Meet Aembit IAM for Agentic AI. See what’s possible →

TRY AEMBIT

<  BACK TO FULL GLOSSARY

IAM concepts

Identity and Access Management (IAM) concepts cover the policies, processes, and tools used to manage digital identities and regulate user access to resources. Key IAM principles include authentication, authorization, provisioning, and least privilege. Effective IAM ensures that the right users have the right access at the right time.

Categories:
AI/MCP Concepts
IAM concepts
Identity types
IT concepts
NHI security threats
Security concepts

Key Rotation

IAM concepts
The process of regularly changing cryptographic keys or credentials to mitigate the risk of unauthorized access and improve security. Secrets managers often automate key rotation to ensure that secrets are regularly updated without disrupting applications or services.

Proof Key for Code Exchange (PKCE)

IAM concepts
A security mechanism now mandatory for all clients (Confidential and Public) using the Authorization Code Flow. It prevents an Authorization Code from being intercepted and exchanged for tokens by an unauthorized application.

Password Manager

IAM concepts
A software tool or service designed to securely store, manage, and retrieve passwords and other sensitive information, such as usernames, credit card numbers, and notes. Password managers often encrypt data using strong cryptographic algorithms to protect against unauthorized access.

Identity Mapping

IAM concepts
The process of correlating user identities across different identity domains or systems. Identity mapping ensures that users are consistently identified and authenticated, regardless of the authentication mechanism or system used.

Identity Governance and Administration (IGA)

IAM concepts
IGA is the framework and processes used to ensure that the right individuals and machines have the appropriate access to technology resources. It integrates identity lifecycle management (provisioning, deprovisioning) with governance processes (e.g., auditing, role management, policy enforcement) to ensure compliance, security, and efficiency in managing identities.

Identity Broker

IAM concepts
An intermediary service or component that facilitates federated authentication and authorization between identity providers and service providers. Identity brokers translate authentication protocols, handle identity mapping, and enforce access control policies across federated systems.

Identity and Access Management (IAM)

IAM concepts
A framework for managing and controlling access to resources, systems, and data based on the identities of users, machines, or services.

Group Policy

IAM concepts
A feature used in IAM systems, especially in Active Directory environments, to manage and configure the settings of user and machine identities across an organization.

SAML (Security Assertion Markup Language)

IAM concepts
An XML-based standard for exchanging authentication and authorization data between identity providers and service providers. SAML enables single sign-on (SSO) and federated identity management across different systems or domains.

Governance

IAM concepts
In identity and access management, governance refers to the processes and policies used to manage identities, ensure compliance with regulations, and maintain control over user access and privileges. In workload management, it refers to the strategic oversight of system workloads and resources.