Managing organizations
In OpenIAM, Organizations are another form of user entitlement, similar to Roles and Groups. However, unlike Roles and Groups, users cannot request access to an organization. Instead, access is typically assigned through an HR system or other external sources.
Creating organization types
Before creating an organization, you must first define an Organization Type. This allows organizations to be categorized appropriately.
To create a new organization type:
- Navigate to Access Control > Organization Types.
- Click New Organization Type in the side menu.
You will see the following template:
Fill in the required fields and click Save. You can create as many organization types as needed.
Creating a new organization
To create a new organization:
- Log in to WebConsole.
- Go to Access Control > Organizations.
- Click Create New Organization in the side menu.
The organization creation template looks as follows:
Organization fields and descriptions
| Field Name | Description |
|---|---|
| Organization Name | The official name of the organization in OpenIAM. |
| Abbreviation | (Optional) Abbreviation used for business purposes. |
| Symbol | (Optional) Symbol representing the organization. |
| Description | (Optional) Additional information about the organization. |
| Metadata Type | Defaults to Organization Type. Note: It is a Metadata Type, not organization type itself. |
| Internal Organization ID | (Optional) Organization-specific ID or code. |
| Organization Type | The specific type of organization being created (selected from a dropdown). |
| Password Policy | Select the applicable password policy (default is Default Password Policy). |
| Organization Certifier | The designated reviewer for Access certification. |
| Alias | (Optional) Additional business-related identifier. |
| Domain Name | (Optional) Business-related domain name. |
| LDAP | (Optional) LDAP-related identifier. |
After completing the required fields, click Save to create the organization.
Updating an existing organization
To update an existing organization:
- Follow the same steps as above.
- Select Edit Organization instead of Create New Organization.
- Modify the necessary fields and save the changes.
Organization hierarchy
Organizations in OpenIAM follow a hierarchical structure, commonly organized as:
- Organization > Division > Department
- University > Campus > Faculty
- Other custom structures
By default, OpenIAM follows a three-tier hierarchy: Organization > Division > Department
However, you can customize this by defining your own hierarchy using Organization Types.
To view or modify the hierarchy:
- Navigate to Administration > Configuration.
- Select the Organization tab.
Here, you will see the default hierarchy:
Managing user membership in organizations
To add a user to an organization:
- Locate the user in OpenIAM.
- Go to User Entitlements and click Add.
- Fill in the required fields:
User Organization Assignment Fields
| Field Name | Description |
|---|---|
| Organization | Select the appropriate organization type. |
| Organization Name | Select the specific organization name. |
| Start Date | The date the user joins the organization. |
| End Date | The date the user leaves the organization. |
| Access Rights | Define the user's access rights within the organization. |
Alternative Method: HR System Synchronization
Instead of manually assigning users, you can automate this process using the Synchronization Service. This allows organizations to sync user data from an HR system via a CSV file or a connector.
For details on importing organizations, see Importing the Organization structure.