User provisioning and Account provisioning are same terms and are interchangeably used.
Provisioning can be thought of as
1. The process of granting, changing, or removing user access to systems, applications and databases based on a unique user identity by creation of user accounts on target systems.
2. The process of providing customers or clients with accounts, the appropriate access to those accounts, all the rights associated with those accounts, and all of the resources necessary to manage the accounts.
Types of provisioning include:
1. Automated provisioning – Detecting new user record from the Authoritative Source or HR System and automatically provisioning those users with appropriate access on target applications.
2. Self-service provisioning – allows users to update their profile data and request an account or request an entitlement and manage their own passwords.
3. Workflow-based provisioning – gathers the required approvals from the designated approvers before granting a user access to an application or data.
A provisioning system must, in general, include some or all of the following components:
1. Connectors, to read information about users from integrated systems and applications and to send updates (e.g., create new user, delete user, modify user information) back to those systems and applications.
2. Internal database that tracks user objects and other data from integrated systems and applications.
3. Auto-discovery system, which populates the internal database using the connectors.
4. User interface where users can review the contents of the internal database, make change requests, approve or reject proposed changes, etc.
5. Workflow engine, used primarily to invite users to review and either approve or reject changes.
6. Policy engine, which evaluates both current user information and proposed changes to see if they meet corporate rules and regulations.
7. Reporting engine, which helps organizations extract information from the internal database.