Getting Started
Whenever you need access to important information, administrators need to know who you are. They need to know your identity, which may be distributed in multiple accounts. As a user, you might have several accounts even within your own company, for functions such as:
- Human Resources
- Payroll
- Engineering, Support, Accounting, and other functions
Each of these accounts may be stored in different resources, such as Active Directory, OpenDJ, OpenLDAP, and more. Keeping track of user identities in each of these resources (also known as data stores) can get complex. OpenIDM simplifies the process, as it reconciles differences between resources.
With situational policies, OpenIDM can handle discrepancies such as a missing or updated address for a specific user. OpenIDM includes default but configurable policies to handle such conditions. In this way, OpenIDM ensures consistency and predictability in an otherwise chaotic resource environment.
OpenIDM can make it easier to track user identities across these resources. OpenIDM has a highly scalable, modular, readily deployable architecture that can help you manage workflows and user information.
With OpenIDM, you can simplify the management of identity, as it can help you synchronize data across multiple resources. Each organization can maintain control of accounts within their respective domains.
OpenIDM works equally well with user, group, and device identities.
You can also configure workflows to help users manage how they sign up for accounts, as part of how OpenIDM manages the life cycle of users and their accounts.
You can manage employee identities as they move from job to job. You will make their lives easier as OpenIDM can automatically register user accounts on different systems. Later, OpenIDM will increase productivity when it reconciles information from different accounts, saving users the hassle of entering the same information on different systems.
In this guide, you will see how OpenIDM reconciles user data between two data stores. We will look at a department that is adding a third engineer, Jane Sanchez. Your Human Resources department has updated their data store with Jane Sanchez's information. You want to use OpenIDM to update the internal Engineering data store. But first, you have to start OpenIDM.
This section covers what you need to have on your system before running OpenIDM:
- Operating System: ubuntu-latest', 'macos-latest', 'windows-latest'
- Java: '8', '11', '17', '21'.
- At least 250 MB of free disk space.
- At least 1 GB of free RAM.
- If your operating system includes a firewall, make sure that it allows traffic through (default) ports 8080 and 8443.
We provide this document, Getting Started with OpenIDM, for demonstration purposes only.
With this document, we want to make it as easy as possible to set up a demonstration of OpenIDM. To that end, we have written this document for installations on a unix-like operating system.
For a list of software that we support in production, see OpenIDM on Docker.
Please check java version before standalone install
$ java -version
openjdk version "1.8.0_402"
OpenJDK Runtime Environment (Temurin)(build 1.8.0_402-b06)
OpenJDK 64-Bit Server VM (Temurin)(build 25.402-b06, mixed mode)
or use OpenIDM on Docker
$ docker version
Client:
Cloud integration: v1.0.35+desktop.13
Version: 26.1.1
API version: 1.45
Go version: go1.21.9
Git commit: 4cf5afa
Built: Tue Apr 30 11:44:56 2024
OS/Arch: darwin/amd64
Context: desktop-linux
Server: Docker Desktop 4.30.0 (149282)
Engine:
Version: 26.1.1
API version: 1.45 (minimum version 1.24)
Go version: go1.21.9
Git commit: ac2de55
Built: Tue Apr 30 11:48:28 2024
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.31
GitCommit: e377cd56a71523140ca6ae87e30244719194a521
runc:
Version: 1.1.12
GitCommit: v1.1.12-0-g51d5e94
docker-init:
Version: 0.19.0
GitCommit: de40ad0
Standalone ZIP
$ VERSION=$(curl -i -o - --silent https://api.github.com/repos/OpenIdentityPlatform/OpenIDM/releases/latest | grep -m1 "\"name\"" | cut -d\" -f4); curl -L https://github.com/OpenIdentityPlatform/OpenIDM/releases/download/$VERSION/openidm-$VERSION.zip --output openidm.zip
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 92.1M 100 92.1M 0 0 9421k 0 0:00:10 0:00:10 --:--:-- 9926k
$ unzip openidm.zip
Archive: openidm.zip
creating: openidm/
creating: openidm/samples/
....
$ openidm/startup.sh
Executing openidm/startup.sh...
Using OPENIDM_HOME: /tmp/openidm
Using PROJECT_HOME: /tmp/openidm
Using OPENIDM_OPTS: -Dlogback.configurationFile=conf/logging-config.groovy
Using LOGGING_CONFIG: -Djava.util.logging.config.file=/tmp/openidm/conf/logging.properties
Using boot properties at /tmp/openidm/conf/boot/boot.properties
-> OpenIDM version "6.0.1" (revision: 284a4) 2024-05-23T09:18:27Z master
OpenIDM ready
$ docker run -h idm-01.domain.com -p 8080:8080 -p 8443:8443 --name idm-01 openidentityplatform/openidm
Unable to find image 'openidentityplatform/openidm:latest' locally
latest: Pulling from openidentityplatform/openidm
74ac377868f8: Already exists
a182a611d05b: Already exists
e58ce1bd2f23: Already exists
e1b7fbdee987: Already exists
4f4fb700ef54: Already exists
26716adeef7f: Pull complete
Digest: sha256:6a6df88ca40116de4bba7ddef126a214feee04e7161b0d6f39ff9c9f448cda94
Status: Downloaded newer image for openidentityplatform/openidm:latest
Executing /opt/openidm/startup.sh...
Using OPENIDM_HOME: /opt/openidm
Using PROJECT_HOME: /opt/openidm
Using OPENIDM_OPTS: -server -XX:+UseContainerSupport -Dlogback.configurationFile=conf/logging-config.groovy
Using LOGGING_CONFIG: -Djava.util.logging.config.file=/opt/openidm/conf/logging.properties
Using boot properties at /opt/openidm/conf/boot/boot.properties
-> ShellTUI: No standard input...exiting.
OpenIDM version "6.0.1" (revision: 284a4) 2024-05-23T09:18:27Z master
OpenIDM ready
OpenIDM enables you to consolidate multiple identity sources for policy and workflow-based management. OpenIDM can consume, transform and feed data to external sources so that you maintain control over the identities of users, devices and other objects.
OpenIDM provides a modern UI experience that allows you to manage your data without writing a single line of code. The standard RESTful interfaces also offer ultimate flexibility so that you can customize and develop the product to fit the requirements of your deployment.