Is this course for engineers, security analysts, or compliance professionals?

All three. We have intentionally built it as a practitioner primer — engineers walk out able to recognize the patterns, security analysts walk out able to map controls, compliance professionals walk out able to audit them.

What format is the course?

Hybrid: 12 hours of cohort-based live sessions + 12 hours of self-paced labs. Cohorts run quarterly. We cap each cohort at 16 people so the live sessions stay discussion-shaped.

Is there a certification at the end?

You receive an askmeidentity Practice certificate of completion that we recognize for our staffing engagements. It is not a vendor-issued certification (no Okta or SailPoint logo) — it is our internal practice signal.

Training · FUNDAMENTALS

Identity, from first principles.

A 24-hour primer on the core IAM domains — directory, access, identity governance, privileged access. The course every IAM career path opens with.

24 h
Fundamentals
8 modules

Enroll in cohortAll training

By the end you will

Explain the IAM lifecycle from joiner to leaver, end-to-end.
Map a SaaS application catalog to access policies and SSO.
Differentiate authentication, authorization, and federation.
Read OIDC / SAML traces and identify common misconfigurations.

Outcomes

What you walk away with.

Explain the IAM lifecycle from joiner to leaver, end-to-end.
Map a SaaS application catalog to access policies and SSO.
Differentiate authentication, authorization, and federation.
Read OIDC / SAML traces and identify common misconfigurations.
Design a basic role model and certification cadence.
Understand the difference between IGA, PAM, CIAM, and zero-trust.

Syllabus

8 modules.

01
Foundations of identity
- Directory services 101 — AD, LDAP, cloud directories
- The identity lifecycle
- Identity vs account vs entitlement
- Common terminology and the regulator landscape
02
Authentication
- Password and credential basics
- MFA — TOTP, push, FIDO2 / passkeys
- OIDC and SAML, side by side
- Session management
03
Authorization
- RBAC, ABAC, and policy-based access
- Role engineering at small and enterprise scale
- Group sprawl and cleanup patterns
04
Identity Governance
- Joiner-mover-leaver workflows
- Access certification cadence
- Segregation of duties
- Audit evidence basics
05
Privileged access
- Privileged surface mapping
- Vaulting fundamentals
- Session brokering
- Just-in-time elevation primer
06
Customer identity
- Why workforce vs customer identity differ
- Sign-up flows and risk-adaptive auth
- B2B organizations
- Open standards: OAuth 2.1, FAPI
07
Zero-trust patterns
- Network-perimeter to identity-aware
- Conditional access and continuous verification
- Identity-aware proxies
08
Bringing it together — a 30-day plan
- How to inventory an existing IAM estate
- How to write your first audit-evidence pipeline
- Career paths in IAM

Prerequisites

Before you start.

A working understanding of enterprise IT (Active Directory, SaaS apps, network basics).
Familiarity with at least one cloud platform — AWS, Azure, or GCP.
No prior IAM platform experience required.

FAQ

Common questions.

Is this course for engineers, security analysts, or compliance professionals?+
All three. We have intentionally built it as a practitioner primer — engineers walk out able to recognize the patterns, security analysts walk out able to map controls, compliance professionals walk out able to audit them.
What format is the course?+
Hybrid: 12 hours of cohort-based live sessions + 12 hours of self-paced labs. Cohorts run quarterly. We cap each cohort at 16 people so the live sessions stay discussion-shaped.
Is there a certification at the end?+
You receive an askmeidentity Practice certificate of completion that we recognize for our staffing engagements. It is not a vendor-issued certification (no Okta or SailPoint logo) — it is our internal practice signal.

Enroll

Ready to start?

Cohorts run quarterly. Submit your application and a training lead will reply within five business days.

Apply for the cohortBrowse all courses

Training · FUNDAMENTALS

Identity, from first principles.

A 24-hour primer on the core IAM domains — directory, access, identity governance, privileged access. The course every IAM career path opens with.

24 h
Fundamentals
8 modules

Enroll in cohortAll training

By the end you will

Explain the IAM lifecycle from joiner to leaver, end-to-end.
Map a SaaS application catalog to access policies and SSO.
Differentiate authentication, authorization, and federation.
Read OIDC / SAML traces and identify common misconfigurations.

Outcomes

What you walk away with.

Explain the IAM lifecycle from joiner to leaver, end-to-end.
Map a SaaS application catalog to access policies and SSO.
Differentiate authentication, authorization, and federation.
Read OIDC / SAML traces and identify common misconfigurations.
Design a basic role model and certification cadence.
Understand the difference between IGA, PAM, CIAM, and zero-trust.

Syllabus

8 modules.

01
Foundations of identity
- Directory services 101 — AD, LDAP, cloud directories
- The identity lifecycle
- Identity vs account vs entitlement
- Common terminology and the regulator landscape
02
Authentication
- Password and credential basics
- MFA — TOTP, push, FIDO2 / passkeys
- OIDC and SAML, side by side
- Session management
03
Authorization
- RBAC, ABAC, and policy-based access
- Role engineering at small and enterprise scale
- Group sprawl and cleanup patterns
04
Identity Governance
- Joiner-mover-leaver workflows
- Access certification cadence
- Segregation of duties
- Audit evidence basics
05
Privileged access
- Privileged surface mapping
- Vaulting fundamentals
- Session brokering
- Just-in-time elevation primer
06
Customer identity
- Why workforce vs customer identity differ
- Sign-up flows and risk-adaptive auth
- B2B organizations
- Open standards: OAuth 2.1, FAPI
07
Zero-trust patterns
- Network-perimeter to identity-aware
- Conditional access and continuous verification
- Identity-aware proxies
08
Bringing it together — a 30-day plan
- How to inventory an existing IAM estate
- How to write your first audit-evidence pipeline
- Career paths in IAM

Prerequisites

Before you start.

A working understanding of enterprise IT (Active Directory, SaaS apps, network basics).
Familiarity with at least one cloud platform — AWS, Azure, or GCP.
No prior IAM platform experience required.

FAQ

Common questions.

Is this course for engineers, security analysts, or compliance professionals?+
All three. We have intentionally built it as a practitioner primer — engineers walk out able to recognize the patterns, security analysts walk out able to map controls, compliance professionals walk out able to audit them.
What format is the course?+
Hybrid: 12 hours of cohort-based live sessions + 12 hours of self-paced labs. Cohorts run quarterly. We cap each cohort at 16 people so the live sessions stay discussion-shaped.
Is there a certification at the end?+
You receive an askmeidentity Practice certificate of completion that we recognize for our staffing engagements. It is not a vendor-issued certification (no Okta or SailPoint logo) — it is our internal practice signal.

Enroll

Ready to start?

Cohorts run quarterly. Submit your application and a training lead will reply within five business days.

Apply for the cohortBrowse all courses

Identity, from first principles.

What you walk away with.

8 modules.

Foundations of identity

Authentication

Authorization

Identity Governance

Privileged access

Customer identity

Zero-trust patterns

Bringing it together — a 30-day plan

Before you start.

Common questions.

Ready to start?

Identity, from first principles.

What you walk away with.

8 modules.

Foundations of identity

Authentication

Authorization

Identity Governance

Privileged access

Customer identity

Zero-trust patterns

Bringing it together — a 30-day plan

Before you start.

Common questions.

Ready to start?