The security team said yes: How a $300B investment firm deployed Claude agents across the enterprise →

TRY AEMBIT
TALK TO AN ENGINEER

<  BACK TO FULL GLOSSARY

IAM concepts

Identity and Access Management (IAM) concepts cover the policies, processes, and tools used to manage digital identities and regulate user access to resources. Key IAM principles include authentication, authorization, provisioning, and least privilege. Effective IAM ensures that the right users have the right access at the right time.

Categories:
AI/MCP Concepts
IAM concepts
Identity types
IT concepts
NHI security threats
Security concepts

Role-Based Access Control (RBAC)

IAM concepts
RBAC assigns permissions to roles representing job functions rather than to individual users, streamlining access management at scale.
Read More

Governance

IAM concepts
Governance sets the policies and controls for who has access, why they have it and whether that access remains appropriate over time.
Read More

Cloud Infrastructure Entitlement Management (CIEM)

IAM concepts
CIEM provides centralized visibility and control over your cloud permissions to reduce access risk across multi-cloud environments.
Read More

No-Code Auth

IAM concepts
No-code auth is an authentication approach where application code does not directly implement authentication logic or manage credentials. Instead, infrastructure components such as service meshes, proxies or authentication agents handle identity verification, credential injection and policy enforcement transparently at runtime.
Read More

Customer Identity and Access Management (CIAM)

IAM concepts
Customer Identity and Access Management (CIAM) is a specialized identity system that helps your business securely register, sign in and manage all external users, including customers, partners or citizens accessing your digital services.
Read More

OAuth 2.0

IAM concepts
OAuth 2.0 is an authorization framework that enables applications to obtain limited access to HTTP services without exposing credentials.
Read More

Secretless

IAM concepts
Secretless architecture eliminates static, long-lived credentials (passwords, API keys, tokens) from workload environments by using cryptographically verifiable identities and just-in-time credential issuance.
Read More

Secret Versioning

IAM concepts
Secret versioning maintains multiple immutable versions of credentials rather than overwriting them on rotation. This gives security teams a rollback path after compromise, a staging mechanism for zero-downtime rotation, and the audit trail that compliance frameworks require.
Read More

Security Assertion Markup Language (SAML)

IAM concepts
Security Assertion Markup Language (SAML) 2.0 is an XML-based framework standardized by OASIS for exchanging authentication and authorization data between identity providers and service providers. SAML enables federated identity and single sign-on (SSO) by allowing users to access multiple applications across organizational boundaries with a single set of credentials.
Read More

Proxyless

IAM concepts
Proxyless architecture refers to workload identity and access management implementations that eliminate per-workload sidecar proxies, instead integrating security and traffic management capabilities through application libraries, kernel-level networking (eBPF), or shared infrastructure components.
Read More