I said it many times, but identity is more a pain to corporate CIOs than ownership of data. Managing hundreds of user accounts, and serving requests to these accounts are often a major challenge. Not only does the cloud build new barriers for control, but the lack of interoperability between on-premise user stores (Active Directory as an example) and remote user stores – is what will become the tipping point for success in the cloud.
But rest not more – ADFS 2.0 or let’s use the official Microsoft name, Windows Identity Foundation is now launched, and bridging the gap. ADFS/WIF is running identities as claims between your cloud software and your on-premise user database. The system is both a server, a client and a set of SDK/APIs for developers to encompass into their solution. Identity belongs on the premises of the company; not in the cloud!
So are we at the tipping point?
No. Reality is that programmers and developers are lacy (whether you are Microsoft, medium-sized or a small ISV). Before programmers have integrated WIF/ADFS we will still see a lot of applications having a hard time to reach enterprise market. But if you are an ISV or programmer, my lesson is simple: START INTEGRATING NOW. Many hosters does not understand the value – there is a substantial differentiation in the power of WIF/AFDS, a looking at Microsoft Online Services and Azure as the first applications to support WIF/ADFS, we can wonder why no one else follows.
But who supports it?
Actually Microsoft Dynamics CRM 5.0 will be one of the first applications together with Sharepoint 2010 to support ADFS 2.0 federation and WIF. Single sign-on here I come – finally 😉 Now we only need Active Directory as a service, as many SOHO companies does not benefit form an internal server; but benefit from a corporate domains type structure with group policies and domain membership. Who knows; maybe someone developers a small proxy layer to support this foundation.