IAM Functions List
User Management, User Concerns
identity registration, enrollment
idp discovery and selection
idp of last resort
identity proofing
credentialing
credential binding
account validation
attribute verification
identity resolution
support for multiple identity records (and credentials) for a single person
self-service identity management
password management
profiling
progressive profiling
user preferences
account linking
consent and privacy protection
Native IAM Capabilities
multiple AuthN sources and services, (local SSO, social, federated, protocol gateways)
password and MFA management
access policy management (coarse and fine grained)
access mgmt admin, (distributable)
request/approval processes
lifecycle transitions definition, admin, and automation
service accounts
apps, services as credentialed agents for invoking other services, apis
api specification, design, documentation, style guidelines
api access to all IAM functionality
api authNZ
api registry, gateway
session management and logout
provisioning, deprovisioning
messaging and api integration with connected apps & services, app integration generally
batch reconciliation,
near real time sync between registry and connected systems
auditing, logging, reporting, attestation, compliance support
service provider onboarding and configuration
Data Management
directory services
IAM data dictionary
identity and entitlement data access
Deployment Models
on-prem, cloud, hybrid, hosted
The …ities
scalability, reliability, performance, security, maintainability, other …ities