Identity and Access Management (IAM)

Secure your access management and enhance your productivity

Securely manage the identities of your users and applications, as well as their permissions through a single interface for all of your services.

OVHcloud IAM provides granular access management for your OVHcloud products and strengthens the security of your access management by leveraging a single pane of glass interface.

Discover
iam_hero_600x400

Federated identity

Connect the corporate directory of your choice (ADFS, Azure AD, Google Workspace, Okta...) to your OVHcloud Control Panel for hassle free management of multiple accounts and benefit from seamless authentication for your users.

Unified and harmonized across OVHcloud portfolio including 3rd party software

OVHcloud IAM offers seamless privilege management of your users, groups and applications across the entire product portfolio including VMware on OVHcloud and Openstack.

Fine grained policy management

Foster collaboration securely. Fine tune access privileges based on multiple conditions like role and responsibilities, type of resources...

Enhanced productivity

IAM is available through OVH API so that you can harness the power of automation and boost productivity. By automating the different aspects of managing authentication, identities, and policies, you improve the productivity of your teams and foster collaboration securely. And with the multi-tenant feature, you can easily delegate access to your trusted partners while keeping granular access control.

Included at no extra cost

The IAM feature is included in your OVHcloud account at no extra cost.

How it works

iam_diagram

With OVHcloud IAM, easily determine who can access which of your OVHcloud resources and for which purpose. 

OVHcloud's access management is based on a policy management system with a zero-trust model. It's possible to write different policies that give your users access to specific features associated to the products linked to your OVHcloud account.

Policies contain a list of identities (accounts, users, user groups) concerned by the policies; a list of resources where the policies should apply, and a list of actions that are allowed to be performed on them.

Single Sign-On

Use the identity provider of your choice as the single source of trust for your users and allow them to use their regular account to access OVHcloud products. By leveraging SAMLv2 federation protocol you can smoothly connect the Identity Provider of your choice like ADFS, Azure AD, Google Workspace, Okta...

Learn more
single-sign-on

Separate access

Separate access between your production resources and your test-bed environment.

Enforce stringent policies to keep control of your production environment and ensure the highest grade of security and continuity of your services while allowing more users to access your test-bed environment.

Learn More
separate_access

Prevent unwanted actions

Reduce the risk associated to identity theft or rightful administrator error as a result of restricting access to sensitive actions to a limited set of people.

Learn More
prevent_unwanted_action

Get Started with Identity Access Management

Enabling SSO connections with your OVHcloud account

Use single sign-on (SSO) to connect to your OVHcloud account. To enable these connections, your account and Identity Provider (IdP) have to be configured using Security Assertion Markup Language (SAMLv2) authentication.

Enabling Google Workspace SSO connections with your OVHcloud account

Learn how to associate your Google Workspace service with your OVHcloud account via SAML 2.0

How to use IAM policies using the OVHcloud API

Learn how to provide specific access rights to users of an OVHcloud account by creating a new policy.

Enabling Azure AD SSO connections with your OVHcloud account

Find out how to associate your Azure Active Directory to your OVHcloud account using SAML 2.0

Enabling Okta SSO connections with your OVHcloud account

Learn how to associate your Okta service with your OVHcloud account via SAML 2.0

Professional services to help your business

Support_Technique

Technical support

Customer service and technical expertise to support you with your projects
professional_services

Professional Services

Experts to support you with your projects.
Nos_partenaires

Our partners

An extensive network of partners around the world for all your projects.
documentations

Documentation

Regularly updated documentation on how to use OVHcloud products and services.

FAQ

Why would I need OVHcloud IAM?

You don't want all your users or applications accessing all your cloud resources.

You need to secure access to your OVHcloud resources and apply granular permissions for users within your organization by granting access to certain resources.

OVHcloud IAM helps you to centrally manage the aspects of identity management, identity federation and access management to easily enforce access policy and as a result improve access security and enhance the team productivity.

What is Identity Federation?

Identity Federation enables Single Sign-On (SSO) through OVHcloud products, and lets you use the Identity Provider (IdP) of your choice (ADFS, Azure AD, Google Workspace, Okta...) to log into the OVHcloud Control Panel using the SAMLv2 federation protocol.

What do I have to do to start using IAM on my OVHcloud products and services?

IAM is currently in beta phase and you can try it out by registering here.

What is the protocol used for OVHcloud Identity Federation?

Identity federation supports the SAMLv2 protocol.

Is OVHcloud IAM a paid service?

No, OVHcloud IAM is included in your products at no extra cost and for all customers.

Does activating IAM change the way I access my existing products and resources?

No, the existing way of accessing your products and services will be the same unless you change them using the policies.