No, at least not in the sense in which I've seen people use Sailpoint.
We often like to segment the world of identity and access management in two categories: workforce identity and customer identity (CIAM). There's a little bit of a blurry line between them, but it's mostly a useful way to break up the world.
Workforce identity products help IT teams manage employees' access to software systems. Think of the most recognizable sense in which people use Okta: you present your credentials to Okta, and it signs you into third party software like Slack.
Customer identity products like ours integrate with products like Sailpoint or Okta. If you make a product like Slack, you have many customers with many identity providers. You would use a product like ours to keep track of your users across different companies, and you'd use a product like ours to support single sign-on integrations with products like Sailpoint or Okta.
That said, I wouldn't be surprised if you can make Sailpoint behave like CIAM software. I am truthfully not very familiar with their product -- it's not very easy to make a developer account with them!
Dang. So an IdP + SCIM? From an IAM team perspective I rather dislike having IdPs being the source of truth for authz, because you're embedding a lot of application specific logic in a second location. It can't be worse than Shibboleth. I think there's a niche out there for a better IDM but it's a very unsexy space.
No, at least not in the sense in which I've seen people use Sailpoint.
We often like to segment the world of identity and access management in two categories: workforce identity and customer identity (CIAM). There's a little bit of a blurry line between them, but it's mostly a useful way to break up the world.
Workforce identity products help IT teams manage employees' access to software systems. Think of the most recognizable sense in which people use Okta: you present your credentials to Okta, and it signs you into third party software like Slack.
Customer identity products like ours integrate with products like Sailpoint or Okta. If you make a product like Slack, you have many customers with many identity providers. You would use a product like ours to keep track of your users across different companies, and you'd use a product like ours to support single sign-on integrations with products like Sailpoint or Okta.
That said, I wouldn't be surprised if you can make Sailpoint behave like CIAM software. I am truthfully not very familiar with their product -- it's not very easy to make a developer account with them!
Dang. So an IdP + SCIM? From an IAM team perspective I rather dislike having IdPs being the source of truth for authz, because you're embedding a lot of application specific logic in a second location. It can't be worse than Shibboleth. I think there's a niche out there for a better IDM but it's a very unsexy space.