To create or edit an admin role, you must be assigned the Admin Role Administrator capability.
To access admin roles in the Administrator interface, click Security, and then click the Admin Roles tab. The Admin Roles list page allows you to create, edit, and delete admin roles for Identity Manager users and for service provider users.
To edit an existing admin role, click a name in the list. Click New to create an admin role. Identity Manager displays the Create Admin Role options (illustrated in Figure 6–3). The Create Admin Role view presents four tabs that you use to specify the general attributes, capabilities, and scope of the new admin role, as well as assignments of the role to users.