The security team said yes: How a $300B investment firm deployed Claude agents across the enterprise →

TRY AEMBIT
TALK TO AN ENGINEER

<  BACK TO FULL GLOSSARY

Identity types

The practice of regulating access to resources or systems based on permissions and authorization policies. Secrets managers implement access control mechanisms to restrict who can view, modify, or retrieve stored secrets, ensuring that only authorized users or applications have access.

Categories:
AI/MCP Concepts
IAM concepts
Identity types
IT concepts
NHI security threats
Security concepts

Non-Human Identity

Identity types
A non-human identity (NHI) is a digital identity assigned to a software-based entity, such as an application, service, workload, API, and AI agent, that needs to authenticate and access resources autonomously. It functions much like a user account but is designed for machines, not people.
Read More

API Key

Identity types
An API key is a unique string of characters used to authenticate and identify an application or user when interacting with an API. It acts as a simple form of credential that verifies who or what is making a request, without requiring a full authentication protocol.
Read More

Machine Learning Identity

Identity types
An identity associated with a machine learning model or algorithm, used to authenticate and authorize access to data, resources, or computational resources. Machine learning identities enable secure and controlled access to sensitive information and computational resources.

JWT (JSON Web Token)

Identity types
A compact, URL-safe means of representing claims to be transferred between two parties, commonly used for secure authentication and authorization in distributed systems.

Robotic Process Automation (RPA) Identity

Identity types
An identity assigned to a software robot or bot used for automating repetitive tasks or workflows. RPA identities enable secure authentication and access control for robotic process automation solutions.

SSH Key

Identity types
Secure Shell (SSH) keys are cryptographic keys used for secure remote access to machines or systems, providing authentication and encryption for communication.

Service Account Token

Identity types
A service account token is a credential used by service accounts (non-human identities) to authenticate with systems and services. These tokens are often used by applications or services running in environments like Kubernetes to access resources without human interaction.

TLS/SSL Certificate

Identity types
Transport Layer Security (TLS) or Secure Sockets Layer (SSL) certificates provide secure communication over a network by encrypting data transmitted between machines, often used in web servers, APIs, and other network services.

Token

Identity types
A piece of data used for authentication or authorization, typically issued by an identity provider or authentication service. Tokens may include access tokens, refresh tokens, session tokens, or JWTs, depending on the authentication mechanism and protocol used.

Universal Identity and Access Management (IAM)

Identity types
Universal IAM refers to a unified approach to identity and access management that spans multiple environments, platforms, and services. This can also unify user and non-human identities. It enables organizations to manage identities and access controls consistently across on-premises, cloud, and hybrid environments, providing seamless identity lifecycle management and access governance.