Authentication Bridges

An authentication bridge (AB) is a type of middleware that interfaces between an IAM system and a target system; this can be necessary above all when the target system does not observe/is not bounded by the requirements of common identity protocols.

Authentication Bridges are not part of the standard service, Service eIAM, but part of the specialized application; the regulation of the operation and maintenance of Authentication Bridges is therefore the responsibility of the administrative unit responsible for the specialized application.

The general aim is to ensure that the target system does not have to adapt to IAM system requirements, and vice versa. This is advisable when the target system requirements contain special features which cannot technically or economically be replicated in the IAM system, and when these special target system features cannot be converted to common model solutions – which is often the case with SaaS. Use of an AB is also indicated when a target system's special features change frequently.

Typical AB tasks are: converting tokens, enhancing tokens, performing special onboarding processes, provisioning on target system interfaces, and receiving user and attribute provisioning.

Examples of authentication bridges:

PAMS¹: Bridge between eIAM and applications that are used by the DIP microservices landscape.
ALV Portal¹: Bridge between eIAM and ALV applications.
AB ALMA²: Bridge between eIAM and the Ex Libris ALMA library system.
Agate-Portal¹: Bridge between eIAM and various agricultural applications.
AB LMS SAP¹

¹in operation, ²under development, ³in planning

: AB in the eIAM architecture schematically