Broad Categories of Use Cases
- simple identity-based access management (who they are gives them access right)
- attribute-based management use cases (some feature of who they are gives them access)
- group-based management cases, similar to attribute-based but more ad hoc (e.g. membership in a collection)
- role-based cases, where not just membership in a group but business-level function is important
- Federation scenarios (where identity isn't as concrete as in more normal business cases)
More Complex Use Cases:
- Approval type scenarios
- Attestation scenarios