Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1

Introduction

A resource represents any object in a target system that represents access or a permission. In Active Directory Security Groups or Distribution Groups are viewed as resources. In the context of an SSO Application, a Role Claim can be viewed as a resource. In SAP a Single Role or Sammel Role are viewed as a resource.

A resource therefore always consists of an target systems allocation and a Resource Type . The first identifies the resource in the target system and the second categorises the resource within the CoreOne Suite.

Identities

A resource always has a list of identities that are assigned to the resource. This assignment is called a resource assignment. As any other assignment, this assignment consists of a valid from, a valid to, an assignment reason and other information. Furthermore a resource assignment also contains the identity type and an access level. The first is used to determinate to which identity of an Core Identity the assignment has to be made. The later is used to determinate the type of access to the resource that is granted. In most cases this is simply Member but some systems support different levels. For example on an Exchange Mailbox the access levels can be Full Access, Send on behalf or Send as. An other example can be a Skype for Business Voice Policy. Here customers can configure their own policies which are represented as an access level within the CoreOne Suite.

Resource Nesting

Some systems like Active Directory allow the nesting of resources. This can also be managed by the CoreOne Suite in the same fashion as identity resource assignments. As any other assignment, this assignment consists of a valid from, a valid to, an assignment reason and other information.

Approval Groups

If there is a need for an identity resource assignment to be be approved by anyone, you can configure an approval group for the specific resource. You can simply add a group and choose if anyone of the group, or just someone of the group needs to approve the assignment. Any subsequent assignment to the resource is the subject to the approval.

Attributes

Each resource can have a list of attributes depending on the Resource TypeResource Type associated to the resource. Those attributes can then be used in other processes and workflows.

  • No labels

© ITSENSE AG. Alle Rechte vorbehalten. ITSENSE und CoreOne sind eingetragene Marken der ITSENSE AG.