Feature list

Ever found yourself wondering "What exactly is the ​Akamai​ Identity Cloud?" If the answer to that question is "yes," then you've come to the right place: this page includes a list of many of the key features and capabilities that make up the ​Akamai​ Identity Cloud (AIC). To help you fully understand what the I<<PR
can do, these items have been collected in a set of tables built around the following categories:

  • Registration and Profile Management
  • Identity Management
  • Privacy and Consent
  • Service Platform
  • Administration and Configuration
  • Application Integrations
  • Analytics and Data Integrations
  • Published APIs

Note that, in the tables below, the Hosted Login column indicates whether a feature/capability is available to organizations using Hosted Login, while the API column indicates whether that same feature or capability is available to organizations relying on the Authentication APIs.

Registration and Profile Management

Feature

Hosted Login

API

Primary Region
One region is included with your base subscription, excluding Russian RU) and China (CN). Qualifying regions include: North America (NA), Canada (CC), Europe (EU), Australia (AU), Singapore (SG), Japan (JP).


Included

Included

Additional Regions
Additional regions can be purchased as needed. Regions include: North America (NA), Canada (CC), Europe (EU), Australia (AU), Singapore (SG), Japan (JP), China (CH), Russia (RU).

Note. The EU region is a prerequisite for support in Russia. The Russia solution is unique and provides RU data privacy law compliancy for Russia law 152-FZ PII "write-first" requirement.


Add-On Fee

Add-On Fee

User Profile Attributes
The Identity Cloud data schema is extensible and can accommodate as many attributes as needed. Caveats include credit card information, SSN, or other pieces of sensitive data that belong with other systems.

Video: [Profile data management(doc:profile-data-management)

Included

Included

Registration
Users can create a new account using a self-service registration form.

Video: Registration

Included

Included

Profile Data Management
User can view/edit their user profile.

Video: Manage a user profile

Included

Included

Field and Form Customization
Customize the data collected in registration and profile forms. Hosted Login and API forms/fields can both be configured via Configuration API or Console Registration Builder.

Documentation: Console Registration Builder
Video: Field and form customization

Included

Included

Screen Customization
Customize the look and feel of login, registration, profile, etc. screens. Hosted Login screens can be customized via published images and CSS; API implementation does not include screens, as they are completely on your side.

Documentation: Screen customization
Video: Screen customization

Included

Included

Language Support
Localization and translations based on ISO codes. Default language is American English; You must provide translations.

Documentation: Localize screen text
Video: Language support

Included

Included


Identity Management

Feature

Hosted Login

API

Authentication
Registration and login via password.

Documentation: [Authorization code + PKCE grant type](doc:the-authorization-code-pkce-grant-type)
Video: Authentication

Included

Included

Single Sign-On (SSO)
User logins on one application can be recognized across other applications.

Documentation: Sessions and SSO

Included

Not Available

Password Security
Password encryption, custom password validation rules, secure password reset, configurable password history requirement.

Documentation: Unique password enforcement
Video: Password security

Included

Included

Supported Password Hashes
Standard Identity Cloud password hash. Bcrypt is the standard Identity Cloud password hash. We support a number of other hashes for data migration purposes only. If you use a hash that is not supported, passwords will need to be reset.


Included

Included

Password Reset
User can reset their password in a self-service workflow.

Video: Password reset

Included

Included

Social Identity
Registration and login via providers such as Apple, Facebook, Microsoft Online, Twitter, and WeChat.

Video: Configure social login

Included

Included

Social Identity Merge
Merge a social account such as Apple, Facebook, Twitter, or WeChat with an existing profile. Social merge can only work when the IDP provides a verified email address that matches the email on the existing profile.

Video: Merge social accounts

Included

Included

Link Social Identity
User can link a social account to an existing profile.

Video: Link social identity

Included

Included

Custom Identity Provider (IdP)
Configure a custom provider for social login as long as it follows a supported protocol: OIDC, OAuth, or SAML. Only outbound integrations to external IDPs are supported.

Documentation: Introduction to custom providers


Included

Included

Transactional Emails
Standard registration experience provides option to send via our Amazon SES service: registration verification; account deactivation; email change; forgot password. You can also send emails via your own service.

Documentation: JavaScript SDK email overview
Video: Transactional emails

Included

Included

Email and Mobile Number Verification
Update to email address or mobile number requires verification. Note. API includes email verification only.

Documentation: Manage email addresses and mobile device numbers in Hosted Login v2
Video: Email and mobile number verification

Included

See Note

Risk-Based Authentication (RBA)
Require 2FA based on user behavior scores or high-value transaction.

Documentation: Risk-based authentication
Video: Risk-based authentication

Included

Not Available

Multi-factor Authentication: SMS
Authorization codes sent via text message with RBA and/or 2FA. You can purchase blocks of SMS messages.

Documentation: Two-factor authentication (2FA)
Video: Multi-factor authentication: SMSa

Included

Add-On Fee

Multi-factor Authentication: Email
Authorization codes sent via email with RBA and/or 2FA.

Documentation: Two-factor authentication (2FA)
)
Video: Multi-factor authentication: Email

Included

Not Available

OpenID Connect (OIDC)
OpenID Connect protocol.

Documentation: OpenID Connect and OAuth 2.0
Video: OpenID Connect

Included

Not Available

OAuth 2.0
OAuth protocol.

Documentation: OpenID Connect and OAuth 2.0
Video: OAuth 2.0

Included

Included


Privacy and Consent

Feature

Hosted Login

API

Subject Access Rights
User can request their data or account deletion. Identity Cloud captures the request, and it is up to you to take action on it.

Video: Subject access rights

Included

Included

Consent Management
User manages consents via profile page.

Documentation: User Consent)
Video: Consent management (video)

Included

Included

Privacy and Terms Acceptance
User must accept legal terms upon registration and any time legal terms are updated.

Documentation: Authorization rules
Video: Legal and terms acceptance

Included

Included


Service Platform

Feature

Hosted Login

API

Capacity Management and Quotas
AIC includes entitlement for a maximum average daily transaction quota of 10 transactions per second during a calendar month. Rate quotas are subject to change to protect customers, at ​Akamai​’s discretion. ​Akamai​ will provide advance notice of such changes when possible.


Included

Included

Dynamic Performance Option
If higher rate quotas are required, you may subscribe to the Dynamic Performance Option.


Add-On Fee

Add-On Fee

Performance Testing
You can run a load test involving your Identity Cloud solution as prescribed by ​Akamai​. Your load test should reflect expected real-world traffic spikes.


Add-On Fee

Add-On Fee

Service Level Agreement (SLA)
AIC is committed to a monthly availability of at least 99.95% for ​Akamai​ Identity Service in production. ​Akamai​ customers can access the full SLA here.


Included

Included

Supported Browsers
Chrome, Edge, Firefox, Safari.

Documentation: Supported web browsers


Included

Included

Supported Web Protocols
Secure protocol (HTTPS) required for login and registration services.


Included

Included

​Akamai​ Platform Protections
Multi-tenant KSD protections.


Included

Included


Administration and Configuration

Feature

Hosted Login

API

Console
Dashboard UI for Identity Cloud configurations.

Documentation: Introduction to the Console
Video: Console

Included

Included

Customer Care Portal
Portal for customer care agents to service user profiles; included within Console.


Included

Included

Role-Based Access Control
Internal access to Console can be finely tuned based on roles and permissions.

Documentation: Agent roles reference
Video: Role-based access control

Included

Included

Audit Logs
Logs available within Console for 1) end user profile changes; and, 2) Console activity by user agent. Profile audit logs are stored for 90 days; Console activity audit logs are stored for 30 days.

Documentation: Audit logs overview
Video: Console audit logs

Included

Included

API
Most configurations can be done via suite of API endpoints.

REST APIs


Included

Included


Application Integrations

Feature

Hosted Login

API

Web Apps
Integrate Identity Cloud with your web-based sites and applications.

Documentation: Integrate OpenID Connect apps


Included

Included

Mobile Apps
Integration Identity Cloud with your mobile applications.


Included

Included

Single Page Apps
Intagrate Identity Cloud with your single-page applications.


Included

Included


Analytics and Data Integrations

Feature

Hosted Login

APIs

Customer Insights
Identity Cloud analytics dashboard. This is built on a third-party platform called Google Looker.

Documentation: Introduction to Customer Insights
Video: Customer Insights

Included

Included

Integration Bus
Pre-built data integrations between Identity Cloud and other Enterprise systems. This is built on a third-party platform called SnapLogic.

Documentation: Data integration with Integration Bus

Included

Included

Webhooks
Profile activity event delivery service to your endpoint. Configured via API: you provide endpoint and consume webhook notifications.

Documentation: Introduction to Webhooks v3
Video: Webhooks v3

Included

Included

SIEM Event Delivery
Batch security event delivery service to integrate with SIEM analytics tools such as Splunk or QRadar. Configured via API: you provide sFTP server and consume SIEM event data.

Documentation: Introduction to SIEM event delivery
Video: SIEM event delivery

Included

Included


Published APIs

Feature

Hosted Login

APIs

Authentication API
Implement login, registration, and profile management in your user-facing application via API.

Note. Hosted Login is the alternative to the Authentication API, although they can both be used in the same application as needed.

Video: Authentication API

See Note

Included

Configuration API
Administrer and configure your Identity Cloud implementation via API. Much of the same configuration can be done via the Console UI.

Video: Configuration API

Included

Included

Entity and Entity Type API
Administer and configure your data storage and user profiles via API. Much of the same configuration can be done via the Console UI.

Video: Entity and Entity Type API

Included

Included

Webhooks API
Configure webhooks via API.

Video: Webhooks v3 API

Included

Included

SIEM Event Delivery API
Configure SIEM Event Delivery via API.

Video: SIEM event delivery API

Included

Included

Social API
Manage social identity providers via API.

Video: Social API

Included

Included

Custom Provider API
Use practically any social login identity provider as a way to register/sign-in users on your Hosted Login websites.


Included

Included


Did this page help you?