New independent research: Most enterprises aren’t fully ready to secure autonomous AI agents →

TRY AEMBIT
TALK TO AN ENGINEER

<  BACK TO FULL GLOSSARY

IAM concepts

Identity and Access Management (IAM) concepts cover the policies, processes, and tools used to manage digital identities and regulate user access to resources. Key IAM principles include authentication, authorization, provisioning, and least privilege. Effective IAM ensures that the right users have the right access at the right time.

Categories:
AI/MCP Concepts
IAM concepts
Identity types
IT concepts
NHI security threats
Security concepts

No-Code Auth

IAM concepts
No-code auth is an authentication approach where application code does not directly implement authentication logic or manage credentials. Instead, infrastructure components such as service meshes, proxies or authentication agents handle identity verification, credential injection and policy enforcement transparently at runtime.
Read More

Customer Identity and Access Management (CIAM)

IAM concepts
Customer Identity and Access Management (CIAM) is a specialized identity system that helps your business securely register, sign in and manage all external users, including customers, partners or citizens accessing your digital services.
Read More

OAuth 2.0

IAM concepts
OAuth 2.0 is an authorization framework that enables applications to obtain limited access to HTTP services without exposing credentials.
Read More

Secretless

IAM concepts
Secretless architecture eliminates static, long-lived credentials (passwords, API keys, tokens) from workload environments by using cryptographically verifiable identities and just-in-time credential issuance.
Read More

Secret Versioning

IAM concepts
Secret versioning maintains multiple immutable versions of credentials rather than overwriting them on rotation. This gives security teams a rollback path after compromise, a staging mechanism for zero-downtime rotation, and the audit trail that compliance frameworks require.
Read More

Security Assertion Markup Language (SAML)

IAM concepts
Security Assertion Markup Language (SAML) 2.0 is an XML-based framework standardized by OASIS for exchanging authentication and authorization data between identity providers and service providers. SAML enables federated identity and single sign-on (SSO) by allowing users to access multiple applications across organizational boundaries with a single set of credentials.
Read More

Proxyless

IAM concepts
Proxyless architecture refers to workload identity and access management implementations that eliminate per-workload sidecar proxies, instead integrating security and traffic management capabilities through application libraries, kernel-level networking (eBPF), or shared infrastructure components.
Read More

Proxy

IAM concepts
A proxy in workload identity and access management is an intermediary component that intercepts, authenticates, and authorizes requests between workloads and resources, enabling dynamic credential injection, policy enforcement, and secure communication without requiring changes to application code
Read More

Secrets Manager

IAM concepts
A secrets manager is a centralized security system for storing, controlling access to, and managing the lifecycle of sensitive authentication credentials such as API keys, passwords, certificates, and cryptographic keys. These systems encrypt secrets at rest and in transit, enforce policy-based access controls, provide comprehensive audit trails, and automate credential rotation to reduce the risk of unauthorized access and data breaches.
Read More

Secret Rotation

IAM concepts
Secret rotation is the systematic process of periodically replacing cryptographic credentials (passwords, API keys, tokens, certificates) to limit the exposure window of any single credential and reduce the risk of compromise. According to NIST SP 800-57, rotation establishes a defined “cryptoperiod” during which a specific credential is authorized for use, after which it must be replaced with a new one.
Read More