Summary of the Federated Identity Management & Provisioning Functionality:

To stay competitive, organizations must extend their operations beyond traditional boundaries to include sharing access to information, resources, and services not only with their employees but also with customers, partners, public agencies, and vendors.

Organizations must be able to quickly and efficiently provision and de-provision all user identities with accounts and appropriate access rights on those systems you need to expose to your federation partners; in a flexible, secure, and transparent way. The sharing of trusted identities and policies is the key to delivering both a richer experience for users navigating within or between federation sites and reducing the cost of identity management. (See Federated Authority Management)

Benefits

Organizations that choose to collaborate in federated identity-based business processes can benefit from StarGarden to:

  • Improve user experience and reduce user administration costs by using Federated Single Sign-On with customer, partner, agent, and/or provider organizations.
  • Lower user administration and provisioning costs related to identity management.
  • Improve business compliance through reduced security exposure.
  • Expand the business reach of service providers by creating revenue-generating opportunities through our distributed portal.

Provides Authorized Access

StarGarden provides authorized access by employees, contractors, partners, and customers to applications, data, and information assets at any time from anywhere in the world and allows you to effectively manage user provisioning via access rights and security credentials.

Management of Identities & Access Privileges

StarGarden allows you to distribute the management of identities and access privileges across one or many organizations in a federation. This increases accountability and integrity ensuring conformity to policy and regulatory controls whilst reducing the cost and complexity of provisioning and lag times in managing user identities.

A Single Secure Repository

With StarGarden, rather than have to replicate user identity and security administration for each organization, a single secure repository manages all user identities and provisions them through a trusted identity management service.

Read the full story

Authoritative
decision-making

Identity &
Provisioning

Business Process
Management

Federated - include vendors, customers and stakeholders

Provisioning belongs with the managers who understand the work.

Provisioning is how people get the system access their role needs, and lose it when they no longer need it.

Most workflow products rely on email and network settings, which makes them rigid and forces constant manual adjustment every time your organization changes. StarGarden takes the opposite approach. Since 1984, StarGarden has built its solution around your organizational structure, distributing provisioning to the business managers who know the context rather than routing every decision through central IT.

The payoff is business-driven provisioning: access rights that mirror your employment agreements, update the moment a position changes, and expire automatically when a contract ends.

A manager reviewing team access and roles on a laptop

Position-Based Access

Access rights attach to the position in your org structure, not a named individual. When someone steps into a role, they inherit the right access automatically.

Automatic Access Updates

Security groups update on the basis of business processes such as hire and end contract. Access stays current without manual rework, and accounts close when they should.

SAML Single Sign-On

StarGarden supports SAML (Security Assertion Markup Language) for SSO (Single Sign-On), giving a seamless experience between your internal IAM (Identity and Access Management) solution and StarGarden, with the option to use MFA (Multi-Factor Authentication) and trusted devices.

Flexible Authentication

Set different authentication requirements for different user populations. StarGarden supports native login, LDAP, SSO, and direct integration with Active Directory, so geographical and organizational differences are no obstacle.

Complete Audit Trail

Every login, login attempt, and page invocation is logged. Paired with date-effective tracking of employee data, this gives you the history that governance and compliance demand.

Distributed Access Management

Manage identities and access privileges across one or many organizations. This increases accountability and integrity, reduces lag times, and ensures conformity to policy and regulatory controls.

How provisioning works in StarGarden

Access is defined once, then keeps itself current as your organization changes.

1

Access is defined at the position

Authority originates at the organizational root and flows down through positions. Network access and system permissions tie directly to the position and its employment agreement, so access reflects the role rather than the person who fills it.

2

Change drives the update

When someone moves roles, their access shifts with the new position. When a contract ends, the date-effective change triggers deprovisioning automatically. IT workload drops, and the security gap that lingering accounts create closes on its own.

3

Every action is logged

Every access event is captured in a full audit trail. You hold a clear, defensible record of who could access what, and when, ready for any audit or governance review.

Team members from different organizations collaborating around shared systems

One secure repository for every identity

Stop replicating identity and security administration across departments and systems. StarGarden manages every user identity in a single, trusted repository and provisions access from there. You can extend that access beyond your employees to contractors, partners, customers, and public agencies, in a way that stays flexible, secure, and transparent.

Sharing trusted identities and policies from one source cuts the cost and complexity of identity management across your whole organization, and opens revenue-generating opportunities for service providers through StarGarden's distributed portal.

StarGarden integrates with Active Directory, so provisioning and deprovisioning can run through StarGarden itself. When HR onboards or offboards someone, the system can configure the user accounts, groups, and permissions that match their position. Connecting provisioning into other systems is available as a configured integration, scoped to your environment.

Identity and Provisioning, answered

Yes. StarGarden supports SAML for Single Sign-On, giving you a seamless experience between your internal Identity and Access Management solution and StarGarden. Single Sign-On also makes Multi-Factor Authentication available and lets you define trusted devices. If you prefer not to use it, native login is available with configurable password rules and automatic session timeout.

Security groups update automatically on the basis of business processes, including hire and end of contract. When an employee is terminated, a terminate script removes their access on the termination date, typically leaving only limited access such as pay stubs and T4 slips. StarGarden also integrates with Active Directory, so provisioning and deprovisioning can run through StarGarden, with deeper integration into other systems available as a configured option.

Yes. You can set different authentication requirements for different user populations to suit geographical and organizational differences across your workforce.

StarGarden integrates with Active Directory and supports SAML-based Single Sign-On, LDAP, and native login. Anonymous authentication is also available for cases such as external applicants responding to job postings, where Active Directory and Single Sign-On do not apply.

Every login, login attempt, and page invocation is logged. The date-effective data model tracks past, present, and future changes across employee and position records, giving you the full history audits require. This shortens the time and lowers the cost tied to governance and compliance.

StarGarden's hosted solution runs on Microsoft Azure. Your data is encrypted at rest and in transit using only current, strong encryption ciphers, and Microsoft applies layered physical security across its data centres. StarGarden also follows industry security standards including SOC 2 and works with partners such as Invero, Vanta, and Tenable to monitor its security posture.

Your data belongs to you. If you end your relationship with StarGarden, StarGarden exports all of your data and transfers it to you, then deletes any remaining data to a state of no recovery. You can request an export at any point, including in the unlikely event the cloud provider ceased to exist.

Part of the StarGarden Workflow suite

Workflow Overview icon

Workflow Overview

Authority Manager icon

Authority Manager

Identity and Provisioning icon

Identity and Provisioning

Business Process Management icon

Business Process Management

Federated Authority Management icon

Federated Authority Management

My Website

Connect your HR data to your access controls.

See how provisioning runs through the HR processes you already use.

Get in touch below, or give us a call.

Let's get in touch

+1 800-809-2880

CONTACT US

CONTACT INFO

  • Phone: 800-809-2880
  • Find us in Canada, USA and New Zealand
  • Email: info@stargarden.com

STARGARDEN

  • USA
  • CANADA
  • NEW ZEALAND

Quick Links

StarGarden

Essential HR

Extended HR

Payroll

Workflow

Industries We Serve

Resources

© 2026 by StarGarden Corp. All Rights Reserved | Terms of Use | Privacy Policy