MidPoint 3.5 and later
Full role catalog functionality is available since midPoint 3.5. MidPoint version prior to 3.5 have limited role catalog functionality.
For an introduction to the role catalog concept please see Role Catalog page.
Role Catalog Implementation
Simply speaking, role catalog is just an organizational structure structure. However, instead of divisions and sections the role catalog is composed of categories. And instead of member users there are roles. But apart from that the role catalog is just ordinary organizational structure. The categories are ordinary org objects. The roles are assigned to the categories in exactly the same way as users are assigned to organizational structure. Remember: MidPoint can have any number of organizational structures and the role catalog is just one of them. There may even be several role catalogs at the same time as any midPoint object can be assigned to any number of orgs. However, the current limitation is that only one role catalog will be presented to end users.
Role Catalog Root
The root of this role catalog needs to be configured in the system configuration object like this:
The roleCatalogRef reference above points to the org which is the root of the role catalog.