Base data for managing cloud applications
The following data is relevant for managing a cloud application in One Identity Manager.
- Administrators
In One Identity Manager, you can assign employees to any cloud application, where they can synchronize it with One Identity Manager. There is a default application role for administrators in One Identity Manager. Assign those employees to this application role who are authorized to configure synchronization and run manual provisioning. Create more application roles if required.
For more information, see Administrators.
- Operators
In One Identity Manager, you can assign employees to any cloud application to execute manual provisioning. There is a default application role for operators in One Identity Manager. Create more application roles if required.
For more information, see Operators.
- Auditors
In One Identity Manager, you can assign employees to any cloud application, who can audit provisioning processes in the Web Portal. There is a default application role for auditors in One Identity Manager. Create more application roles if required.
For more information, see Auditors.
- Server
Servers must be informed of your server functionality in order to handle cloud-specific processes in One Identity Manager. For example, the synchronization server.
For more information, see Editing a server.
Administrators
In One Identity Manager, you can assign employees to any cloud application, where they can synchronize it with One Identity Manager. There is a default application role for administrators in One Identity Manager. Assign those employees to this application role who are authorized to configure synchronization and run manual provisioning. Create more application roles if required.
Table 13: Default application role for administrators
Administrators |
Administrators must be assigned to the Universal Cloud Interface | Administrators application role or a child application role.
Users with this application role:
- Manage application roles for the Universal Cloud Interface.
- Set up other application roles as required.
- Configure synchronization in the Synchronization Editor and define the mapping for comparing cloud applications and One Identity Manager.
- Edit cloud application in the Manager.
- Edit pending, manual provisioning processes in the Web Portal and obtain statistics.
- Obtain information about the cloud objects in the Web Portal and the Manager.
|
To initially specify an employee as administrator
- Log in to One Identity Manager as Manager administrator (Base role | Administrators)
- Select the One Identity Manager Administration | Universal Cloud Interface | Administrators category.
- Select the Assign employees task.
- Assign the employee you want and save the changes.
To edit administrators
- Select the Universal Cloud Interface | Basic configuration data | Universal Cloud Interface Managers | Administrators category.
- Select the Change master data task.
- OR -
Select an application role in the result list. Select the Change master data task.
- OR -
Click in the result list.
- Edit the application role's master data.
- Enter the application role name and assign the Universal Cloud Interface | Administrators parent application role or a child application role.
- Save the changes.
- Select the task Assign employees to assign members to the application role.
-
In the Add assignments pane, add employees.
TIP: In the Remove assignments pane, you can remove assigned employees.
To remove an assignment
- Select the employee and double-click .
- Save the changes.
For detailed information about setting up application roles, see the One Identity Manager Authorization and Authentication Guide.
Related topics
Operators
In One Identity Manager, you can assign employees to any cloud application to execute manual provisioning. There is a default application role for operators in One Identity Manager. Create more application roles if required.
Table 14: Default application role for operators
Operators |
Operators must be assigned to the Universal Cloud Interface | Operators application role or a child application role.
Users with this application role:
- Edit pending, manual provisioning processes in the Web Portal and obtain statistics.
|
TIP: If you want to limit access permissions for operators to individual cloud application, define child application roles for each cloud application.
To specify operators
- Login to the Universal Cloud Interface with the Manager | Administrators application role.
- Select the Universal Cloud Interface | Basic configuration data | Cloud applications category.
- Select the cloud application in the result list.
-
Select the Change master data task.
- On the General tab, select the application role in the Operators menu.
- OR -
Next to the Operators menu, click on to create a new application role.
- Enter the application role name and assign the Universal Cloud Interface | Operators parent application role.
- Click OK to add the new application role.
- Save the changes.
- Assign employees to this application role who are permitted to edit the cloud application in One Identity Manager.
NOTE: You can also specify operators for individual containers Operators of a container are authorized to edit manual provisioning processes. Specify operators for containers in the Universal Cloud Interface | <cloud application> | Container structure category.
To add employees to an application role
- Login to the Universal Cloud Interface with the Manager | Administrators application role.
- Select the Assign employees task.
- Assign the employees you want and save the changes.
Related topics
Auditors
In One Identity Manager, you can assign employees to any cloud application, who can audit provisioning processes in the Web Portal. There is a default application role for auditors in One Identity Manager. Create more application roles if required.
Table 15: Default application role for auditors
Auditors |
Auditors must be assigned to the Universal Cloud Interface | Auditors application role or a child application role.
Users with this application role:
- Can view manual provisioning processes in the Web Portal and obtain statistics.
|
To specify auditors
- Login to the Universal Cloud Interface with the Manager | Administrators application role.
- Select the Universal Cloud Interface | Basic configuration data | Universal Cloud Interface Managers | Auditors category.
- Select the Change master data task.
- OR -
Select an application role in the result list. Select the Change master data task.
- OR -
Click in the result list.
- Edit the application role's master data.
- Enter the application role name and assign the parent Universal Cloud Interface | Auditors application role or a child application role.
- Save the changes.
- Select the task Assign employees to assign members to the application role.
-
In the Add assignments pane, add employees.
TIP: In the Remove assignments pane, you can remove assigned employees.
To remove an assignment
- Select the employee and double-click .
- Save the changes.
Related topics