EmpowerID

EmpowerID is an enterprise identity platform covering access management (SSO, MFA), identity governance (access requests, certifications), lifecycle automation/provisioning via connectors, and privileged access controls. Product pages and admin/training guides describe protocol support (SAML/OIDC/OAuth/WS-Fed), role-driven workflows, and deployment patterns that integrate with on-premises and cloud systems.

Key Capabilities

• Standards-based SSO & Federation: Supports SAML 2.0, OpenID Connect, OAuth 2.0, WS-Federation, plus RADIUS/LDAP.

• MFA & Passwordless: Vendor materials describe FIDO2/WebAuthn options, virtual/hardware tokens, and the EmpowerID Mobile Authenticator (push and passcode). Admin/training pages show MFA configuration and per-user MFA settings.

• Provisioning & Connectors: Identity Warehouse & sync services with connectors for AD/LDAP and SaaS (e.g., Microsoft 365/Google/AWS/Salesforce/Box). A SCIM Virtual Directory Server (VDS) exposes SCIM to upstream systems (e.g., Azure AD Provisioning) for apps lacking native SCIM.

• Identity Governance: Access recertification/governance workflows and reporting to support compliant access and SoD.

Limitations

• Public developer depth: While product/training pages are available, a consolidated, vendor-hosted API reference for all IdP/IGA functions is not prominent.

• SCIM scope: EmpowerID markets a SCIM VDS to bridge Azure AD to non-SCIM apps. Not enough public information to confirm a general-purpose, first-party SCIM 2.0 provider endpoint intended for external tenants to manage EmpowerID identities directly.

• Multi-product breadth: PAM and SSO/IGA in one platform reduce integration work but can increase evaluation/operations complexity versus adopting narrower point solutions.

• Documentation discoverability: Capabilities are spread across marketing pages, training sites, and Confluence spaces; customers should validate protocol endpoints, connector coverage, and deployment guidance during PoC.