# Terminology Inventory Status: draft. Updated after IDENTITY-WP-0003 corpus backfill. Mappings remain candidate until reviewed against `canon/CanonicalGlossary.md` and scenario tests. ## Use Use this file to collect source terms and their current candidate canonical home. Use `terminology/TerminologyConflictMap.md` when a term is overloaded or has incompatible meanings across source families. ## Inventory | Term | Candidate canonical concept | Source families | Notes | | --- | --- | --- | --- | | actor | Actor | ActivityPub, FOAF, Cedar, proposal | Participation root. ActivityPub actor is server-hosted; FOAF Agent includes persons. | | natural person | Natural Person | FOAF, Schema.org, NIST, GDPR | Human being; FOAF Person and Schema.org Person align strongly. | | user | Convenience label only | SCIM, LDAP, Keycloak, ZITADEL, apps | Overloaded. Map by context: SCIM/LDAP User → Identity Record; Keycloak/ZITADEL User → Account. | | account | Account | SCIM, LDAP posixAccount, FOAF OnlineAccount, Keycloak | Operational access record in a scope. FOAF separates account from person explicitly. | | identity | Identity Record or Claim | Kratos, OIDC, DID, VC, apps | Kratos Identity = traits + credentials. Avoid bare `identity` as root noun. | | identifier | Identifier | OIDC sub, SAML NameID, LDAP DN, DID, WebID | Value referring within or across scopes. See Scoped Identifier when correlation is limited. | | scoped identifier | Scoped Identifier | OIDC pairwise, SAML transient, pseudonyms | Meaning limited to RP, sector, tenant, or session. | | credential | Credential | NIST, Kratos, OIDC token, VC, DID keys | Proof material. Distinguish VC (claim container) from password/WebAuthn. | | subject | Authenticated Subject | OIDC, SAML, SSF events | Protocol/security view after issuer identification. Not Actor or Principal. | | principal | Authorization Principal | Cedar, Cerbos, Zanzibar, OpenFGA | Decision-engine participant. OpenFGA `user:` prefix is not a human user. | | end-user | Natural Person (inferred) | OIDC | OIDC names the human implicitly; does not model as entity. | | profile | Profile | FOAF, WebID/Solid, SCIM attrs, ActivityPub | Presentation or attribute surface. Solid profile is user-controlled data. | | persona | Persona | proposal, privacy patterns | Contextual presentation; pairwise/pseudonymous profiles map here. | | agent | Actor or Artificial Agent | FOAF, ActivityPub, WebID | FOAF Agent includes humans; ActivityPub Service = Artificial Agent. | | bot | Artificial Agent | ActivityPub Service, apps | Automated actor; may use Service Account. | | service account | Service Account | Keycloak, ZITADEL machine user, Kratos | Non-human login or API identity. ZITADEL machine user, Kratos service patterns. | | machine user | Service Account | ZITADEL | Product term for non-human org identity. | | organization | Organization | Schema.org, Keycloak Orgs, ZITADEL, SCIM ext | Collective actor. SCIM `organization` attribute is not an Organization actor. | | legal entity | Legal Entity | business, compliance | Organization recognized under law; separate from tenant. | | customer | Customer (relationship role) | SaaS, vendor models | B2B subscriber org → Organization + Customer role + Tenant. Not Stripe Customer. | | vendor | Vendor (relationship role) | SaaS, multi-vendor | Provider role; not realm or tenant. | | subscriber | Organization + Customer role | Auth0 B2B SaaS | Convenience label only; not canonical. | | stripe customer | Commercial Record | Stripe, billing | Billing object; link to Tenant via metadata. Not Account. | | crm account | Commercial Record | Salesforce, CRM | Commercial record; not login Account. | | customer account | Resolve by layer | billing, IAM, CRM | Not canonical — see TerminologyConflictMap. | | commercial record | Commercial Record | Stripe, CRM, billing | Record layer; payment/subscription/commerce state. | | commercial relationship | Commercial Relationship | vendor/customer SaaS | Vendor-to-customer typed relationship. | | tenant | Tenant | ZITADEL org, SaaS, Keycloak (informal) | Administrative/isolation scope. Keycloak realm sometimes called tenant. | | realm | Realm | Keycloak | Hard identity/admin namespace. Candidate Scope specialization. | | scope | Scope | OIDC, Cerbos, OpenFGA store, proposal | Boundary for meaning, policy, or correlation. | | namespace | Scope | LDAP dc, Keto/OpenFGA, DID method | Naming or authorization partition. | | instance | Scope | ZITADEL | Deployment-level boundary above organizations. | | project | Application Scope | ZITADEL | Application/product container within org. | | community | Community | ActivityPub Group, proposal | Participation-oriented collective. ActivityPub Group may be Community or Group. | | family | Family or Household | proposal, GDPR-sensitive | Guardian/dependent semantics; privacy-sensitive. | | household | Family or Household | family accounts | Co-residence unit; may differ from legal family. | | group | Group | LDAP, SCIM, FOAF, ActivityPub, Cedar | Named collection. LDAP/SCIM group ≠ social community without context. | | team | Group or Organization Unit | Schema.org, collaboration | Collaboration unit; may be org sub-unit. | | role | Role | Keycloak, ZITADEL, Cedar, Cerbos, Schema.org OrganizationRole | Capability bundle or relationship label. Cerbos derived role may hide Ownership. | | grant | Role assignment | ZITADEL | Project role assignment; map to Delegation-like relationship. | | member | Membership Relationship | SCIM, LDAP, FOAF, Schema.org, Zanzibar | Relationship edge, not a noun for the participant. | | affiliation | Affiliation Relationship | Schema.org, FOAF knows | Looser than membership. FOAF knows is weak social affiliation. | | follower | Following Relationship | ActivityPub | Directed social subscription; not membership or authz. | | follow | Following Relationship | ActivityPub | Activity establishing follower edge. | | owner | Ownership Relationship | Zanzibar, Cerbos derived | Control/responsibility. Cerbos may encode as attribute not relationship. | | administrator | Administration Relationship | IAM, ZITADEL grants | Delegated management in scope. | | delegation | Delegation Relationship | Cedar context, agents | Bounded authority grant. Cedar context may carry delegatedBy. | | representation | Representation Relationship | SCIM manager, DID controller | Acting on behalf of another. DID controller may differ from subject. | | trust | Trust Relationship | federation, VC, DID | Reliance on issuer/verifier; federation metadata trust. | | claim | Claim | OIDC, SAML attributes, VC | Statement by issuer. SAML AttributeStatement → Claim. | | evidence | Evidence Source | NIST proofing, entity resolution, SSF | Supports claims and synonymity. SSF SET = event Evidence Source. | | assurance | Assurance Level | NIST IAL/AAL/FAL | Orthogonal identity, authentication, federation confidence. | | identifier binding | Identifier Binding | OIDC iss+sub, WebID-OIDC, SAML | Assertion that identifier refers to target in scope. | | synonymity | Synonymity Assertion | entity resolution, OIDC linking, schema.org sameAs | Scoped evidenced equivalence. sameAs is weak by default. | | weak match | Weak Synonymity Assertion | probabilistic matching | Probabilistic link; never destructive merge. | | strong link | Strong Synonymity Assertion | deterministic match, verified linking | Authoritative or verified; still scoped. | | same_as | Synonymity Assertion (strong) | synonymity model | High-confidence equivalence relation type. | | probably_same_as | Synonymity Assertion (weak) | probabilistic matching | Probabilistic equivalence relation type. | | linked_to | Synonymity Assertion (operational) | account linking | Convenience link without semantic sameness claim. | | pseudonym | Pseudonymous Identifier | GDPR, OIDC pairwise | Limits cross-scope correlation. | | pairwise subject | Scoped Identifier | OIDC | RP-specific sub preventing global correlation. | | relationship tuple | Relationship Tuple | Zanzibar, OpenFGA, Keto | Authz projection: subject#relation@object. | | policy | Authorization Projection | Cedar, Cerbos | Rule artifact; downstream of canon model. | | lifecycle state | Lifecycle State | SCIM active, SSF/RISC events, VC status | Applies to records, credentials, relationships, assertions. | | subscriber | Account / Identity Record | NIST | Enrolled party at CSP; not synonymous with Natural Person until IAL binding. | | issuer | Scope + Trust Relationship | OIDC iss, VC issuer, SAML IdP | Namespace authority for identifiers and claims. | | relying party | Scope | OIDC RP, SAML SP, NIST | Consumer of assertions; RP-local account binding. | | nameid | Identifier | SAML | Format attribute determines persistence and privacy semantics. | | distinguished name | Identifier | LDAP | Compound locator in directory namespace. | | externalid | Identifier | SCIM | Client-supplied cross-system correlation key. | | traits | Profile attributes | Kratos | Schema-validated identity attributes. | | verification method | Credential | DID Core | Cryptographic key in DID document. | | verifiable credential | Credential + Claim | VC Data Model | Signed claim set; distinct from login credential. | | holder | Actor (custody role) | VC, OpenID4VC | Party possessing VC; may differ from subject. | | verifier | Scope (evaluation role) | VC, OpenID4VC | Validates presentations. | | did | Identifier | DID Core | Decentralized identifier with method-specific resolution. | | webid | Identifier | WebID/Solid | HTTP URI identifying agent with dereferenceable profile. | | data subject | Natural Person | GDPR | Identifiable natural person for privacy regulation. | | pseudonymization | Processing pattern | GDPR | Technique; maps to Scoped Identifier + separated re-id key. | | controller | Organization (legal role) | GDPR | Downstream legal role; not canonical identity root. | | tuple (authz) | Relationship Tuple | Zanzibar | Authorization fact, not social relationship. | | userset | Authorization Principal (indirect) | Zanzibar, OpenFGA | Subject referenced via relation chain. | | derived role | Role (computed) | Cerbos | Role from attributes; should trace to Relationship when possible. | | contextual tuple | Delegation context | OpenFGA | Ephemeral authz fact at check time. | | sameas | Weak Synonymity Assertion | Schema.org | Informal web equivalence; not strong link without evidence. | | organizationrole | Role + Membership | Schema.org | Temporal role with start/end dates. | | assurance level change | Assurance Level update | SSF/CAEP | Event affecting IAL/AAL/FAL metadata. | ## Source Note Citations Terms above are grounded in backfilled notes under: - `research/identity-provisioning/` (5 notes) - `research/authentication-federation/` (4 notes) - `research/authorization-relationships/` (4 notes) - `research/social-community-graphs/` (4 notes) - `research/verifiable-claims/` (3 notes) - `research/entity-resolution-privacy/` (3 notes) - `research/commercial-subscription/` (2 notes) ## Remaining Backfill Needs - Split `group` into authorization group vs. social collective where sources disagree (OpenFGA member vs. ActivityPub follower). - Add product-version qualifiers when Keycloak/ZITADEL models evolve. - Promote stable mappings to `canon/CanonicalGlossary.md` after scenario review.