TrewPort Logo


Identity Management And Access Governance Suite


About TrewIAGTM

TrewPort provides Identity Management & Access Governance, Integrated Approvals, Role Mining, Audit features. TrewIDM Identity Management modules supports both Reconciliation and Provisioning functionality for Enterprise and Cloud based applications.


TrewIAG makes Reconciliation of roles, role memberships, and role hierarchy easier. It simplifies process of reconciliation by which user creation, modification, or deletion, started on the target system becomes easy.

Provisioning / Deprovisioning

TewIAG helps organizations to Onboard and off-board users with ease. Companies can enable rapid provisioning and deprovisioning of users and centralize control over user management. TrewIAG allows management to easily add and automate user provisioning and deprovisioning with out-of-the-box support for Enterprise and SaaS applications.

Standards based Single Signon & Federation

TrewIAG's Access Management module supports both Single Sign On (SSO)and Federated Single SignOn functionality. TrewIAG's Access Management module has been tested with over 500 plus Enterprise and SaaS based applications. Various protocols including SAML 1.0, SAML 2.0, OpenID protocols are supported to generate Assertions during Federation. TrewIAG can be configured in both Identity Provider (IDP) and Service Provider (SP) modes. In IDP mode, any request which is initiated from the domain hosting TrewIAG IDP, will authenticate the user, based on the partner mapping rules retrieves the attributes from the local authentication store, signs the message and generates the assertion message.

Self Service (Password Reset)

TrewIAG password management solution is a question-and-answer based security system for user authentication. It provides end users the ability to securely manage their passwords and resolve account lockout incidents in a self-service fashion without involvement of help desk personnel. This allows organizations to implement strong password policies in any environments to meet regulatory compliance requirements and address identity management challenges.


TrewIAG ships with a number of Enterprise and SaaS application connectors. Below are some of the connectors. Please contact for the complete list of connectors.

Workflow Driven Approvals

TrewIAG's automated workflow driven approvals are scheduled to run on a daily basis and send notifications to the appropriate manager from users requesting approval for all new requisitions raised. This process could be extended by adding another simple steps. TrewIAG's approvals and alerts can help automate the daily processes in business using specifically designed workflow tools that allow organization to ensure critical transactions, documents, or records are monitored and approved through the appropriate chain of command - automatically.

Access Certification

TrewIAG provides an integrated, next-generation identity management platform with breakthrough scalability. TrewIAG enables organizations streamline user activity and compliance reporting for privileged and non-privileged users. This is designed to enable companies improve business efficiency, security, and compliance by automating identity-related controls across physical, virtual, and cloud environments with regulatory mandates.

Risk Analysis

TrewIAG assigns each user a RISK factor for a specific certification period. Risk factor is assigned based on multiple factors including: User's level of access in an application, Change in access from previous certification etc... If a user has a privileged access, then a high RISK factor is assigned. Depending on the RISK factor, approvers can take informed decision whether to approve the user access or to remediate the access. TrewIAG, optionally, based on the Risk evaluation for a user, if the risk level is normal then approvers (Managers / Business Owners) doesn't have to certify / attest the access privileges for every certification period. For High-Risk users (users having High-Risk roles / entitlements), the approvers have to mandatorily certify the High-Risk access every time.

Segregation Of Duties

TrewIAG provides out of box SOD rules for Oracle EBS at function and responsibility level. TrewIAG can Identify Segregation of Duty Violations across application including Oracle EBS, Active Directory, SalesForce, Office 365 etc., and provide options to remediate from target applications. TrewIAG has 100+ connectors to various applications, using which user's access in applications can be analyzed quite easily.


TrewIAG audit ensures detailed information about events and activities associated with identities or resources that are logged into a centralized repository and be tracked. Audit is captured at every point of access including user logging into TrewIAG, user trying to access an end application like WebEx. Various reports can be generated and system out of box provides many useful reports.


Remediation is an ongoing program of continuous and improving performance. TrewIAG helps companies to remediate inappropriate access and put in place a consistent methodology for group based access. This helps organizations maintain compliance long after the initial assessment has been completed. TreIAG works closely with customers to help them determine the best course of remediation for any gaps discovered during the assessment.

360 Degree Audit

With TrewIAG, various out of box reports are available which provide insights into the existing Organization IT roles. Various filter criteria can be applied on a specific dataset from an application including grouping by Locations, Titles, Departments to find the RISK factor by each user or location etc., Various reports help Administrators, Application owners take informed decisions on whether to approve or remediate an existing access for a user. Various audit and compliance reports can be generated with the click of a button. The reports can be easily exported and saved to a PDF or an excel.

Multifactor Authentication (OTP, RSA)

TrewIAG's Multi-Factor Authentication is a simple best practice that adds an extra layer of protection on top of user name and password. Provided with OTP or RSA Multi-Factor Authentication, organizations can configure increased security for account settings, resources and can protect from cross-account access.