# Identity, Authentication, & Authorization aka:: "IAM" wiki:: [Identity management - Wikipedia](https://en.wikipedia.org/wiki/Identity_management) - [Digital identity - Wikipedia](https://en.wikipedia.org/wiki/Digital_identity) - [Authentication](https://en.wikipedia.org/wiki/Authentication) - [Authorization](https://en.wikipedia.org/wiki/Authorization) - [Access Control](https://en.wikipedia.org/wiki/Access_control) --- ## Authentication vs Authorization (& Access Control) - Authentication is whether you are who you say you are - Authotization is what you are allowed to do - Access Control is typically considered synonymous with authorization ## [[RBAC]] ## [[nix Users, Permissions, & Ownersuip]] ## [[Identity Provider]] ## [[Oauth]] ## [[OpenID]] ## [[SAML]] ## HTTP Cookies v ## [[HTTP Basic Access Authentication]] ## [[Single sign-on (SSO)]] ## [[Multi-factor Authentication & OTPs]] ## [[Access Token]] ## [[Access Control List]] ## [[LDAP]] ## [[Claims-based Identity]] ## [[Login Session]] ## [[Digest Auth]] ## [[AWS IAM]] ## [[Microsoft IAM]] ## Tools - [[Auth0]] - [[Okta]] - [[Authentik]] - [[Authelia]] - [[Auth.js]] - [[Clerk]] - [[OpenAuth]] - [[BetterAuth]] - [[StackAuth]] ## Inbox - [User provisioning software - Wikipedia](https://en.wikipedia.org/wiki/User_provisioning_software) - [Why An Identity Master Repository is Crucial to An Organization's Security - SecZetta](https://www.seczetta.com/resource/identity-master-repository-white-paper/) - [[Password]] - [[Passwordless authentication]] - [[Passkey (authentication)]] - [[Client Puzzle Protocol]] - [[Gravatar]]