“Exadel customized and implemented open source access and identity management technologies, improving clinician productivity. This allowed physicians, nurses, and caregivers to focus more time on patient care.”

Nick Yoo
Senior Director of Information Security Architecture at McKesson Corporation

A set of security solutions for managing identity access that lets customers easily configure new users, update profiles or reset passwords

About The Customer

As the oldest and largest healthcare services company in the United States, McKesson plays an integral role in the industry and has a unique vision for its future. McKesson serves more than 50% of American hospitals, 20% of physicians, and 100% of health plans. As the largest pharmaceutical distributor in North America, it delivers one-third of all medications used in the region every day.


McKesson applications are used by a diverse group of people. To better serve their users, the company wanted to radically improve efficiencies while meeting industry-specific security and regulation requirements.


Exadel partnered with the client to implement a comprehensive set of security solutions including Corporate Active Directory SSO (single sign-on) and Identity Management UI. The solution is an identity and access management system designed to manage user records in an Active Directory when creating records in Workday—an HR system that stores employee information. Once the information about a new or departed employee is received, or they are moved to a new unit, the user record is updated automatically in AD and a new email address is created (or deleted). Additionally, the support system RemedyForce creates a ticket to manually make changes.

There are a few generations of this identity management system. Exadel is now developing a new one based on Okta Workflows and Java microservices.

Exadel has an extensive security background and was able to quickly put together the best-suited technology stack to meet McKesson’s security needs:

  • OpenAM (access management, entitlements, and federation server)
  • OpenDJ (directory server)
  • OpenIDM (identity management system)
  • LDAP (Lightweight Directory Access Protocol)
  • WS-Security (secure web services extension to SOAP—Simple Object Access Protocol)
  • Federated security
  • SAML (Security Assertion Markup Language)
  • STS (Secure Token Service)
  • OAuth (authentication protocol)


The business impact of the security solutions greatly surpassed McKesson’s expectations. The outcome met and exceeded each goal: high-quality valuable access and management system, reduced costs, improved efficiencies, and high customer satisfaction.

Why Exadel

Real Experts
Providing real experts and professionals
Direct Access
Direct access (24×7) to Exadel management
Skills & Education
Less about rates, more about skills, education and low attrition
Organizational Culture
Creative and innovative organizational culture
Strive to better
Our people always strive to better
Personalized Profile
Personalized process with value-added though leadership
How can we help you?
Contact Us