Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

aIntroduction

Many organizations face complex challenges in access management. As organizations grow, they encounter more tools, higher employee turnover, and increasingly decentralized working structures, all of which amplify these challenges. One effective strategy to address these issues is to involve business owners and data owners in the access management process. The CoreOne Suite Organization Unit Permission Manager is a powerful tool designed to facilitate this approach.

Assigning a role to a Core Identity within the context of an organization unit grants the user the following permissions.

This role is intended to work with roles based on the catalog logic. The role is not intended to work with resources.

Data Access Permissions

Entity

Permission

Context

Description

Core Identity

Read

The assigned organization unit and organization units below

Read Core Identities who have a valid employment to the organization unit assigned in the context (or below).

Roles

Read

None

Read roles who he has the assign right to and the employee has receive rights to (via catalog logic)

Role Assignments

Create / Read / Update / Delete

None

He can create, update, read and delete role assignments for those Core Identities, based on the catalog logic.

That means, he won't see role assignments of roles, where he does not have the assign rights to.

Organization Unit

Read

None

He can read the organization unit of the context

View Permissions

View

Description

My CoWorkers

Gives view access to the My CoWorkers view

Core Identity Detail Page

Can see the details of the Core Identity and the following tabs

Assignment Tab - Roles

Lists all role assignments of the Core Identity

Assignment Tab - Roles - Create

Add new role assignments based on the catalog logi

Assignment Tab - Roles - Role Assignment Detail

Can view the details of the role assignment

  • No labels