Introduction
Many organizations face complex challenges in access management. As organizations grow, they encounter more tools, higher employee turnover, and increasingly decentralized working structures, all of which amplify these challenges. One effective strategy to address these issues is to involve business owners and data owners in the access management process. The CoreOne Suite Organization Unit Permission Manager is a powerful tool designed to facilitate this approach.
Assigning a role to a Core Identity within the context of an organization unit grants the user the following permissions.
This role is intended to work with roles based on the catlog logic. The role is not intended to work with resources.
Data Access Permissions
Entity | Permission | Context | Description |
---|---|---|---|
Core Identity | Read | The assigned organization unit and organization units below | Read Core Identities who have a valid employment to the organization unit assigned in the context (or below). |
Roles | Read | None | Read roles who he has the assign right to and the employee has receive rights to (via catalog logic) |
Role Assignments | Create / Read / Update / Delete | None | He can create, update, read and delete role assignments for those Core Identities, based on the catalog logic. That means, he won't see role assignments of roles, where he does not have the assign rights to. |
Organization Unit | Read | None | He can read the organization unit of the context |
View Permissions
View | Description |
---|---|
My CoWorkers | Gives view access to the My CoWorkers view |
Core Identity Detail Page | Can see the details of the Core Identity and the following tabs |
Assignment Tab - Roles | Lists all role assignments of the Core Identity |
Assignment Tab - Roles - Create | Add new role assignments based on the catalog logi |
Assignment Tab - Roles - Role Assignment Detail | Can view the details of the role assignment |