Versions Compared

Old Version 3

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version 4

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

One of the key concepts to understanding EmpowerID is its Identity Warehouse, sometimes known as the Identity and Entitlement Warehouse. This The Identity Warehouse is the primary central database of EmpowerID that stores all major primary data, including configuration and policies, major significant EmpowerID objects like Person and Roles, inbox and outbox queues used to stage detected changes and outbound changes between EmpowerID and managed systems, as well as the tables holding the inventoried objects and their data from external managed systems . External external to EmpowerID. EmpowerID refers to these external managed systems are referred to as Account Stores and Resource Systems in EmpowerID terminology.

High-Level Stats for the Identity Warehouse:

  • >1,200 tables

  • >700 views

  • >20,000 stored procedures

It is not essential to learn the specifics of these tables, views, and stored procedures as most are used for internal purposesuse. Key views and stored procedures used by the user interfaces can be identified by hitting pressing F12 in your browser and viewing what is being called on the network tab.

EmpowerID “Components”

When working with EmpowerID or its support staff, a key term you will encounter is the EmpowerID “Components“EmpowerID Components.” The These components are how EmpowerID exposes the Identity Warehouse tables, views, and stored procedures are exposed of the Identity Warehouse for use in the API. All major SQL tables and views are created as programmable objects against which the user interface acts to retrieve and view present their data and , workflows, and code act to create, update, or delete themto allow CRUD operations to be performed. All of the columns in SQL for a table or view become properties of its corresponding programmable component object. Therefore, extending the schema is referred to as extending the components by adding to them new “virtual” properties or methods. We’ll talk about extending the schema in more depth in a later training module.

Although the list of components is extensive, many are disabled by default and not available to show in the user interfaces or be called by custom applications and developers. As a quick illustration, we can see that the Account component, which represents the SQL account table, is not available in the API, while the more secure AccountView component is. To be noted, the schema management user interface labels components as RBAC Objects. This is because there is an entry for every table and view, aka “component” in the RBACObject table, used to display this data. The SQL stored procedures for these components can be seen on the RBAC Object Methods tab.

https://youtu.be/GosLFTXY5Is

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue

Info

Key Takeaways:

  1. EmpowerID is built on what is called an Identity and Entitlement Warehouse

  2. The Identity and Entitlement Warehouse is a highly relational database storing configuration, EmpowerID IAM objects, and objects inventoried from external managed systems.

  3. Tables and views are made into programmable objects with an API called components.

  4. Views have built-in security and data filtering and are, therefore, what is usually exposed in the user interfaces.

  5. Components are also known as RBAC Objects and can be made accessible or inaccessible via API by checking a checkbox.

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue

Easy html macro
theme{"label":"solarized_dark","value":"solarized_dark"}
contentByMode{"html":"<!doctype html>\r\n<head>\r\n<link href=\"https://cdn.jsdelivr.net/npm/bootstrap@5.1.0/dist/css/bootstrap.min.css\" rel=\"stylesheet\" integrity=\"sha384-KyZXEAg3QhqLMpG8r+8fhAXLRk2vvoC2f3B09zVXn8CA5QIVfZOJ3BCsw2P0p/We\" crossorigin=\"anonymous\">\r\n</head>\r\n\r\n\r\n<nav aria-label=\"...\">\r\n <ul class=\"pagination justify-content-center overflow-hidden\">\r\n <li class=\"page-item\">\r\n <a class=\"page-link\" href=\"https://dotnetworkflow.jira.com/wiki/spaces/EIDIGACore/pages/2387739923/Licensed+Modules\" tab-index=\"-1\"> &laquo;&nbsp;&nbsp; Previous</a></li>\r\n <li class=\"page-item active\" aria-current=\"page\">\r\n <span class=\"page-link\">Current</span>\r\n </li>\r\n <li class=\"page-item\">\r\n <a class=\"page-link\" href=\"https://dotnetworkflow.jira.com/wiki/spaces/EIDIGACore/pages/2387739956/Person+Versus+Account\" target=\"_top\"> Next&nbsp;&nbsp; &raquo;</a></li>\r\n </ul>\r\n</nav>","javascript":"","css":""}