The Network Identity Manager (NetIDMgr) organizes and manages credentials based on how they identify the user to network services. It is assumed that each credential will uniquely identify the user to a service as a single authentication identity. When using a Kerberos v5 identity the authentication name is the Kerberos principal name.
At it's core, NetIDMgr does not possess any knowledge about specific credentials that might be available to the user or how to manage them. It relies on several types of provider plug-ins to obtain the required information and to carry out credential management tasks. One primary task is to identify and manage identities. These services are provided by a class of plug-ins called identity providers. Information about individual credentials are managed by credential providers. Other plug-in classes may extend the functionality of these plug-ins or extend the functionality of NetIDMgr.
The following topics provider further details: