Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Property

Type

Description

roleType

string
optional

Type of a role, usually denotes a "layer" or "purpose" of the role. Such as "business", "IT", "asset", etc. This field has no special meaning in the IDM computation logic. Its purpose is to organize roles for presentation (GUI) and management. Therefor it is assumed that the values of the roleType will be an enumeration.
Examples: application, business, it, technical, asset

displayName

PolyString
optional

Human-readable name of the role. It may be quite long, container national characters and there is no uniqueness requirement. It is used if the "name" property contains a code that is not entirelly user-friendly.

assignment, inducement

AssignmentType
optional, multi

See Assignment and Assignment vs Inducement.

authorization

AuthorizationType
optional, multi

Set of role authorizations. Authorization define fine-grained access to midPoint objects and system functionality. The authorizations that are defined in a role apply to all users that have this role assigned (such user is a "subject" of the authorizations).
See Authorization

riskLevelstring
optional

Indication of the level of risk associated with the persissions that this role assigns. This may be a numeric value, textual label are any other suitable machine-processable indication.

ownerRefObjectReferenceType
optional

Owner of this role. The owner is a person (or group) that is responsible for maintenance of role definition. This reference may point to object of type UserType of OrgType.

approverRef

ObjectReferenceType

optional, multi

Approvers for this role. The approver is a person (or group) that approves assignment of this role to other users. This reference may point to object of type UserType of OrgType.

conditionMappingType
optional
The role is applied only if the condition is evaluated to true. The condition is used to define conditional roles.
policyConstraintsPolicyConstraintsType
optional

Set of governance, risk management, compliance (GRC) and similar policy constraints that influence the identity model.
(since midPoint 3.1.1)

Full list of items can be found by using the SchemaDoc links above.

See Also