1. Administration and Configuration Guide
  2. User Access and Permissioning Management
  3. Mapping User Groups
  4. User Groups

2.1.1 User Groups

Table 2-1 User Groups

User Group Description
IDNTYADMN Identity Administrator group
IDNTYAUTH Identity Authorizer group
MDLREV The Modeling Reviewer Group.

Users mapped to this group have access to the menu items in the application that are related to model review activities
MDLAPPR The Modeling Approver Group.

Users mapped to this group have the rights to approve models created by the users.
MDLBATCHUSR The Modeling Batch User. Scheduler can use this Group for executing batches.
WKSPADMIN The Workspace Administrator Group.

Users mapped to this group have access to create and populate workspaces. For viewing the landing page this group is required.
MDLUSR The Modeling User Group.

Users mapped to this group have access to all the menu items in the application that is related to model creation.
DSUSRGRP Data Studio User Group

This User Group provide access to modify Interpreter configurations.
GRPADMIN The Graph Administrator Group

Users mapped to this group have access to all the menu items in the application related to graph as well as Pipeline/Refresh graphs related health services.
GRPUSR The Graph User Group

Users mapped to this group have access to all the menu items in the application related to graph as well as Pipeline/Refresh graphs related health services.
DSREDACTGRP Roles for applying redaction in graph. This group will be applicable to only those users for whom graph redaction is required.

Note: This group has to be created manually in AAI and map it to the users.

ERADMIN Entity resolution admin group.

Note: This group has to be created manually in AAI and map it to the users.

ERUSER Entity resolution user group.

Note:This group has to be created manually in AAI and map it to the users.

Note:

  • At the first-time login, User Group mappings are initialized from AAI/IDCS for the newly provisioned users. These will be reflected in OFS CS Admin Console in next OFSC CS login.
  • If User Group mappings are deleted in AAI/IDCS, it would not delete in OFS CS Admin Console. Admin needs to delete this in OFS CS Identity screens too.
  • Only the group with MDLSUMM role will be displayed in the Workspace provisioning steps.

    MDLSUMM function is mapped to the MDLACCESS role.