diff --git a/.DS_Store b/.DS_Store index 5a4971d..786a627 100644 Binary files a/.DS_Store and b/.DS_Store differ diff --git a/iam-func-list.adoc b/iam-func-list.adoc new file mode 100644 index 0000000..e792047 --- /dev/null +++ b/iam-func-list.adoc @@ -0,0 +1,76 @@ +=== IAM Functions List + +- - - + +*User Management, User Concerns* + +identity registration, enrollment +idp discovery and selection +idp of last resort +identity proofing +credentialing +credential binding +account validation +attribute verification +identity resolution +support for multiple accounts (and credentials in some cases) for a single identified person + +self-service identity management +password management +profiling +progressive profiling +user preferences +account linking +consent and privacy protection + + +- - - + +*Native IAM Capabilities* + +multiple AuthN sources and services, (local SSO, social, federated, protocol gateways) +password and MFA management + +access policy management (coarse and fine grained) +access mgmt admin (distributable) +request/approval processes +access to services +lifecycle transitions definition, admin, and automation +service accounts +apps, services as credentialed agents for invoking other services, apis + +api specification, design, documentation, style guidelines +api access to all IAM functionality +api authNZ +api registry, gateway + +session management and logout +provisioning, deprovisioning +messaging and api integration with connected apps & services, app integration generally +batch reconciliation, +near real time sync between registry and connected systems +auditing, logging, reporting, attestation, compliance support +service provider onboarding and configuration + + +- - - + +*Data Management* + +directory services +IAM data dictionary +identity and entitlement data access + + +- - - + +*Deployment Models* + +on-prem, cloud, hybrid, hosted + + +- - - + +*The ...ities* + +scalability, reliability, performance, security, maintainability, other ...ities diff --git a/iam-functions-list.adoc b/iam-functions-list.adoc index fda2ca9..6ca13cd 100644 --- a/iam-functions-list.adoc +++ b/iam-functions-list.adoc @@ -1,72 +1,75 @@ -=== IAM Functions List +=== IAM Functions List - - - *User Management, User Concerns* -identity registration, enrollment + -idp discovery and selection + -idp of last resort + -identity proofing + -credentialing + -credential binding + -account validation + -attribute verification + -identity resolution + -support for multiple accounts (and credentials in some cases) for a single identified person + - -self-service identity management + -password management + -profiling + -progressive profiling + -user preferences + -account linking + -consent and privacy protection + +identity registration, enrollment +idp discovery and selection +idp of last resort +identity proofing +credentialing +credential binding +account validation +attribute verification +identity resolution +support for multiple accounts (and credentials in some cases) for a single identified person + +self-service identity management +password management +profiling +progressive profiling +user preferences +account linking +consent and privacy protection - - - *Native IAM Capabilities* -multiple AuthN sources and services, (local SSO, social, federated, protocol gateways) + -password and MFA management + - -access policy management (coarse and fine grained) + -access mgmt admin (distributable) + -request/approval processes + -access to services + -lifecycle transitions definition, admin, and automation + -service accounts + -apps, services as credentialed agents for invoking other services, apis + - -api specification, design, documentation, style guidelines + -api access to all IAM functionality + -api authNZ + -api registry, gateway + - -session management and logout + -provisioning, deprovisioning + -messaging and api integration with connected apps & services, app integration generally + +multiple AuthN sources and services, (local SSO, social, federated, protocol gateways) +password and MFA management + +access policy management (coarse and fine grained) +access mgmt admin (distributable) +request/approval processes +access to services +lifecycle transitions definition, admin, and automation +service accounts +apps, services as credentialed agents for invoking other services, apis + +api specification, design, documentation, style guidelines +api access to all IAM functionality +api authNZ +api registry, gateway + +session management and logout +provisioning, deprovisioning +messaging and api integration with connected apps & services, app integration generally batch reconciliation, -near real time sync between registry and connected systems + -auditing, logging, reporting, attestation, compliance support + -service provider onboarding and configuration + +near real time sync between registry and connected systems +auditing, logging, reporting, attestation, compliance support +service provider onboarding and configuration +directory services +IAM data dictionary +identity and entitlement data access - - - *Data Management* -directory services + -IAM data dictionary + -identity and entitlement data access + +directory services +IAM data dictionary +identity and entitlement data access - - - *Deployment Models* -on-prem, cloud, hybrid, hosted + +on-prem, cloud, hybrid, hosted - - -