IT Workflow Builder
Build custom IT Ops automations at scale with enterprise-grade security
Shadow AI
Spot Shadow AI and NHIs before the breach
Zero-Touch Provisioning
Automated JML along the identity lifecycle: right access day 1, updated permissions for movers and clean off-boardings
Role-based Access control
Enforce least privilege with Identity Governance to pass any audit
Self-serve Access
Self-serve app store with RBAC & LPAM approval flows
Security audits & reviews
Automated access reviews & time-bound access for ISO 27001 and SOC 2 compliance
Spend management
Manage software & contract lifecycle for optimized IT spend
Finance
Track spend, renewals, and chargebacks
HR
Onboard and offboard employees in one click
IT
Centralize apps and automate access
Security
Enforce least-privilege and streamline audits
Discovery & Observability
Discover and monitor alls software and AI usage
Spot Shadow AI and NHIs before they become a breach
Identity Lifecycle Management
Just-in-time access with Joiner Mover Leaver workflows that just work
RBAC & IGA Policy enforcement
Access control through a smart Identity Governance layer
App store & Access approval flows
Manage Access Requests though self-service & smart approval processes
SaaS Management
Manage SaaS & AI on application, subscription and licence level
Custom IT Ops automations at scale. Describe a task, Corma’s agent can build it.
Limitless AI Automation
Go beyond APIs. Create any actions you need through our Agent Builder and add it to your workflows
Integrations
Connect all your apps in an instant through API or Agent
Changelog
Discover all the new features and much more in our Corma changelog!
Calculator
Estimate your savings with Corma
Community calendar
Join us for live events and demos
FAQs
Answers to your key questions
About us
The team and vision behind Corma
Press
The latest news
Video Center
Watch instead of read
Careers
Join the team
Partners
Leverage Corma for your business
Definitions with examples on the most common terms in IT.
Multi-Factor Authentication (MFA) enhances security by requiring multiple forms of verification before granting access. Discover its importance and implementation.
A passkey is a phishing-resistant credential that replaces passwords using FIDO2 and WebAuthn. Learn how passkeys work and why adoption is accelerating.
Passwordless authentication verifies identity without a password, using biometrics, passkeys, or magic links. Learn how it works and why it matters.
Kerberos is a network authentication protocol using tickets and a trusted KDC. Learn how Kerberos works, where it is used, and how it relates to IAM.
LDAP is a protocol for querying and managing directory services like Active Directory. Learn how LDAP works, where it is used, and how it relates to IAM.
OpenID Connect (OIDC) adds an identity layer on top of OAuth 2.0. Learn how OIDC works, how it compares to SAML, and where it fits in modern SSO.
OAuth 2.0 is the standard for delegated authorization. Learn how OAuth 2.0 works, how it differs from OIDC and SAML, and why it matters for SaaS access.
SCIM automates user provisioning and deprovisioning across apps. Learn how SCIM works, how it differs from SAML, and how Corma extends it to every app.
SAML is an XML standard for exchanging authentication data and enabling SSO. Learn how SAML works, how it differs from SCIM, and where Corma fits in.
Multi-Factor Authentication (MFA) verifies identity with two or more factors. Learn how MFA works, its types, and how it fits IAM compliance with Corma.
Single Sign-On (SSO) lets users access multiple apps with one login. Learn how SSO works, its benefits, and how Corma governs SSO access at scale.
