Meet Aembit IAM for Agentic AI. See what’s possible →

TRY AEMBIT

<  BACK TO FULL GLOSSARY

Identity types

The practice of regulating access to resources or systems based on permissions and authorization policies. Secrets managers implement access control mechanisms to restrict who can view, modify, or retrieve stored secrets, ensuring that only authorized users or applications have access.

Categories:
AI/MCP Concepts
IAM concepts
Identity types
IT concepts
NHI security threats
Security concepts

Client Credentials

Identity types
Client credentials are authentication tokens used by non-human entities (like applications, services, APIs, and automated scripts) to prove their identity and obtain access to protected resources. Unlike user credentials that require interactive sign in, client credentials enable crucial machine-to-machine communication without any human involvement. In OAuth 2.0, the client credentials grant type is a specific flow where a client application proves its identity directly to a server using its own credentials (usually a client ID and client secret) to receive a temporary access token.
Read More

Bearer Token

Identity types
A bearer token is an access token that grants the bearer (whoever holds it) the right to use a protected resource without additional identity proof. It is sent in an HTTP Authorization: Bearer header and treated like a “key” for access.
Read More

Machine Credentials

Identity types
Machine credentials are digital secrets, such as API keys, access tokens, SSH keys, or certificates, that allow software-based entities (like applications, workloads, and agents) to authenticate and access other systems autonomously. They serve as the identity proof for machines communicating within and across networks.
Read More

Non-Human Identity

Identity types
A non-human identity (NHI) is a digital identity assigned to a software-based entity, such as an application, service, workload, API, and AI agent, that needs to authenticate and access resources autonomously. It functions much like a user account but is designed for machines, not people.
Read More

API Key

Identity types
An API key is a unique string of characters used to authenticate and identify an application or user when interacting with an API. It acts as a simple form of credential that verifies who or what is making a request, without requiring a full authentication protocol.
Read More

Machine Learning Identity

Identity types
An identity associated with a machine learning model or algorithm, used to authenticate and authorize access to data, resources, or computational resources. Machine learning identities enable secure and controlled access to sensitive information and computational resources.

Master Password

Identity types
A single, strong password used to encrypt and unlock the contents of a password manager or vault. The master password is typically the primary means of authentication and access control for the password manager, so it should be complex and carefully guarded.

Machine Identity

Identity types
A unique identifier assigned to a machine or device, typically consisting of cryptographic keys, certificates, or other credentials used for authentication and authorization.

JWT (JSON Web Token)

Identity types
A compact, URL-safe means of representing claims to be transferred between two parties, commonly used for secure authentication and authorization in distributed systems.

Identity Federation

Identity types
The process of establishing trust relationships between identity providers and service providers to enable federated identity management. Identity federation allows users to access resources across different domains or organizations using a single set of credentials.