Identity and Access Management for MSP's

  • Provide single sign-on for your applications on a cloud-hosted multi-tenant identity platform

  • Easily integrate your applications with your customers' on-premises identity systems such as Active Directory

  • Increase revenues with an affordable identity-as-a-service offering


Managed Service Providers (MSPs) face critical marketplace challenges such as:

The trend towards using massive PaaS vendor services such as AWS and Microsoft Azure that are threatening the very existence of “traditional” MSPs

Finding new revenue-growth opportunities

Identifying and offering more value-added and differentiated services

Cobalt's federated, multi-tenant architecture provides an ideal platform for MSPs to deliver customized, high-value identity-as-a-service offerings to their customers.

  • Multi-tenant – simplifies onboarding of new customers and reduces operations costs by sharing infrastructure across multiple customers
  • Federated authentication and single sign-on – MSP staff can authenticate once and gain access to the customers' identity system without having to manage multiple sets of credentials.
  • Per-tenant configuration – each tenant has its own schema, service configuration, access control policies, identity synchronization rules, and trust relationships with external systems.
  • Replicated data and redundant load-balanced services – ensures service keep running even in the case of virtual machine and network failures.
  • API-driven – all functions and configuration are available through web APIs, allowing for easy automation and integration with operations tools.

Cloud Migration

Nearly every organization is migrating some aspect of their IT to the cloud, whether it be through using cloud-based SaaS applications, moving on-premises applications to a public cloud infrastructure-as-a-service (IaaS) platform, or developing and deploying new applications in the public cloud. Adopting cloud infrastructure or applications without considering the impact of the organization's identity and access management is a recipe for disaster. There are several significant IAM-related issues:

  • Authentication and Single Sign-on – Most cloud SaaS applications have their own directories and authentication mechanisms and require that users maintain yet another username and password. This is a poor user experience and tends to create security vulnerabilities due to weak or repeated passwords.
  • Account provisioning and deprovisioning – Failing to provision cloud SaaS accounts in a timely fashion wastes the user's time, and failing to deprovision accounts when the user has left or changed roles is both costly and creates security vulnerabilities. The overhead of creating, managing, and removing user accounts for each cloud SaaS application can be costly and error-prone.
  • Application access control – Along with provisioning accounts in cloud SaaS applications, it is critical that the access rights in those applications (e.g. the role a user has within the application) are managed properly. Improper access rights create security vulnerabilities and possible audit issues.
  • Application audit – Being able to control application authentication and access is only part of the problem. IT organizations also need to be able to produce audit reports showing who has access to which applications, and who actually used those applications and when.
Cobalt can provide solutions to all of these issues in a multi-tenant architecture ideal for operations and management by MSP staff.

Cloud SaaS Application Single Sign-On

Often a customer's first exposure to cloud computing is consuming cloud-based SaaS applications. Rolling out the first few applications is generally quick and easy, but users soon become overwhelmed with keeping track of all the additional usernames and passwords, and IT rapidly loses control over which users have access to which applications. Cobalt provides single sign-on support to cloud applications, and the ability to define policies that control which users can access which applications.

Modernizing Identity Platform for Multi-Cloud Environments

Larger enterprises are upgrading their data centers using hyperconverged infrastructure components (HCI) and cloud-optimized software to improve agility and efficiency and to reduce operating costs. In particular IT organizations are deploying their workloads across multiple clouds, both private and public. Their existing legacy IAM systems, often based on proprietary systems aren't designed to support modern cloud applications and public cloud identity-as-a-service (IDaaS) products only run in the vendor's own environment. Cobalt provides identity infrastructure that is architected for multi-cloud deployments that allow the customer to deploy identity services in the cloud environment that makes the most sense from a security, performance, and cost perspective. For instance, sensitive identity data can remain in a private cloud environment, while services such as authentication and authorization can run in the public cloud close to the users and applications that need them.

Contact us to schedule a demo