Learn
Identity & Auth Glossary
Plain-English definitions of the identity and authentication terms developers run into — from IAM and SSO to fine-grained access control and AI-agent authentication.
9 terms
- AuthAuthentication
Auth, short for authentication, is the process of verifying that a user, device, or service is who it claims to be before granting access to an application. In practice “auth” covers the whole identity layer: authenticating users, managing sessions and tokens, and authorizing what each identity can do.
- IAMIdentity & Access Management
IAM (Identity and Access Management) is the framework of policies and technologies that ensures the right identities have the right access to the right resources at the right time. It covers how users are created, authenticated, authorized, and audited across an organization's applications and systems.
- CIAMCustomer Identity & Access Management
CIAM (Customer Identity and Access Management) is the practice and technology for managing the identities of an application's external end users — how they sign up, log in, and manage their accounts — at scale, with strong security, a smooth experience, and privacy compliance.
- SSOSingle Sign-On
SSO (Single Sign-On) is an authentication method that lets a user log in once with a single set of credentials and access multiple applications without signing in again. A central identity provider authenticates the user and issues trusted tokens to each connected app.
- MFAMulti-Factor Authentication
MFA (Multi-Factor Authentication) is a security method that requires a user to present two or more independent factors to prove their identity before access is granted. Because an attacker would need to compromise multiple factors, MFA dramatically reduces the risk of account takeover.
- RBACRole-Based Access Control
RBAC (Role-Based Access Control) is an authorization model that grants permissions to roles rather than directly to users, then assigns users to roles. A user's access is the sum of their roles' permissions, which makes access consistent, easy to manage, and simple to audit.
- SCIMUser Provisioning
SCIM (System for Cross-domain Identity Management) is an open standard for automatically syncing user accounts and groups between an identity provider and an application. It lets IT create, update, and deactivate users in your app automatically as changes happen in their directory.
- Multi-Tenant AuthMulti-Tenant Authentication
Multi-tenant authentication is an identity architecture that isolates users, roles, and settings per organization (tenant) within a single application. Each customer company gets its own directory, access policies, and SSO connection, while sharing one underlying codebase and deployment.
- MCP AuthenticationModel Context Protocol Authentication
MCP authentication is how a Model Context Protocol (MCP) server verifies the identity of an AI client and the user it acts for, then authorizes exactly which tools and data that client may access. It applies OAuth 2.1 patterns to AI agents so their access is scoped, revocable, and auditable.
Add auth to your app in minutes
Authentication, SSO, MFA, RBAC, SCIM, and multi-tenant identity — with developer-first APIs and a console non-devs can use.