Meet Aembit IAM for Agentic AI. See what’s possible →

TRY AEMBIT

<  BACK TO FULL GLOSSARY

Glossary Terms: C

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

Client Credentials

Identity types
Client credentials are authentication tokens used by non-human entities (like applications, services, APIs, and automated scripts) to prove their identity and obtain access to protected resources. Unlike user credentials that require interactive sign in, client credentials enable crucial machine-to-machine communication without any human involvement. In OAuth 2.0, the client credentials grant type is a specific flow where a client application proves its identity directly to a server using its own credentials (usually a client ID and client secret) to receive a temporary access token.
Read More

CFIUS

IT concepts
The Committee on Foreign Investment in the United States (CFIUS) is a government committee that reviews foreign investments in U.S. businesses. Its job is to assess any potential national security risks. CFIUS has the power to recommend blocking a transaction, imposing strict security conditions, or even forcing completed deals to be reversed if they threaten critical infrastructure, sensitive technology, or U.S. citizens’ personal data.
Read More

Credential Provider

IAM concepts
A Credential Provider is responsible for securely issuing and managing short-lived credentials for workloads. This approach minimizes the risks associated with long-lived credentials and ensures that access to resources is granted only when needed, based on workload identity. Credential Provider can also store long-lived credentials such as API keys.

Credential Harvesting

NHI security threats
A technique used by attackers to collect or steal credentials such as passwords, API keys, or access tokens. This can be done through phishing, malware, exposed secrets, or other attack vectors. In workload IAM, credential harvesting poses a major risk, as compromised non-human identities can be used for unauthorized access and lateral movement.

Conditional Access

Security concepts
Conditional Access enables extra layers of security by allowing access to be granted based on specific conditions such as time of day, location, device type, or security posture. For example, access might be restricted based on the security posture of a device or workload, such as whether it meets certain criteria defined by an integration with security tools like CrowdStrike.

CORS (Cross-Origin Resource Sharing)

NHI security threats
A security mechanism that allows web browsers to request resources from a different origin domain. CORS policies, defined by HTTP headers, control which cross-origin requests are allowed and prevent unauthorized access to sensitive data.