...
Although the list of components is very large, many are disabled by default and not available to show in the user interfaces or to be called by custom applications and developers. As a quick illustration, we can see that the Account component which represents the SQL account table is not available in the API, while the more secure AccountView component is. To be noted, the schema management user interface labels components as RBAC Objects. This is because their is an entry for every table and view, aka “component” in the RBACObject table which is used to display this data. The SQL stored procedures for these components can be seen on the RBAC Object Methods tab.
Core Identity – single entity per human or IoT
Person — core identity can be the owner of other person objects
OrgRoIe — Business Role always assigned in conjunction with an Organizational Location
OrgZone — Organizational Location / Business Context always assigned in conjunction with a Business Role
Polyarchical RBAC — Business Roles and Locations are both hierarchical trees. People are assigned to one or more Business Roles each for a specific Location/Context. This polyarchy dramatically reduces the number of roles and eliminates role bloat
Company — people belong to companies via their Business Role and Location assignments
Personas — person core identity can be linked to multiple sub-person objects which are the professional identities — i.e. have the business information attached
AccountStore – represents a directory or user store
ProtectedApplicationResource – represents an application
Account – user or HR record in an external directory/application
Group – group or application role in an external directory/application
GroupAccount – membership of user records in groups in external directories/applications
...