- 15 May 2024
- 1 Minute to read
- Print
- DarkLight
- PDF
Create a Static Role
- Updated on 15 May 2024
- 1 Minute to read
- Print
- DarkLight
- PDF
In a Static Role, an admin must manually add the users to a role. Both adding and removing the user from the role must be done by Admin.
Navigate to Roles from the menu.
Click Add Role. The Add Role screen appears.
Role Name: Specify the Role Name.
Role Type: Select Static from the drop-down.
Role-based Menu:
Yes -A role cannot be mapped to any SSO/IGA applications for authorization.
No - A role can be mapped to any of the SSO/IGA applications for authorization.
Click Add. A “Role added successfully” confirmation message is displayed.
Click Close.
Configure a Static Role
Once the role is added, search and select the role.
Role Details is the default screen.
Role Name: You can edit the existing role name.
Role Description: Provide the role explanation like what the role consists of.
Role Members
Navigate to Role Members and then click Add Role Member.
Search the user and select from the results that appeared.
Check Trigger Provisioning if you want selected users to have access to applications that the role is authorized to.
Click Add and Save.
Applications
Navigate to Applications.
It shows the list of applications associated with the role.
You can select the applications(single or multiple) that are entitled to this role.
Information:
If the role includes entitlements for an application and the user does not have an account in that application, then create the account along with the entitlements.
If the role includes entitlements for an application and the user already has an account in that application, then only add the entitlements to the user.
If the new role has certain entitlements already added to the user from another role, skip/ignore the existing entitlements and do not send the request to the agent for those entitlements.
Remove Users from a Static Role
Search and select the role. Click View/Edit.
Click Role Members.
Select the users from the list and then click Remove Role Member.
The pop-up appears to choose an option:
Suspend Access – Suspends user access to any application that the role has been authorized to.
Delete Access – Deletes user access to any application for which a role has been authorized.
Mark Account as Orphan – The user account will be turned into an Orphan Account.
Choose the appropriate option and then click Remove.
Once removed, it shows a success message.