Chat now with support
Chat with Support

Identity Manager 9.3 - Authorization and Authentication Guide

About this guide One Identity Manager application roles Granting One Identity Manager schema permissions through permissions groups Managing permissions to program functions One Identity Manager authentication modules OAuth 2.0/OpenID Connect authentication Multi-factor authentication in One Identity Manager Granular permissions for the SQL Server and database Installing One Identity Redistributable Secure Token Server Preventing blind SQL injection Program functions for starting the One Identity Manager tools Minimum access levels of One Identity Manager tools

Assigning permissions for Web API methods

You can assign API methods for HTML5 applications to permissions groups. The permissions group users have permission to run API methods.

To grant permissions for Web API methods

  1. In the Designer, select the Permissions > Permissions groups category.

  2. Select the permissions group you want to copy and start the User & Permissions Group Editor with the Edit permissions group task.

  3. Select the Permissions groups > Assign Web API methods menu.

  4. Select the API methods to assign to the permissions group and click OK.

  5. Select the Database > Save to database and click Save.

For more information about API methods, see the One Identity Manager API Development Guide.

Managing permissions to program functions

Program functions are part of the permission model in One Identity Manager. They allow you to enable and disable functionality. Program functions are not assigned to single users but to permissions groups. The set of program functions defined for a user is determined by their permissions groups and the program functions contained in them.

One Identity Manager tools can only be started if the user has the relevant program function permissions. Furthermore, some functions in the One Identity Manager tools are available only if the program functions are assigned to the current user. This includes data export from the Manager, calling the SQL Editor in the Designer or showing DBQueue Processor information in all programs, as examples.

Detailed information about this topic

Displaying the current user's program functions

In One Identity Manager tools, you can display the program functions of the currently logged on user.

To identify the program functions available to the current user:

  • To display user information, double-click the icon in the program status bar

    The Program functions tab shows the program functions that are available.

Assigning program functions to permissions groups

Assign program functions to permissions groups. The user of these permissions groups can apply the program functions.

To assign a program function to permissions groups

  1. In the Designer, select the Permissions > Program functions category.

  2. Select the View > Select table relations menu item and enable the DialogGroupHasFeature table.

  3. In the List Editor, select the program function.

  4. Assign the permissions group in the Permissions groups edit view.

  5. Select the Database > Save to database and click Save.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating