MidPoint has several built-in object types such as roles, orgs, and services. Those object types may look innocent at the first sight. They look like ordinary concepts that almost any other IDM system has. But there is much more under the surface. Roles, orgs, and services can act as a smart replacement for generic objects. Roles, orgs, and services can be used to model a broad variety of object types: job categories, titles, projects, teams, responsibilities, locations, policy categories, devices, ...
Subtype is a schema property that can be used to distinguish those data types. It is simple, multi-valued property. Currently, there is just a very little logic associated with subtype. E.g. object template can be applied on per-subtype-basis. However, as many midPoint mechanisms use search filters, subtype can be very useful. E.g. subtype can be easily used in authorizations, global policy rules and so on.
Subtypes are completely in hand of the deployer, therefore they can be designed and customized as needed. Future midPoint versions will evolve the concept of subtype even further with Archetypes and Object Collections and Views.
Subtypes and Metaroles
Subtype is a simple schema property. The purpose of subtype is to be able to quickly look for objects of a particular type. Therefore it has to be simple to be efficiently indexed and processed even in big midPoint deployments.
This also means that subtype alone cannot define all the complexities of behavior set for individual object types. Therefore subtype is often combined with metaroles. Metaroles are a very efficient mechanism to specify common behavior and policies for groups of objects.