NetIQ Access Manager

NetIQ Access Manager (now branded as OpenText Access Manager) is a self-hosted web access and federation platform designed to secure applications, APIs, and web resources. It combines federation, reverse proxy–based SSO, and contextual access control under one architecture.

Key Capabilities

  • Standards-based federation: Supports SAML 2.0, OAuth 2.0/OpenID Connect, WS-Federation, and WS-Trust, allowing interoperability with both modern and legacy systems.

  • Authorization server (OIDC/OAuth): The Identity Server provides OIDC discovery and token endpoints, with administrator and developer guides covering client registration, consent, and logout flows.

  • Reverse proxy / web SSO: The Access Gateway acts as a reverse-proxy SSO layer, injecting identity attributes via headers or cookies—ideal for securing legacy or non-federated web applications.

  • Automation APIs: Provides REST APIs for automating federation setup and configuration across SAML, WS-Fed/WS-Trust, OAuth, and OIDC environments.

Limitations

  • Kerberos constrained delegation: Documentation confirms that KCD is not supported in version 5.x, requiring alternative patterns for Windows-integrated authentication.

  • SCIM provisioning: Current documentation focuses on access and federation; there is no confirmation of a native SCIM 2.0 provider endpoint.

  • Advanced OAuth profiles: Public materials describe standard OAuth/OIDC functionality, but do not confirm support for PAR, DPoP, or mTLS-bound tokens.

  • Self-hosted administration: Customers are responsible for managing appliance or VM deployments, certificates, patches, high availability, and policy maintenance, unlike fully managed SaaS IdPs.

Customer Identity, Simplified.

No Complexity. No Limits.
Thousands of businesses trust LoginRadius for reliable customer identity. Easy to integrate, effortless to scale.

See how simple identity management can be. Start today!
Free Trial
Contact Sales