In information technology, identity and access management commonly includes managing user accounts on various systems. These systems may include different applications, such as a database application, a customer relationship management (CRM) application, an accounting application, a factory automation application, etc. Often system administrators are responsible for managing the lifecycle of user accounts for these systems locally, on the system as users join, leave or change their roles within an organization. The system administrators may create user accounts, delete user accounts, modify privileges, and so on.
In many instances, the systems for which user accounts are being managed have non-standard and manual processes and mechanisms for managing their user accounts. A system may have a well-defined process for account and access management but there is no common well-defined process or interface across different systems for account and access management. Thus, in order to manage user accounts on these systems, organizations commonly rely on a help desk to manage the user accounts. Typically, when a user account is to be created, a request is raised either through an access request management system, email, or phone, and a ticket is generated to create the user account. Then, approvals are obtained via email or an approval workflow in the access request management system to create the user account, and then the ticket may be placed in a queue. Then, a system administrator, such as a help desk administrator, may eventually be assigned to the ticket, and the system administrator creates the user account in the system.
Help desks are an inefficient and costly solution for managing user accounts. In many instances, larger operational teams are needed to run the help desk, which in addition to being costly, are fraught with manual errors, inefficiencies, etc. Also, as the organization grows, expensive developers may be required to keep the help desk systems relevant and running. Furthermore, help desks are often not timely. A ticket may be generated to create a user account, but it may take multiple days or even a week to get the account created due to backlogs. Furthermore, users that are waiting for access to systems may be left unable to perform their tasks and duties which require use of the systems.