Are you showing signs of Credentialitis? Get diagnosed and treated →

TRY AEMBIT

KEY CONCEPTS RELATED TO Workload iam

Non-Human Identity Terms: A to Z Glossary

Looking for a straightforward rundown of non-human workload IAM-related terms, from the basic to the advanced? You’re in the right place. We’ve compiled a glossary that covers everything related to secure systems design, identity management, and data protection – from “A”ccess control to “Z”ero Trust.

Whether you’re looking to mature your workload IAM strategy or just need a quick reference or refresher, this glossary is here to make sure you have the precise terminology at your fingertips.

Categories:

No Glossary Found

OAuth 2.0

IAM concepts
An authorization framework that enables secure access to resources over HTTP. OAuth 2.0 defines different authorization flows, including authorization code flow, implicit flow, client credentials flow, and resource owner password credentials flow, to accommodate various use cases.

OpenID Connect

IAM concepts
An identity layer built on top of OAuth 2.0 that provides authentication services for web and mobile applications. OpenID Connect allows clients to verify the identity of end-users based on the authentication performed by an authorization server, providing user information as JWTs. It also enables federated identity management by allowing clients to verify user identity based on tokens issued by an identity provider.

Over-provisioned Account

NHI security threats
An over-provisioned account has more access privileges than necessary for its role or function. This creates a security risk, as the excess privileges could be exploited by attackers or lead to unintentional access to sensitive systems.

Password Generator

IAM concepts
A tool provided by password managers to create strong, randomized passwords that are difficult to guess or crack. Password generators typically allow users to specify criteria such as length, character types, and special symbols to customize generated passwords.

Password Manager

IAM concepts
A software tool or service designed to securely store, manage, and retrieve passwords and other sensitive information, such as usernames, credit card numbers, and notes. Password managers often encrypt data using strong cryptographic algorithms to protect against unauthorized access.

Posture Assessment

Security concepts
A posture assessment evaluates the security status or “posture” of an organization’s IT environment. In IAM, it assesses how secure the current configuration of identities, access controls, and policies are, ensuring they adhere to best practices and regulatory requirements.

Proof Key for Code Exchange (PKCE)

IAM concepts
A security mechanism now mandatory for all clients (Confidential and Public) using the Authorization Code Flow. It prevents an Authorization Code from being intercepted and exchanged for tokens by an unauthorized application.

Proxy

IT concepts
A proxy is an intermediary that routes requests between a client and a server, often used for security, logging, or anonymization. In IAM, proxies can be used to handle authentication, monitor access, or enforce security policies by intercepting requests before they reach the target service.

Proxyless

IT concepts
In IAM, proxyless refers to an architecture where a client interacts directly with a service or resource without an intermediary (proxy). This can be mean access cloud services using an application programming interface (API).

Quota

IT concepts
In IAM and workload management, a quota refers to the predefined limits set on resources that a user, machine, or application can access. For instance, quotas may restrict the number of API calls, storage usage, or the number of machines a user can provision within a cloud environment.