MAYI ID is your all-in-one platform for orchestrating your entire digital identity ecosystem — as seamlessly and intelligently as an anthill at work. Designed with structure, clarity, and security at its core, our solution brings every identity process together into one cohesive, resilient framework.
Our platform is built around five modular components, each crafted to meet specific business needs.
Explore the modules below and discover which one best solves your identity challenges.
Identity and Access Management
Our MAYI IAM provides a secure entry point, able to manage users and memberships in real time . It takes care of the entire user identity lifecycle through our Directory Management, offering both modern and legacy Single Sign-On (SSO), governance, multi-factor authentication (MFA), and attributes such as Windows Hello for Business
Manages users, users’ group memberships across internal and external identity sources. This feature includes customizable approval processes, ensuring seamless handling of user and rights lifecycles, regardless of the identity provider.
Ensures token integrity with tailored access control. It uniquely defines user-specific application rights, enabling precise group propagation through approval processes for seamless application management.
Logs in effortlessly using your external identity provider, including Azure. Authentication is delegated to Microsoft Entra ID, allowing Azure identities to securely access MAYI ID without extra credentials, streamlining authentication and security.
Access to all applications with modern SSO protocols like SAML and OpenID. MAYI PAM portion also enables SSO for legacy systems via credential injection at the gateway level, supporting various protocols and devices, including desktop agents for Windows and Linux.
Provides all the functionalities for you as a user. Allows to independently handle tokens, personal documents, contacts, invitations, approvals, and requests – all from one place. Enables seamless control over onboarding and external integrations.
Provides access to the user when login fails by providing temporary authentication through one-time passwords (OTP) via mobile or email, or through magic questions.
Collects contact and registers authentication methods efficiently through tailored processes, ensuring a smooth user enrollment. Smart design handles interruptions seamlessly, making onboarding faster and more reliable.
Allows to perform actions on behalf of users. Designated users can create, delete, unenroll, and unlock user accounts and admin groups, manage privileges, and oversee user lifecycle. Includes options for helpdesk and contextual audit logs for secure operations.
Manages fully customized approval configurations, email templates for specific actions, workflows, and onboarding, and sets approval levels with granularity. Enables to define templates for users, groups, roles, and privileges – establishing a comprehensive governance framework.
Versatile dashboard tailored to different populations. Defines objects and creates shortcuts to applications, approvals, secrets, and both agent and RDP connections. Supports multiple user groups with customized views and simplifies workflows.
Priviliged Access Management
Our PAM approach is characterized by offering products like connection manager agent, privileged access and identity management infrastructures, remote gateway, and session recording. It provides multi-layered security approach that protects against unauthorized access from both internal and external threats and ensures granular access controls
Core of the MAYI PAM module. Here our secrets – sensitive information to be kept secure – are stored and created using customizable-field templates. Manages the permissions, audit log view, handles lifecycle of passwords, conducting regular checks to ensure password validity
Flexibly organizes secrets in folders and subfolders, possibly following a hierarchical order and respecting role-based access control settings
Central place to define SSO to any type of application consuming a secret and store connections via the agent or injector
MAYI PAM automates password resets, enforces complexity rules, length requirements, and expiration schedules, and ensures seamless synchronization across Active Directory, databases, and network devices. It dynamically generates strong passwords, prevents reuse, and performs real-time reconciliation to maintain security and compliance. With detailed history tracking and automated rotation, it minimizes credential misuse and simplifies access management.
Provides a secure entry point for users to access critical systems. It establishes a connection from the secure gateway to internal resources via desired available protocol and is necessary for Session Recording
Session recording
Captures a video or creates a log that records the session taken during privileged sessions. It provides a detailed audit trail for compliance purposes and investigation in the event of a security incident or any suspicious activities
MAYI PAM supports SSO for legacy authentication protocols. Moreover, it covers SSO to web applications via F5 injection of credentials
Certificate Lifecycle Management
MAYI CLM facilitates secure authentication while remaining agnostic to the underlying Public Key Infrastructure (PKI) provider, therefore, addressing both public and private Certificate Authorities (CA). It has been developed with meticulous expertise and does not require any technical knowledge of certificate management
Discover the dedicated CLM Product page
Administrative Console
MAYI HILL is the heart of the solution which allows a multi-tenant architecture, enables access to different environments through role-based access control (RBAC). Within MAYI HILL, the groups, privileges, approval, and notifications are defined centrally for all modules (IAM, PAM, CLM)
Configures global settings for all the tenants and gets visibility of the setup cross-tenant. This enables the swift deployment of an entire tenant in a matter of hours rather than the usual days or weeks
Manages the tenant’s affairs directly. This includes the ability for the administrator to set comprehensive policies, such as Identity Governance and Administration (IGA) rules, along with tailored parametrization
Seamlessly integrated into the solution, IGA plays a vital role in tasks such as duty segregation, role management, auditing, and reporting. It allows configuration of key solution components, customizable email templates, application catalog setup as well as resource and role mapping flexibility
Offers a centralized platform for logging in via various identity providers and consolidates authentication logs in one central location – streamlining user experience, saving time and enhancing security
Stores sensitive data in an encrypted way converging within PAM, IAM, CLM, and external applications, this component elevates the level of security
Generates comprehensive reports on various statistics, offering insights into product usage across features and licenses. This transparency is invaluable for understanding costs and expenses, aiding in effective budget planning
Option to interact with, input, and receive information in various languages, improving users’ accessibility and usability
Hardware Security Module
The MAYI Hardware Security Module (HSM) enhances security through tamper-proof hardware, protection against key theft or misuse, reliable key generation and storage, and streamlined compliance with encryption standards.
It creates distinct cryptographic domains with unique keys and access controls, allowing multiple tenants or applications to securely use a single HSM in the cloud. Ensures a fast transition to new partitions, which results in significant time and cost savings.
The encryption key is generated on the HSM and effortlessly imported into your chosen environment. The key ceremony, conducted with witnesses and thorough documentation, ensures stringent governance and uncompromised security.
Allows to own and independently manage the key within the HSM partition. In addition, empowers the user to instantly deactivate keys if necessary and implement custom encryption algorithms. This not only fortifies regualtory compliance, but also eliminates any provider lock in.
By separating responsabilities one system focuses on data encryption and the other on key encryption. The combination between BYOK and BYOE methods ensures that the data remains protected and unbreached.
Carries out encrypted backups with multi-location redundancy, aiming at regulatory standards compliance and operations continuity. Enables seamless HSM key management, which maintains data accessibility and reduces administrative overhead.