> For the complete documentation index, see [llms.txt](https://docs.devolutions.net/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.devolutions.net/pam/concepts/identity-provider.md). # Identity provider An **identity provider** (IdP) is an external service that stores and manages user identities and credentials. Devolutions PAM interacts with these providers to perform identity-related actions such as [password rotations](https://docs.devolutions.net/pam/concepts/password-rotation/), account validations, and session authorizations. Identity providers are never internal to Devolutions PAM; they serve as external sources that the platform accesses through configured providers. Common identity providers include [Microsoft Active Directory](https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-default-user-accounts), [MySQL databases](https://dev.mysql.com/doc/refman/8.4/en/user-names.html), [Windows operating systems](https://support.microsoft.com/en-us/windows/manage-user-accounts-in-windows-104dc19f-6430-4b49-6a2b-e4dbd1dcdf32), and [Linux operating systems](https://www.redhat.com/sysadmin/linux-user-group-management). Each of these systems handles the core functions of [authentication, authorization, and accounting (AAA)](https://en.wikipedia.org/wiki/Authentication,_authorization,_and_accounting), which are foundational for managing access securely. Within Devolutions PAM, identity providers are essential to executing privileged tasks on managed accounts. Administrators can automate interactions with these external sources using actions, helping to streamline credential management while maintaining strict control and auditability. #### Identity provider aliases * IdP * authentication provider * Identity as a service (IDaaS) provider #### Related topics * [Providers (Devolutions Server)](https://docs.devolutions.net/pam/server/providers/) * [Providers (Devolutions Cloud)](https://docs.devolutions.net/pam/pam-with-devolutions-cloud/providers/) #### See also * [Create an Entra ID PAM provider (Devolutions Cloud)](https://docs.devolutions.net/pam/kb/how-to-articles/create-an-entra-id-pam-provider-devolutions-cloud/) * [Create an Entra ID PAM provider (Devolutions Server)](https://docs.devolutions.net/pam/kb/how-to-articles/create-azure-ad-pam-provider-devolutions-server/) * [Create Windows users provider (Devolutions Server)](https://docs.devolutions.net/pam/kb/how-to-articles/create-windows-users-provider/) * [Glossary of Common Privileged Access Management (PAM) Terms](https://blog.devolutions.net/2021/01/glossary-of-common-privileged-access-management-pam-terms/) * [Need Cybersecurity Insurance? Then You Probably Need PAM, Too](https://blog.devolutions.net/2023/10/need-cybersecurity-insurance-then-you-probably-need-pam-too/) --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.devolutions.net/pam/concepts/identity-provider.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.