Powered by Algolia

    Managing resources

    In OpenIAM, Resources serve as entitlements, similar to Roles and Groups. They define access to various system components and are an integral part of access control.

    Types of resources

    The following types of resources are relevant in OpenIAM:

    • Managed System
    • Manual Managed System
    • Authentication Provider

    Unlike Groups and Roles, these resource types are not manually created through Access Control > Resources > Create New Resource. Instead, OpenIAM automatically generates them when creating corresponding objects, such as an Authentication Provider, Managed System, or Manual Managed System.

    Resource entitlements

    While it is technically possible to assign a resource directly to a user in the User Entitlements > Resources section, this practice is discouraged. OpenIAM follows the Role-Based Access Control (RBAC) model, and direct entitlements should be avoided whenever possible.

    That said, the User Entitlements > Resources section provides visibility into the resources a user is entitled to.

    Resource ownership and administration

    The Resource Editing template includes two important fields:

    • Resource Owner – A user or group responsible for owning the resource.
    • Resource Admin – A user or group responsible for administering the resource.

    These fields are crucial in defining request and approval workflows in SelfService.

    Resource Editing

    For a user to request access to a resource via SelfService, an approver association must be configured to establish the appropriate workflow. More details on this process can be found in the Requests tutorial.

    Previous
    Metadata types
    Next
    Managing organizations