JIM
What is JIM?
JIM (Junctional Identity Manager) is a modern Identity Management system designed for organisations with non-trivial Identity Management and synchronisation requirements. It’s designed to be self-hosted, deployable on container platforms and is suitable for connected, or air-gapped networks.
Find the source code on GitHub: https://github.com/TetronIO/JIM
Scenarios
JIM is designed to support the following common Identity, Governance & Administration (IGA) scenarios:
- Automate JML by synchronising users from HR systems to directories, apps and systems
- Keep HR systems up to date by writing I.T related attributes back to HR systems, i.e. email address, telephone numbers, etc.
- Centrally manage user entitlements, i.e. group memberships in directories, apps and systems
- Facilitate domain consolidations, i.e. to prepare for migrating to the cloud, simplification, or for organisational mergers
- Facilitate domain migrations, i.e. divestitures
- Identity fusing - bring together user/entitlement data from various business apps and systems
Features
Some high-level features of JIM:
- Synchronises objects between systems. Supports Users and Groups by default
- Supports custom object types, i.e. Departments, Qualifications, Courses, Licenses, Roles, Computers, etc.
- Transform data using a wide range of functions
- Extensible with custom functions
- Extensible with custom connectors (fully unit-testable)
- A modern Web Portal and API
- Single Sign-On (SSO) using OpenID Connect
Benefits
Why choose JIM?
- It’s modern. No legacy hosting requirements or janky old UIs
- Supports SSO to comply with modern security requirements
- Source-Available. You can see exactly what it does and help improve it through contributions
- Flexible. We’re developing it now, so you can suggest your must-have features
- Built by people with decades of experience of integrating IDAM systems into the real world
Deployment
JIM runs in a Docker stack using containers and can be deployed to on-premises infrastructure (no Internet connection required for air-gapped networks), or Cloud container services, such as Microsoft Azure or AWS.
Various topologies are planned, depending on your needs:
- Standalone (single-server, built-in database): Perfect for smaller organisations or pre-production environments. The current topology.
- External database: Use an existing database platform for reslliancy and scale.
- Scaled-out web frontends: For organisations who need redundancy and/or to support a larger number of users accessing the web app.
Connectors
JIM is currently targetting the following means of connecting to organisational systems via it’s built-in Connectors. More are anticipated, and you will also be able to develop you own custom Connectors to support bespoke scenarios.
- LDAP (incl. Active Directory & AD-LDS)
- Microsoft SQL Server Database
- PostgreSQL Database
- MySQL Database
- Oracle Database
- CSV/Text files
- PowerShell (Core)
- SCIM 2.0
Licensing
JIM is licensed under a Source-Available model where a commercial license for use in production scenarios is required, but is free to use in non-production scenarios (i.e. development, testing and evaluation).
As JIM is currently in active development and not quite ready for production use, commercial license have not yet been defined and are not yet available. More on this will follow.
The full license for JIM is as follows.
Status
We are actively developing JIM, aiming for a demonstration release by the end of 2024.
Community contributions to JIM source code are welcome in principal. We are working on creating a Community License Agreement process to enable this.
Screenshots
JIM is still in early UI development and subject to improvement, but some core features can be seen here.
