A “User” is an identity which has a set of authorisations, a set of permissions. A user may be identified by one or more Identity Providers (e.g. Azure Active Directory, Google, Apple, etc.)

Users’ may be collected into groups, and, groups behave the same as a user for permission purposes. Groups may also aggregate other groups.

Identity Provider

An Identity Provider authenticates a user. It may do this with a password, with biometric, or with any trustworthy means. Agilicus acts as an Identity Provider for your applications.

Upstream Issuer

An Upstream Issuer is an Identity Provider that is federated in to the Identity Provider. This might include Apple, Google, Azure, Okta, Auth0, etc. The Upstream Issuer acts to authenticate a user.


See Identity & Authentication Methods.

See Azure Active Directory.