starling Edition) tile in the My Services section on the home page.

  3. Select the type of deployment.

    • To start a proof of concept trial, click Proof of concept trial.

    • To start a paid subscription, click Production.

  4. Select the region where you want your One Identity Manager On Demand instance to be deployed.

  5. Enter a domain name for your One Identity Manager On Demand instance.

    The domain name may not be longer than 40 characters and must be unique within Starling.

  6. Click Set Up Deployment.

    This starts up a One Identity Manager On Demand instance. It can take a while to complete. Once your instance is ready to use, you will receive an email containing a link to it.

Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating