# Identity and Access Management Identity and Access Management (IAM) is a framework of policies and technologies used to ensure that the right users (or entities) have the appropriate access to space.vars.ionos\_cloud resources. It helps you to control your resources securely and authenticate and authorize access users to use resources and your space.vars.ionos\_cloud account. ## Identity management When you create an account with space.vars.ionos\_cloud, you become the contract owner and can access your account using your username and password. To begin with, you login with a sign-in identity and will have access to all the services and resources associated with the account. Ensure that your contract owner credentials are safe. Next, from your contract owner account, you can set up other users and assign them the roles and resources they need. For example, administrators can have additional permissions, whereas sub-users can have limited permissions. ## Access management Once you create sub-users, they can log in to the space.vars.ionos\_cloud account using their credentials. The credentials are validated before authorizing access to the resources and privileges associated with the respective user account. By managing identities and their access privileges, IAM helps protect sensitive data and systems, reducing the risk of unauthorized access. You can control who can access specific resources and ensure compliance with security standards and regulations for your organization. ## Access permissions To access **Identity & Access Management** features, select **Menu** > **Management** on the top navigation menu of the DCD. You will see the following features in the drop-down menu: {% hint style="info" %} **Note:** The features are subject to access levels based on the user's role. {% endhint %} | **Menu item** | **Contract Owner** | **Administrator** | **User** | | ------------------------------------------------------------------------------------------------------------------------------------------------- | :----------------: | :---------------: | :-------------: | | [Users & Groups](/cloud/set-up-ionos-cloud/management/identity-access-management/user-management.md) | + | + | | | [Password Policy](/cloud/set-up-ionos-cloud/management/identity-access-management/password-policy-management.md) | + | + | + *(read-only)* | | [Token Manager](/cloud/set-up-ionos-cloud/management/identity-access-management/token-manager.md) | + | + | + | | [IAM Federation](/cloud/set-up-ionos-cloud/management/identity-access-management/iam-federation.md) | + | + | + | ## Quick Links
Users & GroupsSet user privileges; limit or extend access to chosen roles./pages/9fn1cmTIzNYGaO24oU8L
Password PolicyCreate and manage password policy to secure user accounts./pages/dm1pAO8B58uhZ0DiVnKE
Token ManagerCreate, manage, and delete an authentication token using the API/SDK Authentication Token Manager./pages/R6Ucezd9ZlydRLmsccrl
IAM FederationOnboard the organization Identity Provider (IDP) to log in to the DCD using their organization credentials./pages/f4pLDQqbMldCfRi6oIRo
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.ionos.com/cloud/set-up-ionos-cloud/management/identity-access-management.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.