SACR Report: How Agentic Identity Access Platforms Are Re-architecting IAM in 2026 →
TRY AEMBIT
TALK TO AN ENGINEER

<  BACK TO FULL GLOSSARY

Glossary Terms: S

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

Secrets Manager

IAM concepts
A secrets manager is a centralized security system for storing, controlling access to, and managing the lifecycle of sensitive authentication credentials such as API keys, passwords, certificates, and cryptographic keys. These systems encrypt secrets at rest and in transit, enforce policy-based access controls, provide comprehensive audit trails, and automate credential rotation to reduce the risk of unauthorized access and data breaches.
Read More

Secret Rotation

IAM concepts
Secret rotation is the systematic process of periodically replacing cryptographic credentials (passwords, API keys, tokens, certificates) to limit the exposure window of any single credential and reduce the risk of compromise. According to NIST SP 800-57, rotation establishes a defined “cryptoperiod” during which a specific credential is authorized for use, after which it must be replaced with a new one.
Read More

Secret

Security concepts
A secret is sensitive credential material or key data used to authenticate or authorize access to systems, services, or data. In modern infrastructure, secrets encompass API keys, passwords, tokens, certificates, database credentials, SSH keys, and OAuth client secrets that workloads and services use for machine-to-machine authentication.
Read More

Self-RAG

AI/MCP Concepts
Self-RAG (Self-Retrieval Augmented Generation) is an emerging AI architecture in which a model autonomously retrieves, filters, and evaluates its own contextual information during the generation process, without relying on an external retriever service. It merges retrieval and reasoning within the model itself, allowing for adaptive, self-supervised access to relevant knowledge or memory.
Read More

SAML (Security Assertion Markup Language)

IAM concepts
An XML-based standard for exchanging authentication and authorization data between identity providers and service providers. SAML enables single sign-on (SSO) and federated identity management across different systems or domains.

Secret Versioning

IAM concepts
The practice of maintaining multiple versions of secrets to facilitate rollback, auditing, and compliance requirements. Secrets managers often support versioning to track changes over time and ensure that previous versions of secrets remain accessible when needed.

Service Account

Identity types
An identity used by applications or services to authenticate and authorize their interactions with other services, resources, or APIs. Service accounts are often used in automated processes and workflows.

Service Identity

Identity types
A unique identifier assigned to a service or application workload, typically associated with access control policies and permissions within a computing environment. Service identities enable secure communication and interaction between different components of a system.

Service Provider (SP)

IAM concepts
A system, application, or service that relies on an identity provider for authentication and authorization. Service providers accept identity tokens or assertions from the IdP to grant access to their resources or functionalities.

Service-to-Service Authentication

Security concepts
Authentication mechanism used between services or applications to establish trust and securely exchange information without human involvement. Service-to-service authentication often relies on cryptographic protocols, such as OAuth 2.0, to authenticate and authorize interactions.