Resource

Owned by Silvan Grüter
Last updated: 30. Oct 2024 by valentin.buergler
2 min read

Introduction

A resource represents any object in a target system that represents access or a permission. In Active Directory Security Groups or Distribution Groups are viewed as resources. In the context of an SSO Application, a Role Claim can be viewed as a resource. In SAP a Single Role or Sammel Role are viewed as a resource.

A resource therefore always consists of an target systems allocation and a Resource Type . The first identifies the resource in the target system and the second categorises the resource within the CoreOne Suite.

Identities

A resource always has a list of identities that are assigned to the resource. This assignment is called a resource assignment. As any other assignment, this assignment consists of a valid from, a valid to, an assignment reason and other information. Furthermore a resource assignment also contains the identity type and an access level. The first is used to determinate to which identity of an Core Identity the assignment has to be made. The later is used to determinate the type of access to the resource that is granted. In most cases this is simply Member but some systems support different levels. For example on an Exchange Mailbox the access levels can be Full Access, Send on behalf or Send as. An other example can be a Skype for Business Voice Policy. Here customers can configure their own policies which are represented as an access level within the CoreOne Suite.

Resource Nesting

Some systems like Active Directory allow the nesting of resources. This can also be managed by the CoreOne Suite in the same fashion as identity resource assignments. As any other assignment, this assignment consists of a valid from, a valid to, an assignment reason and other information.

Approval Groups

If an identity resource assignment should be restricted by an approval process, you can use the tab Approval Groups tab to add, remove, and configure Approval groups for the resource. Once configured, any future assignment of the resource is thereafter subject to the approval of these groups.

Attributes

Each resource can have a list of attributes depending on the Resource TypeResource Type associated to the resource. Those attributes can then be used in other processes and workflows.

© ITSENSE AG. Alle Rechte vorbehalten. ITSENSE und CoreOne sind eingetragene Marken der ITSENSE AG.