Identity & Access
Identity and Access Management (IAM)
Also known as: IAM, Identity management
Definition
A discipline and set of technologies for defining digital identities and controlling which resources each identity may access under which conditions.
Examples
- Okta, Microsoft Entra ID and Ping Identity used as enterprise IAM platforms.
- Joiner-mover-leaver workflows that automatically grant and revoke application access.
Related terms
Authentication
The process of verifying that an entity — user, device or service — really is who or what it claims to be before granting access.
Authorization
The process of deciding what an already-authenticated identity is allowed to do — which resources, actions and conditions are permitted.
Single Sign-On (SSO)
An authentication scheme that lets a user sign in once at a trusted identity provider and then access many applications without re-entering credentials.
Privileged Access Management (PAM)
A set of practices and tools that secure, control, monitor, and audit access to accounts and systems with elevated administrative privileges.
Role-Based Access Control (RBAC)
An authorization model that grants permissions to roles rather than directly to users, so users inherit access by virtue of their role assignments.
Principle of Least Privilege
A security principle that grants every user, process, or service only the minimum privileges strictly required to perform its function — no more.