Feature list
Ever found yourself wondering "What exactly is the Akamai Identity Cloud?" If the answer to that question is "yes," then you've come to the right place: this page includes a list of many of the key features and capabilities that make up the Akamai Identity Cloud (AIC). To help you fully understand what the I<<PR
can do, these items have been collected in a set of tables built around the following categories:
- Registration and Profile Management
- Identity Management
- Privacy and Consent
- Service Platform
- Administration and Configuration
- Application Integrations
- Analytics and Data Integrations
- Published APIs
Note that, in the tables below, the Hosted Login column indicates whether a feature/capability is available to organizations using Hosted Login, while the API column indicates whether that same feature or capability is available to organizations relying on the Authentication APIs.
Registration and Profile Management
| Feature | Hosted Login | API |
|---|---|---|
| Primary Region One region is included with your base subscription, excluding Russian RU) and China (CN). Qualifying regions include: North America (NA), Canada (CC), Europe (EU), Australia (AU), Singapore (SG), Japan (JP). | Included | Included |
| Additional Regions Additional regions can be purchased as needed. Regions include: North America (NA), Canada (CC), Europe (EU), Australia (AU), Singapore (SG), Japan (JP), China (CH), Russia (RU). Note. The EU region is a prerequisite for support in Russia. The Russia solution is unique and provides RU data privacy law compliancy for Russia law 152-FZ PII "write-first" requirement. | Add-On Fee | Add-On Fee |
| User Profile Attributes The Identity Cloud data schema is extensible and can accommodate as many attributes as needed. Caveats include credit card information, SSN, or other pieces of sensitive data that belong with other systems. Video: Profile data management | Included | Included |
| Registration Users can create a new account using a self-service registration form. Video: Registration | Included | Included |
| Profile Data Management User can view/edit their user profile. Video: Manage a user profile | Included | Included |
| Field and Form Customization Customize the data collected in registration and profile forms. Hosted Login and API forms/fields can both be configured via Configuration API or Console Registration Builder. Documentation: Console Registration Builder Video: Field and form customization | Included | Included |
| Screen Customization Customize the look and feel of login, registration, profile, etc. screens. Hosted Login screens can be customized via published images and CSS; API implementation does not include screens, as they are completely on your side. Documentation: Screen customization Video: Screen customization | Included | Included |
| Language Support Localization and translations based on ISO codes. Default language is American English; You must provide translations. Documentation: Localize screen text Video: Language support | Included | Included |
Identity Management
| Feature | Hosted Login | API |
|---|---|---|
| Authentication Registration and login via password. Documentation: Authorization code + PKCE grant type Video: Authentication | Included | Included |
| Single Sign-On (SSO) User logins on one application can be recognized across other applications. Documentation: Sessions and SSO | Included | Not Available |
| Password Security Password encryption, custom password validation rules, secure password reset, configurable password history requirement. Documentation: Unique password enforcement Video: Password security | Included | Included |
| Supported Password Hashes Standard Identity Cloud password hash. Bcrypt is the standard Identity Cloud password hash. We support a number of other hashes for data migration purposes only. If you use a hash that is not supported, passwords will need to be reset. | Included | Included |
| Password Reset User can reset their password in a self-service workflow. Video: Password reset | Included | Included |
| Social Identity Registration and login via providers such as Apple, Facebook, Microsoft Online, Twitter, and WeChat. Video: Configure social login | Included | Included |
| Social Identity Merge Merge a social account such as Apple, Facebook, Twitter, or WeChat with an existing profile. Social merge can only work when the IDP provides a verified email address that matches the email on the existing profile. Video: Merge social accounts | Included | Included |
| Link Social Identity User can link a social account to an existing profile. Video: Link social identity | Included | Included |
| Custom Identity Provider (IdP) Configure a custom provider for social login as long as it follows a supported protocol: OIDC, OAuth, or SAML. Only outbound integrations to external IDPs are supported. Documentation: Introduction to custom providers | Included | Included |
| Transactional Emails Standard registration experience provides option to send via our Amazon SES service: registration verification; account deactivation; email change; forgot password. You can also send emails via your own service. Documentation: JavaScript SDK email overview Video: Transactional emails | Included | Included |
| Email and Mobile Number Verification Update to email address or mobile number requires verification. Note. API includes email verification only. Documentation: Manage email addresses and mobile device numbers in Hosted Login v2 Video: Email and mobile number verification | Included | See Note |
| Risk-Based Authentication (RBA) Require 2FA based on user behavior scores or high-value transaction. Documentation: Risk-based authentication Video: Risk-based authentication | Included | Not Available |
| Multi-factor Authentication: SMS Authorization codes sent via text message with RBA and/or 2FA. You can purchase blocks of SMS messages. Documentation: Two-factor authentication (2FA) Video: Multi-factor authentication: SMSa | Included | Add-On Fee |
| Multi-factor Authentication: Email Authorization codes sent via email with RBA and/or 2FA. Documentation: Two-factor authentication (2FA) ) Video: Multi-factor authentication: Email | Included | Not Available |
| OpenID Connect (OIDC) OpenID Connect protocol. Documentation: OpenID Connect and OAuth 2.0 Video: OpenID Connect | Included | Not Available |
| OAuth 2.0 OAuth protocol. Documentation: OpenID Connect and OAuth 2.0 Video: OAuth 2.0 | Included | Included |
Privacy and Consent
| Feature | Hosted Login | API |
|---|---|---|
| Subject Access Rights User can request their data or account deletion. Identity Cloud captures the request, and it is up to you to take action on it. Video: Subject access rights | Included | Included |
| Consent Management User manages consents via profile page. Documentation: User Consent) Video: Consent management (video) | Included | Included |
| Privacy and Terms Acceptance User must accept legal terms upon registration and any time legal terms are updated. Documentation: Authorization rules Video: Legal and terms acceptance | Included | Included |
Service Platform
| Feature | Hosted Login | API |
|---|---|---|
| Capacity Management and Quotas AIC includes entitlement for a maximum average daily transaction quota of 10 transactions per second during a calendar month. Rate quotas are subject to change to protect customers, at Akamai’s discretion. Akamai will provide advance notice of such changes when possible. | Included | Included |
| Dynamic Performance Option If higher rate quotas are required, you may subscribe to the Dynamic Performance Option. | Add-On Fee | Add-On Fee |
| Performance Testing You can run a load test involving your Identity Cloud solution as prescribed by Akamai. Your load test should reflect expected real-world traffic spikes. | Add-On Fee | Add-On Fee |
| Service Level Agreement (SLA) AIC is committed to a monthly availability of at least 99.95% for Akamai Identity Service in production. Akamai customers can access the full SLA here. | Included | Included |
| Supported Browsers Chrome, Edge, Firefox, Safari. Documentation: Supported web browsers | Included | Included |
| Supported Web Protocols Secure protocol (HTTPS) required for login and registration services. | Included | Included |
| Akamai Platform Protections Multi-tenant KSD protections. | Included | Included |
Administration and Configuration
| Feature | Hosted Login | API |
|---|---|---|
| Console Dashboard UI for Identity Cloud configurations. Documentation: Introduction to the Console Video: Console | Included | Included |
| Customer Care Portal Portal for customer care agents to service user profiles; included within Console. | Included | Included |
| Role-Based Access Control Internal access to Console can be finely tuned based on roles and permissions. Documentation: Agent roles reference Video: Role-based access control | Included | Included |
| Audit Logs Logs available within Console for 1) end user profile changes; and, 2) Console activity by user agent. Profile audit logs are stored for 90 days; Console activity audit logs are stored for 30 days. Documentation: Audit logs overview Video: Console audit logs | Included | Included |
| API Most configurations can be done via suite of API endpoints. REST APIs | Included | Included |
Application Integrations
| Feature | Hosted Login | API |
|---|---|---|
| Web Apps Integrate Identity Cloud with your web-based sites and applications. Documentation: Integrate OpenID Connect apps | Included | Included |
| Mobile Apps Integration Identity Cloud with your mobile applications. | Included | Included |
| Single Page Apps Integrate Identity Cloud with your single-page applications. | Included | Included |
Analytics and Data Integrations
| Feature | Hosted Login | APIs |
|---|---|---|
| Customer Insights Identity Cloud analytics dashboard. This is built on a third-party platform called Google Looker. Documentation: Introduction to Customer Insights Video: Customer Insights | Included | Included |
| Integration Bus Pre-built data integrations between Identity Cloud and other Enterprise systems. This is built on a third-party platform called SnapLogic. Documentation: Data integration with Integration Bus | Included | Included |
| Webhooks Profile activity event delivery service to your endpoint. Configured via API: you provide endpoint and consume webhook notifications. Documentation: Introduction to Webhooks v3 Video: Webhooks v3 | Included | Included |
| SIEM Event Delivery Batch security event delivery service to integrate with SIEM analytics tools such as Splunk or QRadar. Configured via API: you provide the sFTP server and consume SIEM event data. Documentation: Introduction to SIEM event delivery Video: SIEM event delivery | Included | Included |
Published APIs
| Feature | Hosted Login | APIs |
|---|---|---|
| Authentication API Implement login, registration, and profile management in your user-facing application via API. Note. Hosted Login is the alternative to the Authentication API, although they can both be used in the same application as needed. Video: Authentication API | See Note | Included |
| Configuration API Administer and configure your Identity Cloud implementation via API. Much of the same configuration can be done via the Console UI. Video: Configuration API | Included | Included |
| Entity and Entity Type API Administer and configure your data storage and user profiles via API. Much of the same configuration can be done via the Console UI. Video: Entity and Entity Type API | Included | Included |
| Webhooks API Configure webhooks via API. Video: Webhooks v3 API | Included | Included |
| SIEM Event Delivery API Configure SIEM Event Delivery via API. Video: SIEM event delivery API | Included | Included |
| Social API Manage social identity providers via API. Video: Social API | Included | Included |
| Custom Provider API Use practically any social login identity provider as a way to register/sign-in users on your Hosted Login websites. | Included | Included |
Updated about 2 months ago