Software suite fully accessible,
free and open
Software designed from scratch to be a fully integrated identity governance solution
Soffid console: Single, simple and intuitive web interface as a single point of administration
Shared and privileged account management based on role based access control. Extra layer of security for privileged accounts where only 1 user may be used at a time and with fully audited usage
Identity federation available to the end user. Soffid Identity Provider using the SAML protocol takes care of managing the SAML, OpenID or Oauth bridges with the different external identity providers
Enterprise Single Sign On provided via a fully customisable login interface, auto-deployment of business application within the start menu, integration with any web, windows or java application and available to manage shared and single user desktops
Fine tuning permissions based on organisation role, organisation unit or granted roles. Also XACML optional module available to define attribute based control policy)
Web Single Sign On available for web applications. Full single sign on and single sign out experience for any web application with SSO sessions tracking built-in
Self service portal: Single, simple and intuitive web interface for the end user to manage their own profile, request passwords, access to applications and manage their own business processes
Directory synchronisation capabilities to keep all authoritative source always fully in sync
Role mining capabilities to optimise the number of roles or business profiles in the system
Separation of duties detaches application authorisation from user registratin process
Business process management to manage both user and system tasks and designed to be fully integrated with Soffid access control
A set of Spring services that contain the underlying identity management logic as well as the managed systems bindings. This core includes a Spring service access layer through standard EJBs.
Soffid supports a certain number of relational data base engines including MariaDB, MySQL, Oracle and SQL Server. The whole information regarding identities, user accounts, password and configuration is stored in this database.
These servers are in charge of provisioning users into managed systems, as well as gathering information about user accounts to be loaded into Soffid. In addition, it handles enterprise single sign on desktops authentication and session control.
A simple and fully intuitive web layer -Soffid Console- provides access to the core module of Soffid, allowing the administration to have full access to all functionlities remotely, accross all platforms and without the need of using any programming language.
At the same time, another web layer -SelfService- allows the end user to manage their account, all their applications and all their tasks in the context of the business workflows.
This module can be installed on user desktops with Ubuntu Linux or Microsoft Windows operating system. It allows desktop access control and it provides full single sign on experience accross web and desktop applications
This the main module of Soffid. This is the first module that needs to be installed and it is the main coordinator of all the Soffid Identity Governance logics. The Soffid console is installed and it runs as a service both in Linux and Windows machines and it is accessed via a web portal.
This module is in charge of the provisioning users into all managed systems as well as to gather the information from these systems that needs to be loaded into Soffid repositories. This module can be installed in the same server as the console or it can be installed on a different server as long as communication between both servers is available.
This module can be installed on user desktops with Ubuntu Linux or Microsoft Windows operating system. It allows desktop access control and it provides full single sign on experience accross web and desktop applications.
These modules are designed to allow the communication of the main modules of Soffid with particular domain controllers or specific managed systems. We have a connector to the most widely used systems. SAP connectors and Lotus Domino connectors are the only ones that are not available under the open source license. Their installation can be done directly through the web console via the simple upload of a file.
These modules are adding extra functionality to the main components of Soffid. Their installation can be done directly through the web console via the simple upload of a file. State of the art functionalities in the Identity Governance sector such as Role Minining or Recertification process are available through these Addons.
Soffid is supported in the most common Information Systems platforms. We are working constantly to add new platforms to our compatibility list. If you have some suggestion or request, please let us know. We are always happy to hear our audience.
Soffid is open source software, therefore its source code is free and fully available. Please feel free to browse all Soffid source code:
Soffid is a live piece of software that gets constant improvements and upgrades. During this constant evolving process, Soffid’s documentation is also being improved and updated in our documentation repository. Click here to find install instructions, description of Soffid characteristics and software documentation.