Feature list
Ever found yourself wondering "What exactly is the Akamai Identity Cloud?" If the answer to that question is "yes," then you've come to the right place: this page includes a list of many of the key features and capabilities that make up the Akamai Identity Cloud (AIC). To help you fully understand what Identity Cloud can do, these items have been collected in a set of tables built around the following categories:
- Registration and Profile Management
- Identity Management
- Privacy and Consent
- Service Platform
- Administration and Configuration
- Application Integrations
- Analytics and Data Integrations
- Published APIs
Note that, in the tables below, the Hosted Login column indicates whether a feature/capability is available to organizations using Hosted Login, while the API column indicates whether that same feature or capability is available to organizations relying on the Authentication APIs.
Registration and Profile Management
| Feature | Hosted Login | API |
|---|---|---|
| Primary Region One region is included with your base subscription, excluding China (CN). Qualifying regions include: North America (NA), Europe (EU), Australia (AU), Singapore (SG), Japan (JP). | Included | Included |
| Additional Regions Additional regions can be purchased as needed. Regions include: North America (NA), Europe (EU), Australia (AU), Singapore (SG), Japan (JP), China (CH). | Add-On Fee | Add-On Fee |
| User Profile Attributes The Identity Cloud data schema is extensible and can accommodate as many attributes as needed. Caveats include credit card information, SSN, or other pieces of sensitive data that belong with other systems. Default user schema | Included | Included |
| Registration Users can create a new account using a self-service registration form. | Included | Included |
| Profile Data Management User can view/edit their user profile. | Included | Included |
| Field and Form Customization Customize the data collected in registration and profile forms. Hosted Login and API forms/fields can both be configured via Configuration API or Console Registration Builder. Console Registration Builder | Included | Included |
| Screen Customization Customize the look and feel of login, registration, profile, etc. screens. Hosted Login screens can be customized via published images and CSS; API implementation does not include screens, as they are completely on your side. Customize Hosted Login | Included | Included |
| Language Support Localization and translations based on ISO codes. Default language is American English; You must provide translations. Localize screen text | Included | Included |
Identity Management
| Feature | Hosted Login | API |
|---|---|---|
| Authentication Registration and login via password. Authorization code + PKCE grant type | Included | Included |
| Single Sign-On (SSO) User logins on one application can be recognized across other applications. Read More | Included | Not Available |
| Password Security Password encryption, custom password validation rules, secure password reset, configurable password history requirement. Unique password enforcement | Included | Included |
| Supported Password Hashes Standard Identity Cloud password hash. Bcrypt is the standard Identity Cloud password hash. We support a number of other hashes for data migration purposes only. If you use a hash that is not supported, passwords will need to be reset. | Included | Included |
| Password Reset User can reset their password in a self-service workflow. | Included | Included |
| Social Identity Registration and login via providers such as Apple, Facebook, Microsoft Online, Twitter, and WeChat. Configure social login | Included | Included |
| Social Identity Merge Merge a social account such as Apple, Facebook, Twitter, or WeChat with an existing profile. Social merge can only work when the IDP provides a verified email address that matches the email on the existing profile. | Included | Included |
| Link Social Identity User can link a social account to an existing profile. | Included | Included |
| Custom Identity Provider (IdP) Configure a custom provider for social login as long as it follows a supported protocol: OIDC, OAuth, or SAML. Only outbound integrations to external IDPs are supported. Introduction to custom providers | Included | Included |
| Transactional Emails Standard registration experience provides option to send via our Amazon SES service: registration verification; account deactivation; email change; forgot password. You can also send emails via your own service. JavaScript SDK email overview | Included | Included |
| Email and Mobile Number Verification Update to email address or mobile number requires verification. Note. API includes email verification only. Manage email addresses and mobile device numbers in Hosted Login v2 | Included | See Note |
| Risk-Based Authentication (RBA) Require 2FA based on user behavior scores or high-value transaction. Risk-based authentication | Included | Not Available |
| Multi-factor Authentication: SMS Authorization codes sent via text message with RBA and/or 2FA. You can purchase blocks of SMS messages. Two-factor authentication (2FA) | Included (regular SMS fee only) | Included (regular SMS fee only) |
| Multi-factor Authentication: Email Authorization codes sent via email with RBA and/or 2FA. Two-factor authentication (2FA) | Included | Not Available |
| OpenID Connect (OIDC) OpenID Connect protocol. OpenID Connect and OAuth 2.0 | Included | Not Available |
| OAuth 2.0 OAuth protocol. OpenID Connect and OAuth 2.0 | Included | Included |
Privacy and Consent
| Feature | Hosted Login | API |
|---|---|---|
| Subject Access Rights User can request their data or account deletion. Identity Cloud captures the request, and it is up to you to take action on it. | Included | Included |
| Consent Management User manages consents via profile page. Read More | Included | Included |
| Privacy and Terms Acceptance User must accept legal terms upon registration and any time legal terms are updated. Read More | Included | Included |
Service Platform
| Feature | Hosted Login | API |
|---|---|---|
| Capacity Management and Quotas AIC includes entitlement for a maximum average daily transaction quota of 10 transactions per second during a calendar month. Rate quotas are subject to change to protect customers, at Akamai’s discretion. Akamai will provide advance notice of such changes when possible. | Included | Included |
| Dynamic Performance Option If higher rate quotas are required, you may subscribe to the Dynamic Performance Option. | Add-On Fee | Add-On Fee |
| Performance Testing You can run a load test involving your Identity Cloud solution as prescribed by Akamai. Your load test should reflect expected real-world traffic spikes. | Add-On Fee | Add-On Fee |
| Service Level Agreement (SLA) AIC is committed to a monthly availability of at least 99.95% for Akamai Identity Service in production. Akamai customers can access the full SLA here. | Included | Included |
| Supported Browsers Chrome, Edge, Firefox, Safari. Supported web browsers | Included | Included |
| Supported Web Protocols Secure protocol (HTTPS) required for login and registration services. | Included | Included |
| Akamai Platform Protections Multi-tenant KSD protections. | Included | Included |
Administration and Configuration
| Feature | Hosted Login | API |
|---|---|---|
| Console Dashboard UI for Identity Cloud configurations. Introduction to the Console | Included | Included |
| Customer Care Portal Portal for customer care agents to service user profiles; included within Console. | Included | Included |
| Role-Based Access Control Internal access to Console can be finely tuned based on roles and permissions. Agent roles reference | Included | Included |
| Audit Logs Logs available within Console for 1) end user profile changes; and, 2) Console activity by user agent. Profile audit logs are stored for 90 days; Console activity audit logs are stored for 30 days. Audit logs overview | Included | Included |
| API Most configurations can be done via suite of API endpoints. REST APIs | Included | Included |
Application Integrations
| Feature | Hosted Login | API |
|---|---|---|
| Web Apps Integrate Identity Cloud with your web-based sites and applications. Integrate OpenID Connect apps | Included | Included |
| Mobile Apps Integrate Identity Cloud with your mobile applications. | Included | Included |
| Single Page Apps Integrate Identity Cloud with your single-page applications. | Included | Included |
Analytics and Data Integrations
| Feature | Hosted Login | APIs |
|---|---|---|
| Customer Insights Identity Cloud analytics dashboard. This is built on a third-party platform called Google Looker. Introduction to Customer Insights | Included | Included |
| Integration Bus Pre-built data integrations between Identity Cloud and other Enterprise systems. This is built on a third-party platform called SnapLogic. Data integration with Integration Bus | Included | Included |
| Webhooks Profile activity event delivery service to your listener endpoint. Configured via API: you provide the endpoint and then consume webhook notifications. Introduction to Webhooks v3 | Included | Included |
| SIEM Event Delivery Batch security event delivery service to integrate with SIEM analytics tools such as Splunk or QRadar. Configured via API: you provide sFTP server and consume SIEM event data. Introduction to SIEM event delivery | Included | Included |
Published APIs
| Feature | Hosted Login | APIs |
|---|---|---|
| Authentication API Implement login, registration, and profile management in your user-facing application via API. Note. Hosted Login is the alternative to the Authentication API, although they can both be used in the same application where needed. Read More | See Note | Included |
| Configuration API Administrer and configure your Identity Cloud implementation via API. Much of the same configuration can be done via the Console UI. Read More | Included | Included |
| Entity and Entity Type API Administer and configure your data storage and user profiles via API. Much of the same configuration can be done via the Console UI. Read More | Included | Included |
| Webhooks API Configure webhooks via API. Read More | Included | Included |
| SIEM Event Delivery API Configure SIEM Event Delivery via API. Read More | Included | Included |
| Social API Manage social identity providers via API. Read More | Included | Included |
| Custom Provider API Use practically any social login identity provider as a way to register/sign-in users on your Hosted Login websites. Read More | Included | Included |
| Hosted Login API Includes OAuth 2.0 and OpenID Connect operations. Read More |
Updated about 2 months ago