SACR Report: How Agentic Identity Access Platforms Are Re-architecting IAM in 2026 →
TRY AEMBIT
TALK TO AN ENGINEER

<  BACK TO FULL GLOSSARY

Glossary Terms: B

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

Bot Identity

Identity types
Unlike a human ID or a generic service account shared everywhere, bot identity ensures each automated actor is individually verified and granted scoped access permissions. This enables individual accountability for every automated action.
Read More

Blended Identity

AI/MCP Concepts
Blended Identity refers to a modern identity model for user-driven AI agents in which the agent operates using a composite identity derived from two simultaneous sources of trust: The agent’s own workload identity (cryptographically verifiable, rooted in a trust provider), and The identity of the human user currently engaging or instructing the AI agent. The combination produces a dynamic, runtime-only identity that shapes what the agent can do, enforces least privilege, and preserves full accountability for user-initiated actions taken by the agent. What makes Blended Identity unique is that, although anchored in workload identity, it must also integrate with an enterprise’s workforce identity system to generate this composite identity just-in-time at the moment of invocation.
Read More

Browser Extension

IT concepts
A browser extension is a software module that adds specific features or functionality to a web browser. Extensions can modify browser behavior, interact with web pages, manipulate content, and integrate with external services. They range from popular password managers and ad blockers to specialized developer tools, productivity applications, and AI agent interfaces that enable LLM-powered assistance directly in the browser.
Read More

Break Glass Account

IT concepts
A break glass account is a special, privileged emergency access key (or an actual user account, or service account) designed for rare, critical scenarios. You use it when normal sign-in systems fail or when immediate administrative action is required. The term itself refers to breaking the protective glass to access emergency equipment; these accounts remain dormant under strict controls until an urgent situation demands their use. Unlike your standard administrative accounts, break glass accounts are designed to bypass typical access control mechanisms to restore system functionality during outages, security incidents, or infrastructure failures.
Read More

Bearer Token

Identity types
A bearer token is an access token that grants the bearer (whoever holds it) the right to use a protected resource without additional identity proof. It is sent in an HTTP Authorization: Bearer header and treated like a “key” for access.
Read More

Backup and Recovery

IT concepts
The process of creating and maintaining backups of password manager data to prevent data loss in case of device failure, accidental deletion, or other unforeseen events. Backup and recovery mechanisms help ensure data availability and integrity.