Core Concepts

JIM (Junctional Identity Manager) is a self-hosted identity lifecycle management platform that synchronises identity data between connected systems through a centralised metaverse hub. This section introduces the foundational concepts you need to understand how JIM works.

For per-object documentation (Connected Systems, Synchronisation Rules, Schedules, etc.) see the Configuration section.

🏗️ Architecture

JIM follows a hub-and-spoke metaverse pattern where all identity data flows through a central authoritative repository. No data moves directly between connected systems -- every change passes through the metaverse, giving you a single point of governance and control. Learn about JIM's components, layers, and deployment model in the Architecture guide.

⚙️ Synchronisation Pipeline

JIM processes identity data in three distinct phases: Import, Sync, and Export. This pipeline ensures data is validated, transformed, and reconciled at each stage before reaching its destination. The Synchronisation Pipeline page explains each phase in detail.

🔄 JML Lifecycle

The Joiner/Mover/Leaver lifecycle is the core automation model for identity management. JIM handles new starters, role changes, and leavers through configurable rules that provision, update, and deprovision accounts across your estate. The JML Lifecycle page covers each phase.

🧮 Expressions

JIM includes a built-in expression language for transforming and mapping identity attributes. Expressions let you build email addresses, control account states, handle missing values, and much more -- all without writing code. See the Expression Language Guide for syntax, functions, and examples.