What Is an Identity Graph?
An identity graph is a data structure that represents identities, the accounts, credentials, and roles tied to them, and the relationships between them, as connected nodes rather than as separate, siloed records. Instead of a spreadsheet row per account per system, a graph can represent that the same person owns three accounts across two systems, that one of those accounts belongs to a group granting access to a fourth system, and that a service account inherits from a role two hops away.
The value of a graph structure specifically is that identity risk is frequently relational, not just individual: a single account with moderate permissions isn’t the real story if it sits one hop away from a highly privileged group through nested membership. A flat list of accounts can’t represent that relationship; a graph can traverse it directly.
Building an identity graph is straightforward once data from every system is normalized into a common shape. The harder problem is correlation: recognizing that "jsmith" in the directory, "j.smith.svc" in the database, and "smith_j" in a legacy mainframe system are all connected to the same underlying identity, when none of those systems use a shared identifier. Correlation quality is what separates a genuinely useful identity graph from a large but disconnected pile of records.