Granted identity

A Granted identity is a type of security identity that’s automatically given to certain authenticated users by a security identity provider.

A single security identity can have several granted identities, and a given granted identity can be associated with many security identities. A granted identity is conceptually similar to a group, except that most of the time, it’s not possible for an external secured enterprise system to retrieve the complete list of users who would receive a certain granted identity.

Concrete examples of security identity models are available in the article Security Identity Definition Examples.


Granted identities were formerly referred to as well-known groups.