Identities and Accounts

Who this is for

Admins, security teams, and developers modeling people across systems.

Goal

Understand how Owlie separates identities from external accounts and why it matters.

Prereqs

/fundamentals/glossary

Success criteria

You can describe how identities map to accounts and how correlation works.

Concept

An identity represents a person or service account in Owlie. An account represents that identity’s profile in an external system such as Okta, Entra ID, or Google Workspace.

How Owlie models it

A single identity can have multiple accounts across systems.
Identities carry core profile fields such as display name, email, status, and manager.
Accounts carry external identifiers and are linked to identities after ingestion.

What’s different vs typical IGA

Owlie treats identities as the canonical object and links accounts after ingestion.
Correlation is explicit and should be validated early in every deployment.

What Owlie does not do

Automatic identity merging without administrator review.

Example

An engineer has an Okta account and a Google Workspace account. Owlie links both to one identity so access requests and audits are unified.

Troubleshooting

If you see duplicate identities for the same person, review correlation rules and resolve merges before continuing. See /troubleshooting/ingestion-correlation.

Next steps

/fundamentals/entitlements-roles
/implement/setup/first-connector
/troubleshooting/ingestion-correlation

Who this is for​

Goal​

Prereqs​

Success criteria​

Concept​

How Owlie models it​

What’s different vs typical IGA​

What Owlie does not do​

Example​

Troubleshooting​

Next steps​