Authenticator : An identity resource that is set with an authentication method.
Authentication : A process through which the Identity Management System verifies who the user or application is.
Authorization : A process through which it is determined what access should be granted for the specific request.
Neo-Security Architecture : A modular and open-standard-based security architecture for secure, protected and legitimate access to mobile and web applications and their data, such as APIs and services.
By reference token : A token that contains reference pointing to the identity data. They are used in external networks, which makes the identity data opaque to external networks. For example, a phantom token.
By value token : A token that contains identity data and almost always include a digital signature over that data to ensure the integrity. They are used in internal networks. For example, a JWT.
ALFA : Abbreviated Language For Authorization used in formulating access control policies
AMS : API Management System
CRUD : Create, Read, Update, Delete
DCR : Dynamic Client Registration
DCRM : Dynamic Client Registration Managment
EMS : Entitlement Management System
FIDO : Fast IDentity Online, a set of standards for fast, simple, strong authentication
HOTP : HMAC-based One-time Password algorithm
IMS : Identity Management System
JOSE : JSON Object Signing and Encryption
JWT : JSON Web Token
PAP : Policy Administration Point
PDP : Policy Decision Point
PEP : Policy Enforcement Point
PIP : Policy Information Point
PRP : Policy Retrieval Point
TOTP : Time-based One-Time Password algorithm, an extension of HOTP
SAML : Security Assertion Markup Language
SP : Service Provider
SCIM : System for Cross-domain Identity Management