Identity

Introduction Not all identities are human. In modern distributed systems, we have two primary types of identities: user identities (humans) and workload identities (machines, services, applications). Understanding the differences is crucial for building secure systems. User Identities: The Human Element User identities represent real people who interact with systems through applications, dashboards, and APIs. Characteristics Interactive authentication (login flows) Long-lived sessions with refresh capabilities Subject to human behavior (password reuse, phishing) Require user experience considerations Need account recovery mechanisms User Identity Examples Employee accessing company resources Customer logging into a web application Administrator managing cloud infrastructure Developer using CLI tools User Authentication Methods Username and password Multi-factor authentication (MFA) Biometrics Passwordless (WebAuthn, magic links) Social login (Google, GitHub) Workload Identities: The Machine Element Workload identities represent non-human entities like services, applications, containers, and VMs that need to authenticate and access resources. ...