Home | Open Source | midPoint


Simplifying and automating internal processes, while keeping an unparalleled level of security, is essential when managing identities. Institutions and organizations require seamless management of identities across the enterprise. midPoint, an open source Identity Governance and Administration (IGA) tool, is an automated, user-friendly identity and access management (IAM) solution that solves the complexities of provisioning, registry, and password management.

Open Identity, Organization Management, and Governance Platform

midPoint provides users with flexible, and relevant access to internal and external resources/ systems for enterprise user identity management. Features of midPoint include identity governance, provisioning and audits, organization structure, entitlement management, credential management, and workflow. Read more about these features below.

  • Identity Governance

    midPoint enforces identity governance through policy-based centralization of user identity management and access control. It provides the ability to define, enforce, audit, and review policies responsible for the exchange of information between both internal and external systems, for complete user lifecycle management across the enterprise. Identity governance reduces risk while enhancing security by granting IT control of how identity information is used, stored, and shared.
  • Provisioning & Audits

    Automated support for various user entitlements and flexible access management enables verification of users gaining access to the correct systems. midPoint’s auditing feature records important interactions including who requests access, why requests are granted or denied, and who approves them. With a pluggable auditing system, midpoint allows auditing to log files and to database table. Databases including LDAP and Active Directory can be integrated with midpoint for user provisioning and auditing.
  • Organization Structure

    Organization structure in midpoint is composed of units including divisions, departments, workgroups, projects, teams, domains, or similar organizational division units. It is related to role structure, for example, users in the same department have the same role. midPoint automatically computes and executes all the construction elements associated with the unit a user’s role is associated with (users can be associated with multiple roles within the organization structure).
  • Entitlement Management

    When a user is assigned to one or more roles, they are also entitled to specific resources. In identity and access management, an “entitlement” is often referred to as “authorization,” “privilege,” “access right,” and “permission.” The entitlement management feature of midPoint allows for granting, resolving or enforcing entitlements to increase security. With midPoint’s centralized access policy, applications automatically receive new or updated rules when the policy is implemented or revised.
  • Credential Management

    Credential (password) management in midPoint is comprise of two aspects: granting internal and external users access to certain passwords, in addition to generating/ managing strong passwords for users throughout their entire enterprise lifecycle. midPoint validates and generates passwords according to specific policies, with the ability to define parameters for user password creation (e.g.. types of characters, password length, and character repetition).
  • Workflow

    The workflow automation process in midPoint consists of granting user account privileges and access verification. Selected actions (e.g.. role assignment) can be postponed until approved by certain authorities (i.e.. multiple approvers). midPoint provides centralized management workflow for provisioning, entitlements, and organizational division units.

Read the datasheet for more information.

Associated Services for midPoint

Discovery Service for midPoint

Unicon professionals will work closely with the client to gain clarity on project vision and goals. Activities include a review of current IAM infrastructure and processes, meetings with stakeholders, and other foundational work required to move into the next part of the project with confidence and efficiency.

The Discovery phase sets the stage for the client engagement, articulating what a successful project outcome will look like. The Unicon team will review the client's tech portfolio, establish timing for project deliverables, and transfer knowledge of foundational project components to the client team.


IAM Assessment Service for midPoint

Unicon will conduct an assessment of the client’s current IAM environment for pre-implementation planning purposes.


Consulting Services for midPoint

The Unicon team provides expert advice and guidance through every stage of a project, ensuring successful project delivery. midPoint is an integral application of a complete identity and access management (IAM) solution for the enterprise. Identity governance, provisioning and audits, organizion structure, entitlement management, credential management, along with workflow are essential in providing users with flexible, relevant access to internal and external resources/systems for enterprise user identity management. 

Unicon offers consulting services for adopting midPoint. Unicon's Services Team supplies the expert guidance, execution, and development necessary to meet the specific needs of the institution or organization, maximizing the results in adopting midPoint.


Deployment and Configuration Services for midPoint

Sound strategy and careful preparation are required to successfully deploy an open source IAM solution. Unicon’s team of experts will deploy midPoint and provide general configuration of provisioning of accounts. Databases including LDAP and Active Directory can be integrated with midpoint for user provisioning and auditing.


Systems / Application Integration Services for midPoint

Unicon’s team of experts integrates midPoint with open source, custom, and/or proprietary applications; applying technological expertise, project management, and program management skill sets. Unicon's systems / application integration services connect midPoint with Central Authentication Service (CAS) for web single sign (webSSO) and Shibboleth for federated webSSO. Integration with CAS and/or Shibboleth is an integral step towards a complete IAM solution for the enterprise.


Hosting Services for midPoint

Unicon provides hosting for midPoint in Amazon Web Services (AWS). Clients achieve time to market advantages, high levels of reliability and scalability, and demand-based sizing and costs when they take advantage of Unicon's AWS expertise. By hosting applications in AWS, Unicon helps clients keep their mission-critical operations running smoothly. 

New to AWS? Get Started with Unicon

Unicon offers Jump Start for AWS, a cloud consulting service, to ease the complexity of getting started with AWS by providing a guided path to start the cloud journey.

Managed Services

Unicon’s managed services are SLA-driven engagements that ensure critical IT services meet stakeholder reliability and availability needs, while achieving cost and staffing goals through experienced application expertise. Managed services adapt to meet variations in traffic, evolving with the changing business needs of clients and stakeholders to ensure cost-optimized operations. Managed services are comprised of both pro-active management and incident/ticket-based support. Pro-active management is applied to capacity planning, reliability/availability, and security posture of covered services. Also covered are the establishment of monitoring and instrumentation, incident response, and service desk requests.


Support for midPoint

Protect the investment in midPoint and gain all of the advantages of this open source software designed specifically for institutions and organizations plus top-quality, professional support from a commercial vendor. Unicon’s Open Source Support program is SLA-driven and backed by an accountable team of open source experts. Take advantage of a flexible, customizable open source support service with direct access to dedicated developers, consultants, and system administrators each possessing deep experience within the select open source projects. Get the backing of technical expertise and professional service all at an affordable price.