- Service Overview
- Billing
- Getting Started
-
User Guide
- Before You Start
- Buying an Instance
- Instance Management
-
Enterprise Administrator Guide
- Logging In to the OneAccess Administrator Portal
- User Management
-
Resources
- Overview
-
Applications
- Adding an Application
- Enabling, Disabling, or Deleting an Application
- General Information
- Authentication Integration
- Synchronization Integration
- Login Configuration
- Access Control
- Object Models
- Authorization Management
- API Permission Management
- Application Permission Management
- Security Settings
- Audit Logs
- APIs
- Authentication
- Security
- Audit
- Settings
- Common User Guide
- Key Operations Recorded by CTS
-
Best Practices
- OneAccess Best Practices
- Identity Source Integration
-
Application Integration
-
Logging In to the Huawei Cloud Through User Portal
- Introduction
- Logging In to Single Huawei Cloud Account via OneAccess Without Password (SAML - Virtual User SSO)
- Logging In to Multiple Huawei Cloud Accounts via OneAccess Without Password (SAML - Virtual User SSO)
- Logging In to Single Huawei Cloud Account via OneAccess Without Password (SAML - IAM User SSO)
- Logging In to Multiple Huawei Cloud Accounts via OneAccess Without Password (SAML - IAM User SSO)
- Logging In to Huawei Cloud via OneAccess Without Password (OIDC)
- SSO Access to Applications Through SAML
- SSO Access to Applications Through OAuth 2.0
- SSO Access to Applications Through OIDC
- SSO Access to Applications Through CAS
- SSO Access to Applications Through Plug-in Autocompletion
-
Logging In to the Huawei Cloud Through User Portal
- Data Synchronization
- Authentication Provider Integration
- Authorizing IAM Users to Access a OneAccess Instance Administrator Portal
- API Usage
- Configuring MFA for User Login
- Developer Guide
-
API Reference
- Before You Start
- API Overview
-
OneAccess APIs
-
Management APIs
- Calling APIs
- Access Credentials
-
User Management
- Creating a User
- Modifying a User
- Deleting a User
- Enabling a User
- Disabling a User
- Changing a User Password
- Verifying and Modifying the Original User Password
- Querying User Details by User ID
- Querying User Details by Username
- Querying the User List
- Authorizing an Application Account
- Querying All Authorized Application Accounts of a User
- Organization Management
- Application Organization Management
- Application Account Management
- Application Role Management
- User APIs
- Application Integration APIs
-
Management APIs
- Appendix
- FAQs
- General Reference
Show all
Copied.
What Is OneAccess
OneAccess is an identity management service that enables you to centrally manage, authenticate, and authorize identities. With OneAccess, you can control access of your users to cloud and on-premises systems, and defend against access risks.
Currently, OneAccess is available in the CN East-Shanghai1 region. To gain access, apply to be added to the whitelist.
![](https://support.huaweicloud.com/intl/en-us/productdesc-oneaccess/en-us_image_0000001130461081.png)
Functions
- Unified identity management
Manage organizations, users, user groups, applications, accounts, and credentials, synchronize identity data from identity sources to specific applications, access applications through a self-service user portal, and configure a password policy to improve account security.
- Unified permissions management
Manage permissions required for accessing OneAccess and applications by using different authorization methods and permissions.
- Unified authentication
Use multiple authentication modes, authentication policies, access control, single sign-on (SSO), and single logout (SLO) to facilitate trusted identity authentication and improve information security.
- Intelligent access control
Use preset rules to identify risks during user access based on the access time, location, device, and user behavior, and automatically adjust the authentication method if a risk is identified.
- Process audit
Query, track, and audit authentication, access, operation, synchronization, and system logs.
Advantages
- Efficient enterprise management
- Store full lifecycle user accounts and data, and centrally manage user information and application accounts.
- Automatically create accounts, modify permissions, and disable and delete accounts throughout the employee lifecycle, covering onboarding, job transfer, and resignation.
- Integrate your local identity system and individual/enterprise social identity sources with OneAccess to synchronize organization and identity data, making full use of existing data assets and improving user login experience.
- SSO access
- Access applications using the same account and URL through a unified portal.
- OneAccess pre-integrates with more than 1,000 third-party applications. Users can access applications that they are authorized to access, without providing a password.
- Connect to different data sources through multiple protocols, including Central Authentication Service (CAS), Security Assertion Markup Language 2.0 (SAML 2.0), OAuth 2.0, and OpenID Connect (OIDC).
- Secure access through multiple authentication modes, including static password, SMS, QR code scanning, and one-time password (OTP). You can combine different authentication modes to suit your requirements.
- High resource security
- Monitor user access behavior, including time, places, and devices, based on preset risk management rules to detect potential risks.
- Eliminate potential risks and notify administrators and users of the risks based on conditional access control policies.
- Customize access control policies by combining multiple environment factors including time, place, and device, and block access or require users to perform multi-factor authentication (MFA) in case a risk is detected.
- Low O&M costs
- OneAccess pre-integrates more than 1,000 applications, which are available out-of-the-box. You do not need to construct the same applications and can avoid indirect loss caused by information security incidents.
- Buy specifications as required.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot