Zentitle Identity vs Entitlement Management

Sometimes we get questions from companies that we're working with about what's the difference between identity and entitlement management.

And although there are some similarities in terms of providing access to things, they're really very different.

And so with an identity system, you're really restricted to just that identity based approach. So email address, username, password, and such. And so it really gives you this one size fits all kind of model, where if all you ever want to do is to think about managing identities and having some lightweight set of attributes against individual identities, then it may not be a bad solution.

However, if you want a true understanding of what rights you've sold at the company level and then be able to allow a lot of individuals desktops, servers, devices, and other entities to be able to access those entitlements then entitlement management is exactly what you're looking for. What that does then is not give you if you're just using an identity based system, that mix and match capability. Everything is sort of narrowly focused through identity, which is really only focused on authentication? Are these users who they are as opposed to what are the rights that these users inherit from being associated with an entity that's purchased various entitlements, various licenses.

The other thing that it's really restrictive on is any kind of, you know, desktop or server or cloud based deployment of your application running in virtualized environments because, again, all you're doing is tying, use to an identity. And you don't have the ability to distinguish, say, one VM from another VM, you know, the whole aspect of cloning and such. And of course, that's a native aspect of Now parents' end title platform is to give you the power to directly manage against that.

It also means that you can't handle offline environments. So if you have end customers working in some sort of disconnected or air gap environment, or we would call it dark site, then it's really challenging to leverage a pure identity based system. Whereas, we integrate with IDPs, Auth0, Okta, etc. And so we allow you to support those flows all within our standard entitlement management system, that it also includes offline use cases.

Similarly, for the channel, if you are working with a channel, and they're looking to take an inventory of entitlements and inventory of licenses and then sell those through. It's very challenging for them to work with a pure identity based system because they're taking inventory, they don't know who they're gonna sell the products to. It hasn't happened yet. So them being able to manage entitlements without any direct immediate sense of the identities of the people that will then be using them, is really a very different kind of beast. So entitlement management gives you a very flexible ability even within a pure SaaS environment to do this mix and match to allow both identity, as well as sort of license key and device based activation against those licenses gives you a lot more flexibility, handles the virtualization and offline use cases and is far more channel friendly.