Wallix Access Manager

WALLIX Access Manager (WAM) is a secure, browser-based remote access gateway designed for managing and auditing privileged sessions without requiring VPNs or local client software. It acts as a centralized entry point to WALLIX Bastion targets and integrates with enterprise identity systems for authentication and MFA, but it is not a full-featured IdP for general web application SSO.

Key Capabilities

  • HTML5 session brokering: Enables secure RDP and SSH sessions over HTTPS directly in the browser, removing the need for client agents or plugins.

  • Centralized access & auditing: Serves as a single portal to access and monitor Bastion-connected systems. Admins can search and replay session recordings, filtering by metadata or keystroke content for compliance and forensic analysis.

  • IdP & MFA integration: Supports SAML, RADIUS, and X.509 authentication. Integrates with Trustelem (for federation and SSO) and WALLIX Authenticator to enable MFA methods such as FIDO2, push notifications, and OTP.

Limitations / Trade-offs

  • Not an application IdP: WAM uses SAML/RADIUS/X.509 to authenticate users into WAM itself, not to issue SAML or OIDC tokens for third-party app SSO.

  • OIDC/FAPI coverage: Documentation lacks details on OpenID Connect provider features (e.g., discovery, ID tokens) or advanced OAuth 2.0 profiles such as PAR, DPoP, or mTLS-bound tokens.

  • Provisioning (SCIM): WAM materials focus on session management and authentication federation; there’s no evidence of SCIM 2.0 provider or consumer endpoints for user lifecycle automation.

  • Bastion dependency: WAM operates as an access layer that brokers connections through WALLIX Bastion. It is not a standalone PAM or identity directory.

Customer Identity, Simplified.

No Complexity. No Limits.
Thousands of businesses trust LoginRadius for reliable customer identity. Easy to integrate, effortless to scale.

See how simple identity management can be. Start today!
Free Trial
Contact Sales