What is Identity-as-a-Service (IDaaS)?

IDaaS refers to cloud-hosted services for verifying that users are who they claim to be.

Share facebook icon linkedin icon twitter icon email icon

IDaaS

Learning Objectives

After reading this article you will be able to:

  • Understand cloud service models
  • Learn about Identity-as-a-Service (IDaaS)
  • Explore the major types of IDaaS services

What is Identity-as-a-Service (IDaaS)?

Identity-as-a-Service, or IDaaS, refers to a wide variety of cloud-hosted services for identity and access management (IAM). Essentially, IDaaS is a category of technological functions that have to do with user identity and are hosted in the cloud. IDaaS providers help ensure that users are who they claim to be, ultimately blocking cyber criminals and other unauthorized users from accessing sensitive data.

What is a cloud service?

The cloud is a broad collection of servers and their supporting infrastructure that are accessed over the Internet. A cloud service is a product or application that runs on servers hosted in the cloud instead of running on an organization's local infrastructure. Cloud services use a subscription model: instead of paying once for a piece of software, cloud customers pay a monthly fee and can increase their level of service on demand.

Most cloud services are described by appending "as-a-Service" to the name of their function. For example:

  • Software-as-a-Service (SaaS) refers to software applications hosted in the cloud
  • Platform-as-a-Service (PaaS) refers to development tools and servers for building applications that are hosted in the cloud
  • Infrastructure-as-a-Service (IaaS) refers to servers in the cloud
  • Function-as-a-Service (FaaS) refers to serverless computing in the cloud

Identity-as-a-Service, or IDaaS, is a type of SaaS.

What services do IDaaS providers offer?

IDaaS providers can offer a number of user authentication services, such as:

Multi-factor authentication (MFA): MFA is the use of multiple authentication factors to verify a user's identity. One example would be requiring users to insert a USB device into their laptop, in addition to entering their password. MFA is more secure than username and password combinations alone. Cloud MFA providers enable organizations to quickly implement MFA. (See also: What is two-factor authentication?)

Single sign-on (SSO): SSO allows users to sign in once to a single portal in order to access all of their SaaS applications, and it also provides a centralized place for companies to manage the applications each user has access to. Most SSO services are cloud-hosted and allow users to access their SSO login pages through a web browser.

Identity management: An identity provider (IdP) stores and manages user identities. An IdP may check user identities via username-password combinations and other factors, or it may simply provide a list of user identities that another service provider checks. Cloud-hosted IdPs fit under the IDaaS umbrella.

Learn about Cloudflare Access, which enables companies to manage employee access to any internal resource without a VPN, or read more about access control in the Cloudflare Learning Center.