...
- Design data integration components to be loosely coupled. Components which are loosely-coupled can bring flexibility and interoperability with products from different vendors.
- Base user account data integration on the mapping of a meaning-free identifier. Use a meaning-free identifier to map to local user IDs identifiers to facilitate working across multiple systems which each may use different schemes for the local identifiers.
- Use commodity message queuing products where possible. For example, use products such as Apache ActiveMQ for messaging needs.
- Integration with downstream systems ideally should be asynchronous and loosely-coupled. For example, user provisioning can use event notification mechanisms with generic user account add/modify/delete event messages.
- Expose IdM system functions as REST-based services for simplicity. Use REST-based services to allow such systems as user administration or resource management applications to simply access IdM functions.
...