Skip to Content
Aug 24, 2018 at 04:29 AM

IdM Production and Non-production


Hi all,

I am just wondering what people's thoughts are on how to be structure the landscape for managing production and non-production systems from IdM.

I basically see 3 different options:

  • Stand-alone IdM systems, with integration between them for life cycle management
  • Separate Identity Store on Production IdM to hold non-prod
  • All systems managed from the same IdM instance

I see pros and cons to all 3 solutions.

For the first one, it is an additional system in the landscape which needs to be managed, and the systems has to be integrated

For the 2nd one, we need to make sure all data flows from source to both identitiy stores, i.e. prod and non-prod. We'd obviously need a 2nd portal instance to connect to the other IDS

For the 3rd one, we would have all the test IDs from dev and test in the productive, and it would be more tricky to manage the business logic for non-prod user access.

I am probably most sold on the 2nd option at this point, but very interested in hearing opinions for and against.