logo
UniHelp for Universities

UniHelp is a university-proven tool for account self-service, first-time authentication and helpdesk work.

Designed from real higher-education IAM needs, UniHelp gives end users self-service activation, password recovery and video-based identity verification while helpdesk and admin teams get efficient support tools in one service. Built through 20 years of IAM delivery, UniHelp serves approved AI agents through MCP as a governed source of truth and action layer for user data, audit trails, identity-store health and role-based identity operations.

University-proven self-service 20 years of IAM delivery Governed MCP for AI agents
Open unihelp.pegasi.fi University IAM

Over 20 years of university-focused identity and access management.

Pegasi brings decades of IAM architect experience, including some of Finland’s earliest higher-education IDM implementations, to university identity lifecycle, federation and directory services. Our work includes network protocols, cloud services, integrations and server infrastructure, and it requires practical understanding of security, resilience, disaster recovery and the realities of academic and organization-wide user management.

Higher-education IDM experience Federation and directory services Security and continuity depth
Explore PEGASI IAM
XAMK - Southeastern Finland Polytechnic University

Solutions

USER DATA BETWEEN SYSTEMS

Organizations have access to electronic systems that require registration and contain user information. This information includes, for example, personal and organizational information, as well as login information. The manual management of these information’s takes time and concentration from both the user and the maintenance.

Different usernames of the systems can also be in various forms, such as an email address, a PIN code or a user ID. Remembering and managing these usernames is time consuming as well as error prone. When a user’s information, like a title, a job description, unit or a name changes, user’s data may not update to all of the systems. When a person leaves the organization, their information can be forgotten to different systems as a result of human error.

The core features of our IDM product include real-time data transfer between systems. This allows a consistent username and keeps the user’s information up to date. When the user’s information changes, the electronic systems connected to the user are updated. In the addition of a new employee or a student, the information is transmitted to the person’s electronic services and when this person leaves the organization, their information is deleted from these services. Our IDM products reduce manual work, increase security and save users and IT-support’s time.

 

PASSWORD SYNCHRONIZATION

Numerous passwords for different systems are difficult to remember. This often forces us to write them down less securely for example on a paper, a mobile phone or on the memory of a web browser. Passwords can also expire at different times and changing them can be difficult and insecure.

The core features of our IDM product include real-time password synchronization, which eliminates the password problems. The password you choose stays up-to-date everywhere, so you can focus on using a single, stronger and more secure password.

If the password expires or is lost, the user may need to contact IT support to obtain a new password. On several different systems, passwords may expire at different times and password requirements may vary between systems. Problems can also occur outside IT support work hours or during the holiday season.

Our IAM product offers a password exchange service centrally in one base, around the clock. Our product allows the user to change their password, for example, with a bank ID or a mobile application, instantly without any further action.

 

USER ADMINISTRATION

Manually maintaining usernames on different systems requires time and care to avoid mistakes. You may have to search information on more than one system and it is troublesome to track changes and faults.

Our IAM solution provides a centralized view of user data and enables user changes, support actions, reporting and browsing of historical data. In this way, for example, the user’s problem situations are resolved through a single view, and even a mistaken change of name data can be easily traced and corrected in the personal register.

USER SELF-SERVICE

Our state-of-the-art self-service tool UniHelp is a template-driven workflow engine for identity self-service and authenticated actions. UniHelp can authenticate users in multiple ways and interact with a wide range of connected systems. This combination makes UniHelp an unusually capable tool for organizational self-service.

In practice, UniHelp works like a template-driven Swiss army knife for authenticated user workflows: identify the user, decide what they are allowed to do, run the required checks, interact with the needed systems, perform approved operations and leave an audit trail.

Example self-service workflows

  • Remote identity verification: a user verifies identity with a passport and video, then continues to account activation, password recovery or support escalation.
  • Access enrollment: a staff member signs in with e-banking credentials, UniHelp checks their organizational unit and starts the correct door access key or access request workflow.
  • New student onboarding: a student completes first-time authentication, activates the account, sets recovery methods and receives the correct starting services.
  • Password recovery: UniHelp verifies the user, checks account state across identity stores and guides the recovery or helpdesk path.
  • Guest account lifecycle: a visiting researcher confirms identity and sponsor information, receives a time-limited account and can later renew or close access.
  • Agent-assisted self-service: an approved AI agent helps the user choose the correct path, while UniHelp performs the authenticated workflow, role checks, edits and audit logging.

Explore Pegasi UniHelp.

AGENTIC IAM / MCP

AI agents need reliable tools, not direct uncontrolled access to identity stores. UniHelp serves approved agents through MCP as a governed source of truth and action layer for user data, audit trails, identity-store health and role-based identity operations.

This gives agents a controlled way to assist with user self-service, account recovery, helpdesk checks, approved edits and admin workflows across LDAP, AD, Azure / Microsoft Entra ID, SQL, REST APIs and other connected identity stores.

Through the UniHelp UniSearch abstraction layer, agents and operators can use one governed search and modification path for user data across a multitude of connected systems, instead of handling each identity store separately.

Agentic IAM examples

  • Find the correct self-service or recovery path for a user.
  • Check account state across connected identity stores.
  • Surface audit trail and identity storage health context.
  • Start approved authentication, recovery or support workflows.
  • Assist helpdesk without bypassing UniHelp roles, approvals and logging.

Read more about UniHelp MCP for agentic IAM.

SINGLE SIGN ON

Using your organization’s electronic services may require several different logins to different services throughout the day. This takes time and concentration.

Our IAM solution offers single-sign on, which allows one-click login to desired systems, both within the organization and between collaborative organizations. Login is performed on a familiar and secure organization login page for all services. With this login, the user can access all electronic services without multiple logins.

 

Products

PEGASI IAM

Pegasi IAM Identity and Access Management ensures up-to-date and secure identity and identity information.

Details
PEGASI UNIHELP

Pegasi UniHelp is a university IAM self-service and helpdesk product for account activation, recovery and support. The same governed workflows can support approved AI agents through MCP.

Details
PEGASI IAM ASSETS

Pegasi IAM Assets consists of services required to maintain identity and access services.

Details
PEGASI SSO

Pegasi SSO single sign-on allows you to log in to multiple systems with a single authentication.

Details

Customers

XAMK - Southeastern Finland Polytechnic University University of Oulu

Knowledge base

Here you will find our technical notes about different topics. We do a lot of things, with wide range of technical solutions. Sometimes we write them down to Pegasi Wiki and share them with the world.

 

Below is the raw text between the keyboard and the monitor. If you want to go check out all our topics at Pegasi Wiki just click here.

Clustered Shibboleth IDP
Step by step guide on how to install clustered / HA Shibboleth IDP to your federation using two nodes and Postgres replication. More Info
Enterprice Grade Clustered ZFS / NVME storage server
How to set up a 2 node NVMe, high performance clustered Linux ZFS fileserver for production use utilizing RDMA and NVME-of. More Info
Rescue broken Windows without image backup
Rescue / repair your windows installation when you do not have a backup image available. A very simple procedure with command line commands. More Info

About

We’ve been around for a while. We were doing identity management before IDM was IDM, since 1995. We have seen and created several environments and have accumulated in-depth knowledge of most the technologies around IDM.

At Pegasi we believe not only in an uncompromising handprint, but also in in respecting and appreciating others around us. We believe that everyone deserves to find their own place and do things they like, in their own way. This is reflected in our work, motivation and attitude. We are a dynamic team of experienced industry veterans from a wide variety of backgrounds. We love to do identity management and we enjoy working with customers and partners.

 

contact us

Send us a message

map