Key functions
The data object model in PingOne Advanced Identity Cloud should support the key functions of an identity platform including one or more of the following:
-
Identification: Occurs when a user or entity makes a claim about their identity when attempting to gain access to a system or resource. For example, a user enters their username or ID to access a system. Learn how to achieve this via a journey in login journey.
-
Authentication: Occurs when the user or entity proves their identity to the satisfaction of the access system. For example, a user enters their password or their identity is confirmed through some other process, which is verified by the system. Learn more in Introduction to Authentication.
-
Authorization: Occurs when the system checks that the user or entity is allowed to access the resource or system after proper identification and authentication. Learn more in Authorizations and policy decisions.
-
Identity provisioning: Ensures user accounts are created, updated, deleted, and assigned the proper access privileges to resources across applications and systems.
You can achieve this in various ways in Advanced Identity Cloud:
Item Description Use a library of templates for OIDC applications that makes the process of registration, provisioning, and configuration quick and easy.
Use a CSV file to import a set of identities. This is useful when you want to add a large number of identities to Roles and assignments in a single operation.
Create an entitlements structure that fits the needs of each realm by using roles and assignments.
Synchronize identities from an external data store.
Use pass-through authentication to validate user passwords via a remote service.
