Welcome to the Definitive Glossary of Non Human Identity Management

Unlock the Language of Security and Efficiency in IAM

In the rapidly evolving landscape of Identity and Access Management (IAM), understanding non-human identities — from bots and service accounts to IoT devices - is crucial.

Our comprehensive glossary provides clear, authoritative definitions of key terms and best practices in non-human identity management. Whether you're an IT professional, a cybersecurity enthusiast, or simply keen to learn about the mechanisms that protect digital entities, this resource is tailored for you.

Dive into our glossary to demystify the complex world of non-human identities and enhance your organization’s security and compliance.

Non Human Identity Lifecycle Management

Identity types

Non Human Identitiy Security Violations

IAM Concepts

Vendors

Regulation

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Identity types

AWS Document DB User

An AWS Document DB user is an identity granted access to resources and services within an Amazon Web Services (AWS) DocumentDB...

letter=

A
Read more
Read more
Identity types

AWS RDS User

An AWS RDS user is an identity granted access to resources and services within an Amazon Web Services (AWS) Relational Database Service...

letter=

A
Read more
Read more
Identity types

Application

An application is a software program or set of software components designed to perform specific tasks or functions to meet...

letter=

A
Read more
Read more
IAM Concepts

Attestation

Access attestation, also known as access recertification or entitle review, enables you to review and validate the access privileges...

letter=

A
Read more
Read more
Identity types

Break Glass Account

A break glass account is a special user account or emergency access mechanism used to gain privileged access to critical systems...

letter=

B
Read more
Read more
IAM Concepts

Conditional Access

Conditional access is a security feature that controls access to resources based on specific conditions or criteria, such as...

letter=

C
Read more
Read more
Non Human Identity Lifecycle Management

Decommission

Decommissioning is the process of retiring, deactivating, or shutting down IT systems, hardware, software, or services that are no...

letter=

D
Read more
Read more
Identity types

External Account

An external account refers to a user account or identity managed by an external identity provider (IdP) or authentication...

letter=

E
Read more
Read more
Vendor

GCP Secret Vault

The Google Cloud Secrets Engine automates the generation of service account keys and OAuth tokens, aligning with...

letter=

G
Read more
Read more
Vendor

HashiCorp Vault

HashiCorp Vault is a popular open-source tool for managing secrets, encryption keys, and...

letter=

H
Read more
Read more
Identity types

Human Identity

Human identity refers to the unique characteristics, attributes, or identifiers associated with individual users or persons within...

letter=

H
Read more
Read more
IAM Concepts

IAM

Identity and Access Management (IAM) is a framework or system used to manage digital identities, authentication, and access controls...

letter=

I
Read more
Read more
Identity types

IAM User

An IAM (Identity and Access Management) user is an individual or entity granted access to resources and services within an IAM system or...

letter=

I
Read more
Read more
IAM Concepts

IDP

IDP stands for Identity Provider, a service or system responsible for authenticating and verifying the identities of users or entities...

letter=

I
Read more
Read more
Identity types

KMS Key

A Key Management Service (KMS) key is a cryptographic key used for encryption, decryption, and access management of data, usually for...

letter=

K
Read more
Read more
Non Human Identity Lifecycle Management

Lifecycle Management

Lifecycle management refers to the process of managing the entire lifecycle of resources, assets, or entities within...

letter=

L
Read more
Read more
IAM Concepts

MFA

Multi-Factor Authentication (MFA) is a security mechanism that requires users to provide two or more forms of...

letter=

M
Read more
Read more
Identity types

MSA Key

MSA is the consumer side of Microsoft that powers authentication for all consumer based platforms...

letter=

M
Read more
Read more
Identity types

NHI

NHI stands for Non Human Identity. A Non-Human Identity (NHI) is a digital construct used for machine-to-machine access and authentication.

letter=

N
Read more
Read more
IAM Concepts

Offboarded Employee

An offboarded employee is a former employee or staff member who has left the organization or terminated their employment. Offboarding...

letter=

O
Read more
Read more
Vendor

Okta Application

Okta is a platform for identity and access management that offers secure identity verification, single sign-on (SSO), and...

letter=

O
Read more
Read more
Non Human Identity Security Violations

Orphaned Accounts

Orphaned accounts are user accounts or identities that are no longer associated with any active user or role within a system or...

letter=

O
Read more
Read more
Non Human Identity Security Violations

Out-of-Sync Application

An out-of-sync application is a software application or system that is not synchronized or aligned with other components, dependencies, or d

letter=

O
Read more
Read more
Non Human Identity Security Violations

Overconsumed

Overconsumption occurs when resources or services are utilized beyond their intended or...

letter=

O
Read more
Read more
Non Human Identity Security Violations

Overprivileged

Overprivileged refers to a condition where user accounts, roles, or entities are granted excessive or unnecessary permissions and access...

letter=

O
Read more
Read more
Regulation

PCI 4.0

PCI 4.0 refers to the Payment Card Industry Data Security Standard (PCI DSS) version 4.0, a set of...

letter=

P
Read more
Read more
Vendor

Parameter Store

AWS Systems Manager Parameter Store offers a secure way to store and manage configuration data and...

letter=

P
Read more
Read more
Non Human Identity Lifecycle Management

Provisioning

Provisioning is the process of setting up, configuring, and allocating resources, accounts, or services to users, applications, or...

letter=

P
Read more
Read more
IAM Concepts

RBAC Role-Based Access Control

Role-Based Access Control (RBAC) is a method of managing access to resources in a system based on the roles assigned to individual users...

letter=

R
Read more
Read more
Identity types

Role

A role defines a set of permissions and access rights granted to users, groups, or service principals within a system or...

letter=

R
Read more
Read more
Identity types

SAS Token

A Shared Access Signature (SAS) token is a security token that provides limited access rights to specific...

letter=

S
Read more
Read more
IAM Concepts

SSO

Single Sign-On (SSO) is an authentication mechanism that allows users to access multiple applications or services with...

letter=

S
Read more
Read more
Identity types

Secret Manager Secret

A secret manager secret is a confidential piece of information, such as a password, API token, or database connection string, stored...

letter=

S
Read more
Read more
Non Human Identity Lifecycle Management

Secret Rotation

Secret rotation is the process of regularly updating or replacing cryptographic keys, passwords, API tokens, or...

letter=

S
Read more
Read more
IAM Concepts

Secret Sprawl

Secret sprawl refers to the uncontrolled proliferation or accumulation of secrets, credentials, or sensitive information across an...

letter=

S
Read more
Read more
Identity types

Secure Parameter

A secure parameter is a configurable value or setting used in an application, service, or system that has been designed and implemented...

letter=

S
Read more
Read more
Identity types

Service Account

A service account is a type of account used by services, applications, or automated processes to access resources or perform specific...

letter=

S
Read more
Read more
Identity types

Service Principal

A service principal is an identity used by a service or application to authenticate and access resources in a secure and controlled...

letter=

S
Read more
Read more
Non Human Identity Security Violations

Stale Accounts

Stale accounts are user accounts or identities that remain active within an organization's IT environment despite being unused or...

letter=

S
Read more
Read more
IAM Concepts

Vault

A vault is a secure repository used to store sensitive information, such as passwords, cryptographic keys, certificates...

letter=

V
Read more
Read more
Identity types

Vault Certificate

A vault certificate is a digital certificate stored securely within a vault or cryptographic system. Vault certificates are used for...

letter=

V
Read more
Read more
Identity types

Vault Key

A vault key is a cryptographic key stored securely within a vault for encryption, decryption, or authentication purposes. Vault keys are...

letter=

V
Read more
Read more
Non Human Identity Lifecycle Management

Vault Secret

A vault secret is a confidential piece of information, such as a password, stored securely within a vault. Vault secrets are protected...

letter=

V
Read more
Read more

Secure all identities, NHIs first

Don't leave your business vulnerable. Contact Oasis today for a free security assessment and to learn more about how we can protect your assets and reputation
Free risk assessment