An identity management system is an information system, or a set of technologies, that can be used for enterprise or cross-network identity management. Identity management describes the management of individual identities, and the authentication, authorization, roles, and privileges within or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime, and repetitive tasks. One aspect of identity management is “single sign-on” (“SSO”). One standard that is particularly useful in the field of identity management is “OAuth.”
OAuth is an open standard for authorization. An indirect effect of authorization is authentication. OAuth allows users to share their private resources (e.g., photos, videos, contact lists, etc.) stored on one site with another site without having to hand out their credentials, typically supplying username and password tokens instead. Each token grants access to a specific site for specific resources and for a defined duration. This allows a user to grant to a third party site access to their information stored with another service provider, without sharing their access permissions or the full extent of their data. For example, a token might grant access to a video editing site for videos from a specific album for the next two hours.