Identity management refers to the policies, processes, and technologies that establish user identities and enforce rules about access to digital resources. In a campus setting, many information systems–such as e-mail, learning management systems, library databases, and grid computing applications–require users to authenticate themselves (typically with a username and password). An authorization process then determines which systems an authenticated user is permitted to access. With an enterprise identity management system, rather than having separate credentials for each system, a user can employ a single digital identity to access all resources to which the user is entitled.
In a federated identity model, a member institution’s local identities become federated identities (that is, extended for use across multiple organizations) by using an Identity Provider application. That local identity can then be used across the entire federation to access resources and services. Organizations can choose which digital identities and resources to include in an identity federation. They can also choose which digital identity attributes to use in a federation, as long as those attributes adhere to a common standard published by the federation.
[Source: 7 Things You Should Know About Federated Identity Management 2019]
The landscape of admin rights across academia looks much the same today as it did five years ago. While many institutions still grant admin rights to all employees, no questions asked, others are looking to strengthen their policies.