2.5 Identity Management

Using Identity Management, administrators can manage fine-grained and coarse-grained entitlements. Coarse-grained entitlements consist of fewer functions than fine-grained entitlements. Authorizers can authorize the entitlement mappings.

The various components of Identity Management are:

• Users: A user is a person who has access to Admin Console and can perform specific actions based on the user group or groups they are mapped to. Before you can map a user to a user group, your Administrator must have created and authorized the user. After the user is authorized, they are added in the Users Summary. Click Users to access the Users Summary page.
• Groups: Groups are a set of users who can perform specific activities. For example, the administrator role performs administrative activities. Any user who belongs to a specific user group can access the roles mapped to that user group.

  To add a user group, click Add in the Groups tile. Click Groups to view the list of user groups in Groups Summary.

• Roles: Roles are a set of functions grouped together and having specific privileges. Any user who belongs to a specific role can access functions mapped to that role. Click Add to add a role or click Roles to view the list of roles in Roles Summary.

  To add a user role, click Add in the Roles tile. Click Roles to view the list of user groups in Roles Summary.

• Folders: Folders are used to control access rights on defined list of objects. They are mapped to a specific Information Domain. Click Folders to view the list of folders and edit the access rights in Folders Summary.
• Functions: Functions enable users to perform a specific activity. Any user who belongs to a specific function can access the folders mapped to the function. Click Functions to view the list of functions in Functions Summary.

Note:

Only those user groups and roles which are authorized are displayed in the Groups Summary page and Roles Summary page, respectively.