HK Data - Velferd & Oppvekst

Integrating eADM with Vitec HK Data (Velferd)

This document describes the integration between Identum eADM and Vitec HK Data's applications, such as HK Velferd, to automate user account provisioning and access management.

This integration ensures that users are automatically created, updated, or disabled in the Vitec HK Data AD environment based on your organization's rules. There are two primary setup scenarios for this integration, depending on whether you are an existing Identum eADM customer or using a dedicated eADM tenant administrered by Vitec.

Key Features of the Vitec eADM Integration

• Efficient User Administration: Centralizes and automates access management based on the customer's existing identity environment (like Entra ID).

• Improved User Experience: Allows users to log in with their familiar Entra ID accounts for a Single Sign-On (SSO) experience.

• Smooth Onboarding/Offboarding: New employees get access quickly, and access is automatically revoked upon employment changes, reducing risk and administrative time.

• High Security (Zero Trust): The solution follows modern security principles like "least privilege" and continuous identity verification.

Scenario 1: Existing Identum eADM Customers

This scenario applies to customers who already have an active Identum eADM tenant for managing their organization's identities. In this setup, the Vitec HK Data AD is configured as a target system within your existing eADM tenant.

How it Works

• Your eADM tenant connects directly to the Vitec HK Data AD.

• When a user is granted access to a Vitec application (e.g., HK Velferd or HK Oppvekst) within eADM, a user account is automatically provisioned in Vitec's system.

• eADM assigns the correct permissions to this new account.

• When the user's access is revoked in eADM (e.g., due totermination or a change in employment), the account in Vitec HK Data is automatically disabled or removed.

• Access can be managed automatically through rule-based logic in eADM or manually by your managers or administrators.

Scenario 2: Vitec-Managed eADM tenant

This scenario is for customers who do not have an existing eADM tenant. Vitec HK Data offers a pre-configured eADM tenant as part of its cloud solution.

In this setup, the Vitec-managed eADM tenant functions as a "data bridge" between your organization's source system (like an HRM system) and the Vitec HK Data environment. Vitec manages the operation, monitoring, and maintenance of the eADM tenant.

How it Works

• Your primary user source system (e.g., HRM, local AD, or Microsoft Entra ID) is connected to the Vitec-provided eADM tenant.

• eADM imports and processes user data from your source.

• Based on predefined rules, eADM automatically provisions users who require access to Vitec applications into the Vitec HK Data AD.

• When the user's access is revoked in eADM (e.g., due to termination or a change in employment), the account in Vitec HK Data is automatically disabled or removed.

• All user management is fully automated, and administrered by Vitec.

Prerequisites and Implementation

To implement this integration, the following prerequisites must be met:

• Vitec Application: You must be using the Vitec HK Data cloud solution.

• Identum eADM Agreement: A valid agreement for the eADM service is required.

  • Scenario 1: You use your existing eADM agreement with Identum.

  • Scenario 2: You must sign an agreement for the eADM service with Vitec, which is typically facilitated by Vitec in collaboration with Identum.

AI & Search Summary

This article details the integration between Identum eADM and Vitec HK Data's Velferd solution. It outlines two setup scenarios for automating user provisioning: one for existing eADM customers adding Vitec as a target system, and one for new customers using a Vitec-managed eADM tenant. The document also covers key features, benefits, and implementation prerequisites.