EmpowerID Glossary
Access Token
A credential that represents the authorization granted to a client application by a user or system, allowing access to specific resources.
Attribute-Based Access Control (ABAC)
An access control paradigm where access rights are granted based on attributes of the user, resource, and environment.
Identity Governance and Administration (IGA)
A framework and set of processes for managing digital identities and access rights across an organization to ensure compliance and security.
Just-In-Time (JIT) Provisioning
A method of creating user accounts dynamically at the time of access, reducing the need for pre-provisioning and enhancing security.
Multi-Factor Authentication (MFA)
A security mechanism requiring multiple forms of verification (e.g., password and a mobile code) to authenticate a user.
Privileged Access Management (PAM)
Processes and tools designed to manage and monitor access to critical systems and data by privileged users.
Role-Based Access Control (RBAC)
An approach to restricting system access based on the roles assigned to individual users within an organization.
Security Assertion Markup Language (SAML)
An open standard for exchanging authentication and authorization data between parties, commonly used for single sign-on (SSO).
Single Sign-On (SSO)
An authentication process that allows a user to access multiple applications or systems with one set of login credentials.
Workflow
A sequence of automated steps or processes that manage the approval and routing of identity-related requests within an organization.
Identity Provider (IdP)
A service that authenticates users and provides identity information to applications or systems.
Service Provider (SP)
An application or system that relies on an identity provider (IdP) for user authentication and authorization.
OAuth 2.0
An open standard for access delegation, allowing third-party applications to obtain limited access to resources on behalf of a resource owner.
OpenID Connect (OIDC)
An authentication layer built on top of OAuth 2.0, providing a framework for verifying user identities.
Identity Federation
The process of linking and managing user identities across multiple systems or organizations.
Provisioning
The process of creating, updating, and deleting user accounts and access permissions in a system.
Deprovisioning
The process of removing or disabling user accounts and access permissions when they are no longer required.
Authentication
The process of verifying the identity of a user, device, or system.
Authorization
The process of determining whether a user, device, or system has permission to perform a specific action or access a resource.
Entitlement
A specific permission or access right granted to a user, role, or group within a system.
Policy-Based Access Control (PBAC)
An access control model where permissions are governed by policies that evaluate attributes and conditions.
Digital Identity
A digital representation of a user, system, or device, consisting of attributes and credentials that uniquely identify them.
Access Review
A periodic process of reviewing and validating user access permissions to ensure compliance and reduce risk.
Audit Trail
A record of events, changes, or access attempts within a system, used for monitoring and compliance.
Directory Service�
A centralized database that stores information about users, devices, and resources, often used for authentication and authorization.
Identity Lifecycle Management (ILM)
The process of managing the creation, maintenance, and termination of digital identities within an organization.
Password Vault
A secure repository for storing and managing sensitive credentials, typically used in privileged access management.
Note: This glossary is a living document and will be updated regularly to reflect new terms and changes within the EmpowerID product.
Version : V1 : Data : 01/28/2025