Identity and Access Management

Identity and Access Management is the security perimeter for all authentication and authorization decisions. It federates identity via SAML/OIDC, enforces MFA requirements per tenant policy, and provides a centralized policy engine for fine-grained authorization checks across all platform services.

Relationships

◇ Composes outgoing 1

Target Element	Element Type
Security and Compliance	Domain

▲ Realizes outgoing 2

Target Element	Element Type
IAM Platform	Software System
Identity and Access Management	Business Capability

→ Serves outgoing 2

Target Element	Element Type
Authentication API	API Contract
Authorization API	API Contract

◆ Owns outgoing 1

Target Element	Element Type
Identity Record Aggregate	Data Aggregate

▲ Realized by incoming 4

Source Element	Element Type
Identity and Access Management	Business Capability
IAM Platform	Software System
Authentication API	API Contract
Authorization API	API Contract

◇ Part of incoming 1

Source Element	Element Type
Security and Compliance	Domain

◆ Owned by incoming 1

Source Element	Element Type
Identity Record Aggregate	Data Aggregate

Architecture Context

Diagrams

Not yet referenced in any diagram

Properties

Type Component

Layer Application

Domain Security and Compliance

Status active

Sourcing hybrid

Owner Security Team

Additional Metadata

Archimate Type application-function

Ddd Type Bounded Context

Togaf Type Information System Service

Emm Type Logical IS Component

Meta Model

Business

Organization

Application current

Technology