SSO, MFA & PAM Documentation

Define the Identity Data Model

What attributes will make up the enterprise Identity Data Model and what are the authoritative sources for each attribute?

When defining the Identity Profile, make sure you define the authoritative source(s) for each attribute that makes up the Identity Profile. The profile data should be updated or verified at least every six months to ensure accuracy. Do not use any Personally Identifiable Information (PII) as a log in attribute. The attributes will be used and shared with many other systems. Share the bare minimum information required for each system that is a apart of the SSO topology. We also need to consider Role and Attribute Based Access Control for the Identity Model

The EU General Data Protection Regulation (GDPR) requires changing the log in/email address to obfuscate the identity of the person. GDPR/Best Practice example - Instead of under GDPR it could be

SSO MFA Resources