IAM

Identity & access

Who may sign in, what they may do, and how sign-in stays aligned with state IT policy.

In the live application this area is reached at /iam. Day-to-day screens require sign-in; this page is a public overview for stakeholders and partner agencies.

What this engine covers

Identity and access is the front door for agency staff and for contractors using the public portal. CORE uses Microsoft Entra ID (Azure AD) for workforce single sign-on and multifactor authentication, then applies clear permission rules inside the system so licensing, finance, enforcement, and other areas each see only what their role requires—without rebuilding sign-in in every screen.

Microsoft Entra sign-on: Staff and portal users sign in through your enterprise identity provider, with MFA where your agency requires it.
Role-based access: Broad directory groups map to application permissions so supervisors can review who can do what.
Account lifecycle: User records stay tied to the right person or business as people join, move, or leave.
Security oversight: Controls and audit-friendly patterns support least-privilege reviews without scattering identity settings across the product.

Other engines

Explore another engine.

Engines as modules. Each CORE engine is structured as its own module so it can mature, scale, and release on a timeline suited to its workload, without dragging every other engine along. Its data may live in the shared CORE database with strict separation from other engines, or in a dedicated database when your agency needs stronger isolation—using the same supported integration patterns either way.