Managing resources
Resources are responsible for many fields in OpenIAM. In this section, Resources are to be considered as one of the entitlement a user has, inline with Roles and Groups.
In this light, next types of Resourses are of interest to a user:
- Managed System
- Manual Managed System
- Authentication Provider
It is important to note that these types of Resources, unlike Groups and Roles, are never created via Access Control -> Resources and Create New Resource option. They are automatically created by OpenIAM when creating a respective object - Authentication provider, Managed System or Manual Managed System.
Theoretically, one can tie a user and a resource explicitely via adding a particular resource to a particular user directly in User Entitlements section. However, it is a bad practice since OpenIAM uses RBAC model for user entitlements and explicit entitlement is not recommneded when following the model.
User Entitlements -> Resources section can be used for seeing what resource the user is entitled to.
Here, there are two fields in the Resource Editing template that might be of interest to a user - Resource owner and/or Resource Admin as shown below.
Resource owner is a user or group of people who own this resource and Resource admin is a User or group of people who administer this resource. These values are used in request / approval workflow from SelfService (see Requests Tutorial for details on requests/approval via SelfService).
For a user to be able to request access to this or another Resource from SelfService, it is required to set approver association to configure a correspondent workflow.