...
The protected resources themselves can be a wide variety of different types of objects ranging from accounts, groups, computers, to Azure subscriptions, SharePoint Online Site Collections, and many other types. Each of these protected resources is inserted as a record into the Resource table in the Identity Warehouse and assigned a unique value for its ResourceID and ResourceGUID. The ResourceGUID is most often the actual unique identifier of the object in its external system if available in GUID format. From now on, we’ll refer to protected resources simply as resources to align with EmpowerID component terminology. Also, important to note is that each resource record is assigned a ResourceTypeID which defines the type of resource or object. EmpowerID maintains a ResourceType record as a definition of the types of protected resources it can manage and secure. The Resource Type of a resource become becomes important later when we discuss the inventory of permissions for resources and managing who has what level of access to view and manage these resources using EmowerID.
selected object types and their information from the systems a customer desires to manage.
the user account objects from these “external” or “managed” systems into the Account table. From here on out we'll refer to them simply as Accounts in order to avoid confusion and avoid the terms user accounts or user. Accounts are users from external systems and Person objects are the primary identity or user object for the EmpowerID system. External systems containing user accounts are known as “Account Stores” in EmpowerID terminology and will be referred to as such going forwardEmpowerID.
One question some of you might be asking yourself is “how does EmpowerID store any useful data about such a wide variety of different types of resources in a single Resource table.” The answer is that it doesn’t. As we mentioned in a previous module, the Identity Warehouse contains over 1,200 tables. There exists a table for each resource type to hold the valuable information pertaining to that type of resource. Entries in these tables will always have a pointer back the ResourceID and ResourceGUID of their resource record. Having a unique table per resource type allows a richer user experience when viewing the information about these resources and when managing them.
1 Source: Bago (Editor) E. & Glazer I., (2021) “Introduction to Identity - Part 1: Admin-time (v2)”, IDPro Body of Knowledge 1(5).
...