For the best web experience, please use IE11+, Chrome, Firefox, or Safari
OneLogin + One Identity delivering IAM together. Learn more
Home / Identity & Access Management 101

Identity & Access Management 101

The IAM 101 area provides free information about a variety of topics relevant to security, identity and access management, single sign-on, multi-factor authentication, provisioning, and other technologies that help businesses provide users with secure access to the applications and systems they need. We update the IAM 101 area regularly with new content, so be sure to bookmark this page.

All Topics

Why IAM is Critical for GDPR Compliance

Why IAM is Critical for GDPR Compliance

Learn how identity and access management (IAM) can strengthen your data controls so you can better protect customer data and achieve GDPR compliance.
SSO vs. Password Managers Solutions: All You Need to Know

SSO vs. Password Managers Solutions: All You Need to Know

Find out the pros and cons of single sign-on (SSO) and passwords managers and decide which is right for you!
Access management

What is Access Management?

Learn what access management (AM) covers - the risks, the challenges, and the benefits.
What is SOC2?

What is SOC 2?

Learn all you need to know about the SOC 2 framework and compliance requirements.
What is FIM?

What is Federated Identity?

Get answers to every question you have about Federated Identity in this deep dive.
How is Blockchain Related to Identity Management?

How is Blockchain Related to Identity Management?

Learn what blockchains are and how they could help protect digital identities and PII.
What is LDAP?

What is LDAP?

Get answers to your questions about what LDAP is, how it works, how secure it is, and more.
Identity Lifecycle Management: Control the Who, What, and When

Identity Lifecycle Management: Control the Who, What, and When

Learn all about Identity Lifecycle Management (ILM) - what it is, how it works, and how you’ll benefit from one.
multi-cloud

Multicloud: All the Best in Cloud Offerings

Find out what multicloud is and why you should consider it.
What is Hybrid Cloud?

What is Hybrid Cloud?

Find out the definition, benefits, and examples of hybrid cloud in this deep dive.
What is IDaaS?

What is IDaaS?

Learn what IDaaS is, how it works, and why companies would want it.
What is a VPN?

What is a VPN?

You’ve probably heard of VPNs, virtual private networks. Now find out what they are and how they work.
Multi-Tenancy vs Single Tenancy

Multi-Tenancy vs Single Tenancy

Understand what multi-tenancy and single tenancy are and which would work best for you.
What is Shadow IT?

What is Shadow IT?

Shadow IT is the use of Information Technology assets, such as devices, software, applications or services that are not authorized or tracked by the organization’s IT department.
Authentication vs. Authorization

Authentication vs. Authorization

Understand the differences and similarities between authentication and authorization.
What is CIAM?

What is CIAM?

Learn how customer identity and access management (CIAM) enables customers to interact with corporate brands through multiple digital channels.
Privileged Access Management (PAM) Demystified

Privileged Access Management (PAM) Demystified

Confused about Privileged Access Management (PAM)? Find out what it is, how it works, and why you need to know about it.
What is MFA?

What is MFA?

Learn everything you need to know about what multi-factor authentication is and why you need MFA to protect your company’s data and repel cyberattacks.
What is a DDoS attack?

What is a DDoS attack?

Find out what a distributed denial-of-service (DDoS) attack is, why they occur, and what you can do to prevent one from happening.
RBAC vs ABAC: Make the Right Call

RBAC vs ABAC: Make the Right Call

Find out how role-based access control (RBAC) and attribute-based access control (ABAC) differ and which is right for your business.
What is the Principle of Least Privilege?

What is the Principle of Least Privilege?

Find out what the principle of least privilege is and how it can benefit your information security practices.
What is Serverless Computing?

What is Serverless Computing?

Learn everything you need to know about cloud-native computing and architecture.
U2F and Adaptive MFA

U2F and Adaptive MFA

Find out whether U2F or Adaptive MFA is best for your security.
SAML vs. OIDC

SAML vs. OIDC

Learn the differences between SAML and OIDC authentication protocols and how you can use them.
What’s the Difference Between OTP, TOTP and HOTP?

What’s the Difference Between OTP, TOTP and HOTP?

Learn about these different types of one-time passwords (OTPs) and see how they work.
What is User Provisioning and Deprovisioning?

What is User Provisioning and Deprovisioning?

See how provisioning and deprovisioning lets you create, update and delete user accounts in multiple apps and systems. Learn more from the experts at OneLogin.
Be Sure Your Zero Trust Plan Gives Complete Coverage

Be Sure Your Zero Trust Plan Gives Complete Coverage

Learn the what, where, and when of Zero Trust Security.
Zero Trust Security

Zero Trust Security

Find out what Zero Trust is, what it does, its core principles, and why you need it.
SAML Explained in Plain English

SAML Explained in Plain English

Learn what SAML is, how it works, and how it can benefit your company.
Is Your Enterprise Password Manager Good Enough?

Is Your Enterprise Password Manager Good Enough?

Explore the features that enterprise password managers should have and extras that your business might need for effective IAM.
6 Types of Password Attacks & How to Stop Them

6 Types of Password Attacks & How to Stop Them

Baffled by Man in the Middle, Brute Force, and other password attack names? Get a primer on what these are, how they work, and what you can do to protect your data.
Business Use of Cloud Password Managers

Business Use of Cloud Password Managers

Learn what a cloud password manager is, how it differs from password vaults and SSO, and if it’s right for your business.
Helpdesk Password Reset Best Practices

Helpdesk Password Reset Best Practices

Avoid creating more vulnerabilities for hackers with these helpdesk best practices for resetting passwords.
What is Two-Factor Authentication (2FA)?

What is Two-Factor Authentication (2FA)?

Find out what two-factor authentication is, what it does, and how it can protect your company against security breaches.
The Truth About Passwordless Authentication

The Truth About Passwordless Authentication

Find out what passwordless authentication is, how it works, and how you can use it.
Biometric Authentication: the Good, the Bad, and the Ugly

Biometric Authentication: the Good, the Bad, and the Ugly

Learn the pros and cons of using biometrics for authentication in identity and access management (IAM).
How Single Sign-On Works

How Single Sign-On Works

Find out, in plain language, what single sign-on (SSO) is and how it works, and make better decisions about securing your company’s digital data.
What is Identity & Access Management (IAM)?

What is Identity & Access Management (IAM)?

Get an intro to identity and access management (IAM). Find out what an identity management system does and how it can benefit your business.
What is Cybersecurity & Why is it Important?

What is Cybersecurity & Why is it Important?

Understand what cybersecurity means, the types of cyber attacks, and how you can prevent them.
What is Identity Governance & Administration

What is Identity Governance & Administration

Learn what Identity Governance and Administration (IGA) is, what it does, and how it can help meet security and compliance requirements.
SSO Checklist

SSO Checklist

Find out if your SSO solution meets your company’s requirements to support employees and IT with OneLogin’s SSO checklist.
Why is SSO Important?

Why is SSO Important?

Learn how single sign-on improves security and usability and saves IT costs.
Password Vaulting

Password Vaulting

Find out what a password vault is, why you should use one, and how safe they are.
What Type of Attacks Does MFA Prevent?

What Type of Attacks Does MFA Prevent?

Learn how Multi-Factor Authentication (MFA) can help prevent common cyberattacks and security breaches.
What is Adaptive Authentication?

What is Adaptive Authentication?

Learn what Adaptive Authentication is and how it can intelligently use machine learning to protect your company resources from cyberattacks.
MFA Checklist

MFA Checklist

Make sure that your MFA solution meets your security, integration, and reporting needs and enables users to securely authenticate into applications in seconds, with OneLogin’s checklist.
What is a Webhook?

What is a Webhook?

Find out what a webhook is, what it does, and what’s in its future.
Secure Cloud-Native Computing with IAM

Secure Cloud-Native Computing with IAM

Learn everything you need to know about cloud-native computing and architecture.

Secure All Your Apps, Users, and Devices

Start Free Trial Request a Demo Contact Us