Standardized Interfaces for an Open IT Environment

Our open interfaces offer endless customization possibilities—importing accounts and groups from other systems is straightforward. The result? Significant time and cost savings for your organization.

Easily integrate other IT services and create a flexible ecosystem that adapts to your needs. You remain in complete control of your data—you decide what comes in and what goes out.

OpenID Connect & SAML

Your Digital Passport

Univention Corporate Server (UCS) supports the authentication protocols OpenID Connect and SAML to ensure secure and unified logins for your users. With OpenID Connect, users can authenticate across multiple services with just one login, simplifying identity management and enhancing user convenience. SAML allows UCS to seamlessly integrate with other authentication and identity systems by enabling the exchange of authentication data between different security domains.


Connecting to Directory Services

The REST API for the Univention Directory Manager (UDM) serves as a standard interface for seamlessly integrating applications with Univention’s directory service. With the UDM REST API, you can access all user and group data via a standardized web service or enter it into the directory service. The HTTPS interface ensures secure access and delivers data in the widely-used JSON format, making it easy for existing applications to process.

Check out our blog to learn more about the practical uses of the UDM REST API.

UCS@school Kelvin REST API

Get Connected

With the UCS@school Kelvin REST API, you can make user data available for other IT services. This app installs a REST API that lets you access, modify, and delete UCS@school objects like schools, classes, and users. Integration is handled through the UDM REST API. The UCS@school directory service interacts with other management software (schools or states) and digital educational offerings.

Unlike the import function and manual interventions via the web interface, the API can be automated, reducing the risk of errors.

Education UCS@school
LDAP Directory Service

Data Control Center

LDAP (Lightweight Directory Access Protocol) enables the centralized management of user data in UCS. You can store and manage all information about users, groups, and resources in one place. Seamless integration with other directory services and applications simplifies central authentication and authorization across various systems. An encrypted connection secures the data during transmission, protecting sensitive information from unauthorized access and ensuring data integrity.

Authentication: Kerberos

Your Digital Gatekeeper

UCS uses the Kerberos protocol to ensure secure and centralized authentication within networks. Kerberos works with temporary tickets issued to users upon login, allowing them access to various services. This method enhances security since passwords do not need to be constantly transmitted. Kerberos integrates seamlessly into the UCS environment and works closely with other directory services like LDAP, ensuring that only authorized users can access resources.

UCS@school Training


Stay updated on all news about Univention and our IAM products via email.

Get started

Schedule a product demo appointment with our sales team.