Customer identity access management
This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these template messages)(Learn how and when to remove this template message)
Customer (or consumer) identity and access management (CIAM) is a subset of the larger concept of identity access management (IAM) and is focused specifically on managing the identities of customers who need access to corporate websites, web portals and webshops. Instead of managing user accounts in every instance of a software application of a company, the identity is managed in a CIAM component, making reuse of the identity possible. The biggest differentiator between CIAM and regular (internal) IAM is that in CIAM the consumers of the service manage their own accounts and profile data. 
Generally speaking a CIAM environment serves the following purposes:
- Identity as a Service, for managing digital customer identities
- CRM, for managing user behaviour
- Consent Management for managing user consent in reference to Privacy
Identity as a ServiceEdit
CIAM is a required component of modern user engagement allowing organizations to recognize unique customers and personalize their engagement based on collected personal preferences.
A single CIAM system can control access to multiple applications, using federation protocols to transfer the digital identity and access parameters to the different applications.
CIAM solutions are generally designed to scale to handle tens-of-millions of users or more in B2C environments. IAM is common in large organizations to control a wide scope of internal user access points  including computer hardware access, file and resource permissions, network access permissions, application access, and human resource needs.
In the simplest form, CIAM includes the registration and login processes that allow a customer to sign in and use a company’s application. More advanced systems can provide single sign-on (SSO), account and preference management, data tracking and reporting, multi-factor authentication, and user monitoring and management.
The digital identities managed by a CIAM solution are used to give access to different business applications, portals and webshops. Due to the fact that all these transactions are logged, the data can be used for profiling purposes. And transaction data can be correlated to the digital identities of the customers. The data can be seen as a relevant component of CRM systems.
Because of the nature of CIAM - user logging in, managing profiles, accessing services - CIAM solution harvest lots of personal information. Privacy laws, such as the GDPR hold CIAM providers accountable for processing this kind of data, hence the providers have taken steps to restrict the processing of these data by implementing Consent Management services. For every data element users can define whether a provider can process or transfer the personal data. For instance: a user can give or revoke consent to process transaction data for marketing purposes.