Skip to main content
Iru Identity is the workforce identity and access management product in the Iru platform. It gives IT and security teams a single place to manage who your people are, which applications they can reach, and the conditions they must meet to sign in. With Iru Identity, your team can:

Give people one sign-in

Act as the identity provider for your apps so people sign in once with a single Iru identity and reach everything assigned to them.

Manage the directory

Keep an authoritative directory of users and groups, with a profile schema you control and membership that can update itself from your attributes.

Automate the user lifecycle

Bring people in from your HR system or a file, then provision and deprovision their app accounts automatically as they join, move, and leave.

Enforce access policies

Set device-trust conditions for each app - required platforms and device health - on top of the strong authenticator every sign-in already uses.

Our ethos

Iru Identity is built on a simple belief: identity should be secure by design, easy to understand, and respectful of the people who use it. We believe strong security should not depend on brittle passwords, hidden complexity, or constant user friction. A person’s identity should be anchored in trusted devices, phishing-resistant authentication, clear administrative controls, and systems that behave predictably under pressure. Our goal is to give organizations confidence without turning identity into a maze. Iru is designed to make access decisions understandable, device trust visible, and authentication resilient by default. Security should feel rigorous to administrators, seamless to users, and honest in how it represents risk. Identity is not just a login screen. It is the boundary between people, devices, applications, and the work they are trusted to do. Iru Identity exists to make that boundary stronger, cleaner, and easier to operate.

What Iru Identity does

Iru Identity sits between your people and your applications and handles the work of proving who someone is and what they are allowed to use.
  • Single sign-on. Iru Identity is the identity provider for the apps you connect. People authenticate once with Iru - typically with a passkey or the Iru Access app - and launch their apps from an app dashboard, using the SAML and OIDC standards your apps already support.
  • A directory you control. Manage users and groups, define the profile attributes that matter to your organization, and let group membership follow those attributes automatically.
  • Lifecycle automation. Bring people in from your HR system or another source of truth, and push account creation, updates, and removal out to your apps so access matches reality.
  • Access policies. Build authentication policies that decide who can sign in to each app and what they must prove first, and layer in risk and device trust.
  • Bring your own sign-in, when you need it. People normally sign in to Iru directly. You can also let them sign in through a provider you already run, such as Google Workspace or Microsoft Entra ID - useful when you use Iru Identity as an authentication layer into the Iru platform rather than your primary identity provider, or to ease a migration onto Iru Identity.

How the pieces fit together

Who this is for

This documentation is written for the IT administrators and security operators who configure Iru Identity in the Iru dashboard. It describes what you see and do in the product and what Iru does on your behalf. Pages that cover end-user-facing behavior call that out explicitly. Iru Identity itself is for the admin who is tired of bolted-on legacy identity systems, mystery-meat policy engines, authentication flows held together with redirects and folklore, and security products that somehow make the secure path feel like the least reliable one. It is for teams that want identity to feel modern, direct, and operationally sane. Teams that care deeply about security, but do not believe strong security has to mean brittle user experiences, buried configuration, unclear failure states, or a permanent dependency on tribal knowledge. Iru Identity is built around phishing-resistant authentication, trusted devices, clear activation flows, and policy behavior that administrators can actually reason about. The goal is not to take an old identity model, sand down the edges, add a nicer dashboard, and call it innovation. The goal is to make identity cleaner at the foundation: fewer inherited assumptions, fewer strange exceptions, fewer places where everyone quietly agrees not to touch the thing because nobody remembers why it works. These docs are written in that same spirit. They explain what the product does in practice: what each setting means, what happens when you change it, what users experience, and what Iru handles behind the scenes. Where behavior depends on policy, device state, application configuration, or administrator action, we call that out directly. Iru Identity is for organizations that want identity to be secure, understandable, and built for the way modern teams actually operate, not for the way legacy systems wish the world still worked. Iru Identity is a new product with a long future ahead of it. We’re grateful to build alongside customers who believe workforce identity can be clearer, stronger, and better than what came before.

Get started

Quickstart

Stand up single sign-on for your first application in a few guided steps.

Key concepts

Learn the core objects - users, groups, applications, policies, and connections - and how they relate.

System architecture

See how identities, sign-in, and provisioning flow through Iru Identity.

Build your directory

Add people, organize them into groups, and shape their profiles.
Iru Identity features move through Iru’s release stages as they mature. When a capability is in an early stage, the page or section says so. See Iru release stages for what each stage means.