IAM Functions List
User Management, User Concerns
identity registration, enrollment idp discovery and selection idp of last resort identity proofing credentialing credential binding account validation attribute verification identity resolution support for multiple accounts (and credentials in some cases) for a single identified person
self-service identity management password management profiling progressive profiling user preferences account linking consent and privacy protection
Native IAM Capabilities
multiple AuthN sources and services, (local SSO, social, federated, protocol gateways) password and MFA management
access policy management (coarse and fine grained) access mgmt admin (distributable) request/approval processes access to services lifecycle transitions definition, admin, and automation service accounts apps, services as credentialed agents for invoking other services, apis
api specification, design, documentation, style guidelines api access to all IAM functionality api authNZ api registry, gateway
session management and logout provisioning, deprovisioning messaging and api integration with connected apps & services, app integration generally batch reconciliation, near real time sync between registry and connected systems auditing, logging, reporting, attestation, compliance support service provider onboarding and configuration
directory services IAM data dictionary identity and entitlement data access
Data Management
directory services IAM data dictionary identity and entitlement data access
Deployment Models
on-prem, cloud, hybrid, hosted
The …ities
scalability, reliability, performance, security, maintainability, other …ities