/
Onboard Management Role

Onboard Management Role

 

  • Name- Provide a unique and descriptive identifier for the Management Role

  • Display Name- Please provide a user-friendly label that appears in the application's user interface representing the Management Role.

  • Management Role Type - Choose the appropriate management role type.

  • Management Role Definition - Select the management role definition for the management role.

  • Select a Location - Select a location in EmpowerID for the application. This location is for RBAC delegation only. If there is a location selected by default and you wish to change it, click the link for the location and then search for and select the desired location from the Location tree.

  • Description - Provide a brief explanation of the Management Role.

image-20250116-135810.png

 

  • Responsible Party- Search for and select the responsible party for the management role.

  • Owners– Search for and select the role owner. You can assign multiple people to the owner.

  • Deputies – Search for and select one or more management role deputies.

 

image-20250116-140333.png


 

 

 

The Requestable in IAM Shop specifies whether the application is requestable in the IAM Shop. When selected, the following settings are relevant:

  • Select Access Request Policy – Please choose the Access Request policy to apply in handling requests for the management role.

  • Select Assignees – Search for and select eligible users for the management role. Users must have one of the below eligibility assignments to view the management role in the IAM Shop.

    • Eligible Assignees – Choose the type (Person, Group, SetGroup, Management Role, Business Role, and Location), then search for and select the specific assignees eligible for the management role.

    • Preapproved Assignees – Choose the type (Person, Group, SetGroup, Management Role, Business Role, and Location), then search for and select the specific assignees pre-approved for the management role.

    • Suggested Assignees – Choose the type (Person, Group, SetGroup, Management Role, Business Role, and Location), then search for and select the specific assignees suggested for the management role.

When a user is assigned to a specific RBAC management role, they gain permissions and capabilities aligned with that role's defined responsibilities. RBAC assigned membership can be configured based on People, Setgroups, Groups, Management Roles, or Business Roles and Locations, allowing for tailored access control that matches organizational structures and operational requirements. This flexibility ensures users have the appropriate access to perform their duties securely and efficiently.

  • Choose the Type (Person, Group, SetGroup, Management Role, Business Role, and Location), then search for and select the specific assignees eligible for the management role.

  • Select Preview the list of people that will receive membership due to these RBAC membership assignments to view the

 

 

 

You can add existing groups as members of the management role you are creating. Once the management role is created, the groups you select will be added to the management role by default.

  • Type the Name of the Group and Click on Search

  • Select the Group (s) to add as members into the management role.

 

 

When you create a new management role, you have the option to include other management roles. These selected roles will automatically be added to the newly created management role.

 

Before proceeding, it is recommended that you review the summary information. For your convenience, the summary is organized into multiple tabs, allowing you to verify that the correct inputs have been provided to create the necessary management roles.