About this guide
One Identity Starling CertAccess integrates One Identity Active Roles and One Identity Manager in the Starling CertAccess cloud-based service. You use the Starling CertAccess Agent to set up synchronization between an Active Directory environment managed by One Identity Active Roles and Starling CertAccess.
The One Identity Starling CertAccess Administration Guide for One Identity Active Roles Integration describes how you provide Starling CertAccess to your company. It includes installing and working with the Starling CertAccess Agent. You will discover, which prerequisites you require for the installation and how to use the Starling CertAccess Agent components.
The One Identity Starling CertAccess Administration Guide for One Identity Active Roles Integration is aimed at administrators that utilize Starling CertAccess to help manage Active Directory through One Identity Active Roles, allowing you to handle access requests and carry out access certifications.
For more information about how to handle access requests and carry out access certifications, see the One Identity Starling CertAccess Web Portal User Guide.
The online version of Starling CertAccess documentation is available in the Support portal under Starling CertAccess online documentation.
Starling CertAccess basics
One Identity Starling CertAccess delivered access requests and access certifications in the form of a Software as a Service solution allow Starling CertAccess to augment One Identity Active Roles with approvals, notifications, escalations, and other business processes for your hybrid environment. Use Starling CertAccess to easily satisfy attestation and recertification policy requirements while providing auditors what they need.
Use the Starling CertAccess Agent to set up synchronization between a One Identity Active Roles managed Active Directory environment and Starling CertAccess. Synchronization transfers all the required data for controlling access, such as user accounts, groups, and group memberships.
Users can use Starling CertAccess Web Portal to request memberships in Active Directory groups (access request). Managers and others responsible for compliance can certify the correctness of access requests as well as recertify existing memberships using regular attestation (access certification). All memberships are assigned to specific identities allowing access permissions to be tested to see if they are valid in that combination. This ensures that regulatory requirements are fulfilled. If, during attestation, certain access permissions are identified as being invalid and certification is therefore denied, the affected memberships are automatically deleted. Changes such as authorized access requests or revoked access permissions are immediately provisioned in the connected Active Directory domains and take effect straightaway.
The Starling CertAccess Web Portal provides various reports containing information about synchronized data, available access permissions, or completed attestations. You can use these reports for analyzing and summarizing important information.
Starling CertAccess is integrated as a Starling service in One Identity Starling (https://cloud.oneidentity.com). You can subscribe to a trial version of the Starling service, filled with sample data, to help you understand the functionality better before you commit to a paid subscription. The One Identity sales team will support you if you wish to carry out a Proof of Concept trial with your own data.
You can use any browser to access Starling CertAccess if it is supported by One Identity Starling. For more information about this, see the One Identity Starling User Guide.
Additional hardware and software prerequisites
The hardware and software prerequisites for One Identity Starling apply to Starling CertAccess. The prerequisite for registering and signing in to One Identity Starling is an Azure Active Directory tenant. Use your Azure Active Directory credentials to register. For more information about this, see the One Identity Starling User Guide.