CyberArk Glossary >

What is Identity Orchestration

Identity Orchestration automates identity management workflows without writing custom code or scripts. Orchestration helps IT teams:

  • Eliminate manually intensive administrative processes.
  • Accelerate user onboarding and change management.
  • Reduce human error and risk.

With an identity orchestration solution, any individual—without any special programming knowledge or training—can easily integrate applications, synchronize data, coordinate event responses and automate complex identity management processes using a visual, no-code user interface.

Why Identity Orchestration?

Managing user identities and access privileges is a significant challenge for many IT organizations. In the digital world, a diverse collection of users (including employees, contractors, outsourcers and support vendors) have access to a wide variety of applications and systems scattered across on-premises and cloud-based infrastructure. But many IT organizations rely on manual processes to onboard users and manage their evolving access rights—a resource-intensive, time-consuming and error-prone approach involving a diverse collection of independent applications, directory stores and data repositories.

Enhancing Lifecycle Management with Orchestration

Enhancing Lifecycle Management with Orchestration

It can take days (or even weeks) for new hires to gain complete access to the full set of applications they need to perform their jobs. Provisioning mishaps can impair user productivity, burden the help desk and open the door for adversaries. And accounts can remain active long after employees change roles or leave an organization, creating opportunities for both internal and external threat actors.

Businesses can eliminate human error and reduce risks by automating common identity lifecycle management functions. But that’s a tall order for most companies. For example, each application, human capital management (HCM) system, change management system and directory store has a unique API. IT organizations are forced to write complex scripts or code to automate routine adds, moves and changes—a costly, complicated and drawn-out proposition. Most IT organizations simply don’t have the expertise, bandwidth or budget to pull it off. Identity Orchestration solutions can eliminate costs, staffing issues and skill barriers around automation by making it easy for anyone to automate complex identity management workflows.

Identity Orchestration Features and Capabilities

Identity Orchestration solutions offer a variety of features and capabilities, including:

  • Visual no-code user interface – Identity Orchestration solutions provide intuitive drag-and-drop or forms-based interfaces that make it simple to automate workflows.
  • Out-of-the-box connectors – Most Identity Orchestration solutions include pre-built connectors for popular applications, HCM systems, directory stores, and change management platforms.
  • Identity lifecycle management automation – Most Identity Orchestration solutions provide built-in workflows to streamline onboarding, offboarding and change management functions, automatically provisioning identities and access rights across diverse applications and systems when users join an organization, change roles or leave the company.
  • Event-driven orchestration – It’s important to use Identity Orchestration solutions that can automatically reprovision identities and access privileges based on real-time event notifications from threat intelligent systems or other applications.

Identity Orchestration Benefits

Identity Orchestration solutions can provide a variety of business benefits by helping organizations:

  • Jumpstart new-hire productivity by giving users day one access to critical applications.
  • Reduce cyber risk by eliminating provisioning errors, privilege creep and dormant accounts.
  • Improve IT productivity and free up IT resources to focus on strategic tasks by eliminating manually intensive, time-consuming administrative processes.
  • Reduce automation cost and complexity by eliminating complex coding and scripting efforts.

Solution Packaging and Deployment Models

Identity orchestration solutions are typically integrated with Identity Governance and Administration (IGA) solutions, Identity and Access Management (IAM) solutions or more comprehensive Identity Security platforms. They are delivered as traditional software solutions or as SaaS solutions.

Learn More About Identity Orchestration

OTHER GLOSSARY ENTRIES