10Duke Identity Provider
10Duke Identity Provider (IdP) delivers identity and access management (IAM) within the 10Duke Enterprise platform, supporting authentication, federation, and integration with external IdPs such as Microsoft Entra ID and Okta. It can function both as a Service Provider (delegating authentication) and as an Identity Provider (issuing tokens, managing directories, and enforcing access policies) for client applications.
Key Capabilities
-
Unified identity + licensing: 10Duke’s combination of identity and software entitlements simplifies system design and operations.
-
Protocol compatibility: Support for OIDC, OAuth, SAML allows wide interoperability with enterprise IdPs.
-
Flexible provisioning & mapping: Ability to tailor user attribute flows and sync user state from external IdP.
-
Scalability & centralization: All authentication funnels through 10Duke, simplifying client app logic and enabling centralized auditing and session control.
Limitations
-
Complexity in mapping & configuration: Setting up attribute mappings, domain restrictions, provisioning policies, and logout behavior requires careful configuration.
-
Dependency on external IdPs: In federation scenarios, availability and configuration of external IdPs become critical for successful authentication.
-
Documentation focus on licensing use cases: Public documentation emphasizes identity-based licensing more than pure IAM features, so some IAM-centric features or edge cases might not be fully documented or mature in all scenarios.