DEV Community

Kalyani Badkas
Kalyani Badkas

Posted on

What is Provisioning and how does it work?

What is Provisioning?
Provisioning in its very essence has a very simple meaning – supplying with / making something available.

As we expand and try to understand this word from an Information Technology business perspective, the definition gets more nuanced. It refers to an IT process involving some infrastructure enabling data and asset transfer.

As we go on even further and look at it from an Identity and Access Management (IAM) perspective for business, it takes up the meaning of an identity management process that overlooks the changes in data of identities and assets in identity stores.

User provisioning creates, updates, deletes, handles all identities (user accounts) across all connected IT Infrastructure, applications, data and assets for business.

How does Provisioning work?
Now that we’ve understood that user provisioning is a simple but necessary identity management automation process that takes care of individual digital identities along with their access rights, permissions, and data changes for a business, let’s take a look at how it works.

Image description

When we look at an automated user provisioning information flow for a business, we see that users are added to applications and services based on specific, predefined user roles for security purposes. Whenever a user is assigned a role, that user is automatically created in the associated application/service and granted required access permissions.

What are the different variations of Provisioning?
As with most IT processes, provisioning comes in various shapes and forms. Not all of these are categorically different from one another, some are subsets or supersets of each other, but let’s briefly look at what these mean –

User Provisioning can be defined as the broad process which involves all of the individual sub functionalities, namely account creation – deletion – updation, permissions and access management, data modification, identity storage and handling, etc.

Group Provisioning involves a simpler way of dealing with individual users and provisioning processes of those users – by identifying identities under groups and then handling the process for those groups as a whole. It can be understood as further optimization of the automation that is provisioning.

SCIM Provisioning is an abbreviation for “System for Cross-Domain Identity Management”. SCIM is, simply put, an open standard that communicates user identity data between Identity Providers and Service Providers.

Account Provisioning involves all the processes that act on user accounts, which includes account creation, deletion, changing, permission management, securing data, disabling, etc.

Identity Synchronization refers to a secure real-time and automatic syncing of data across different identity stores (cloud or on-premise) that are connected. An example of this would be – changing of source e-mail address should change the email address everywhere it is used.

Provisioning with miniOrange
With miniOrange and our wide range of User Provisioning solutions, you can create, manage, & delete your external and internal users’ access to on-premises, cloud, and hybrid apps.

Top comments (0)