Glossary

This is a glossary of terms, used on MAYI ID related sites, materials and systems.

A
ACME	Automatic Certificate Management Environment, a certificate automation protocol.
Alert logs
Agent	The agent works as an automatic credential injector for selected web/desktop apps. The agent is activated by receiving a deep link from MAYI PAM which is handled by the agent.
Automation portal	Automation Portal is a standalone application allowing Partners, their Customers or Tenant Managers to configure and deploy Tenant on their own without any IT support.
B
~~Bookmark~~Bookmarks	When coming back to MAYI ID platform you can set which page you will land after the Signin in.

C
CLM	Certificate Lifecycle Management
CLM vs CMAS	Certificate Lifecycle Management (CLM) is formerly known as a Certificate Management and Automation System (CMAS)
CMP	Certificate Management Protocol
CSR	Certificate Signing Request (CSR) will validate whether you can use the common name in Certificates
D
DNS	The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources

E
Enrollment, Remote enrollment, On-behalf enrollment vs Onboarding	Enrollment is an application that allows a user to register with the MAYI ID system, where user configures ways to authenticate himself/herself when signing in and ressetting password. Enrollment is a part of a bigger process called Onboarding, which includes configuration of permissions, groups and roles.
Emergency access	Emergency access is an application that provides the possibility to change the PIN of the vSEC card, reset the password to the application, unblock a blocked user or receive the emergency access OTP for emergency situations when the user loses his credentials.
EST	Enrollment over Secure Transport
F
Floating secret
Favourite items	You can tag certain items as favourite. In Vault: Folders, Secrets, Connections
G
GAC	Global Admin Console is a part of the applications configuration - the successor of Admin Console.

H
Heartbeat
HOTP	OTP authentication is an elegant solution to both security concerns and UX. There are two types of OTP: HOTP and TOTP. The “H” in HOTP stands for Hash-based Message Authentication Code (HMAC). Put in layman’s terms, HMAC-based One-time Password algorithm (HOTP) is an event-based OTP where the moving factor in each code is based on a counter. Time-based One-time Password (TOTP) is a time-based OTP. The seed for TOTP is static, just like in HOTP, but the moving factor in a TOTP is time-based rather than counter-based.
I
IdP	Identity Provider

J


K
Keycloak

L
LDAP	LDAP is an open, vendor-neutral application protocol for accessing and maintaining data such as usernames, passwords, email addresses, and other static data within directories. LDAP can also tackle authentication, so users can sign on just once and access many different files on the server.
LMS	Learning Management System
M
Magic questions	List of questions and answers to them, that are configured during enrollment. These questions are used for authentication of user during sign in or emergency access.

N


O
Onboarding vs Enrollment	Enrollment is an application that allows a user to register with the MAYI ID system, where user configures ways to authenticate himself/herself when signing in and ressetting password. Enrollment is a part of a bigger process called Onboarding, which includes configuration of permissions, groups and roles.
OTP, TOTP, HOTP	OTP authentication is an elegant solution to both security concerns and UX. There are two types of OTP: HOTP and TOTP. The “H” in HOTP stands for Hash-based Message Authentication Code (HMAC). Put in layman’s terms, HMAC-based One-time Password algorithm (HOTP) is an event-based OTP where the moving factor in each code is based on a counter. Time-based One-time Password (TOTP) is a time-based OTP. The seed for TOTP is static, just like in HOTP, but the moving factor in a TOTP is time-based rather than counter-based.
P
PAM
Passkey	Authentication Method that utilises either a FIDO2 device or iOS or Android device with biometric data.
Platform template (in Vault)	A type of Secret template in Vault settings. Platform templates provide a general basis for creating other templates.
Ping
Principal name
Q


R
Radius
RBAC	Role Based Access Control
S
Safewalk
SAML	Security Assertion Markup Language. It is an open for exchanging authentication & authorization data between parties, in particular, between an identity and service providers
SCEP	Simple Certificate Enrollment Protocol, a certificate automation protocol.
Secret
Slug name	The name “slug” comes from web publishing and refers usually to a part of a URL which identifies a page or resource.
SSO	Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems.
T
TAC	Tenant Admin Console (TAC) an application for Tenant management
Telnet
Tenant, Default tenant
Theme, GUI theme
Token
TOTP	OTP authentication is an elegant solution to both security concerns and UX. There are two types of OTP: HOTP and TOTP. The “H” in HOTP stands for Hash-based Message Authentication Code (HMAC). Put in layman’s terms, HMAC-based One-time Password algorithm (HOTP) is an event-based OTP where the moving factor in each code is based on a counter. Time-based One-time Password (TOTP) is a time-based OTP. The seed for TOTP is static, just like in HOTP, but the moving factor in a TOTP is time-based rather than counter-based.
U


V


W
WCCE	Windows Client Certificate Enrollment Protocol

X


Y


Z

Glossary

A

B

C

D

E

F

G

H

I

J

K

L

M

N

O

P

Q

R

S

T

U

V

W

X

Y

Z