NIST 800-53 Identification and Authentication Compliance for Private Mendix Platform

Last modified: May 22, 2026

Introduction

Documents in this section provide more information about Private Mendix Platform's compliance with the Identification and Authentication (IA) category of the NIST 800-53 security framework. For each applicable control, we have listed which party (Mendix or the customer) is responsible for which component or aspect.

In general, Mendix is responsible for the Private Mendix Platform, Mendix Operator, Mendix Studio Pro, Mendix Runtime, and so on. Customer responsibilities are related to infra and organization processes. For more information, refer to detailed documentation below.

NIST 800-53 Identification and Authentication Compliance for Private Mendix Platform

Introduction

IA-04 Identifier Management

IA-04 (04) Identifier Management (Identify User Status)

IA-05 (01) Authenticator Management (Password-Based Authentication)

IA-05 (02) Authenticator Management (PKI-Based Authentication)

IA-05 (04) Automated Support for Password Strength Determination

IA-05 (06) Protection Of Authenticators

IA-05 1126 Sensitive Data in Installer

IA-05 1127 Idle session timeout and Configurable Time Limits

IA-06 Authenticator Feedback

IA-07 Authenticator Feedback