Customer Identity Access Management

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Customer (or Consumer) Identity and Access Management (CIAM) [1] is a subset of the larger concept of Identity Access Management (IAM) and is focused specifically on managing the identity, access and security of software applications.[2][3] A single CIAM system can control access to multiple applications, but they do not rely on the hierarchical directory structure of IAM solutions. CIAM solutions are generally designed to scale to handle tens-of-millions of users or more in B2C environments. IAM is common in large organizations to control a wide scope of internal user access points [4] including computer hardware access, file and resource permissions, network access permissions, application access, and human resource needs.

In the simplest form, CIAM includes the registration and login processes that allow a customer to sign in and use a company’s application. More advanced systems can provide single sign-on (SSO), account and preference management, data tracking and reporting, multi-factor authentication, and user monitoring and management.

CIAM is a required component of modern user engagement allowing organizations to recognize unique customers and personalize their engagement based on collected personal preferences. As a primary entry point for users, CIAM systems must address specific software and hardware security challenges including password security, API key permissions, session and token validation, and user creation and management.[5]


  1. ^
  2. ^ "CIAM vs. IAM - Inversoft".
  3. ^ "What is Customer Identity and Access Management (CIAM)?".
  4. ^ "Decoding Customer IAM (CIAM) vs. IAM". 7 July 2017.
  5. ^ "Challenges of CIAM - FusionAuth".