...
These are examples of scoped roles included in the token provided by the Identitiy Provider. These examples where done with the default settings for Authorization customization. For example the separator for the different parts of the token can be changed from the default which is a singe .
Give the user a bare minimum role
...
On log-in the user receives this scoped role the role “Bare Minimum” in the scope of the space with the key “spaceOne” and is now able to read space bm but not the content of any configuration areathat space and all containing non-confidential configuration areas.
Assign a role to a user for all configuration areas within a space
...
On log-in the user receives this scoped role and is now able to work with the assigned permissions in every configuration area.the role role “user” (last part of the token value) in the space with the key “spaceOne” (first part of the token value) in all non confidential configuration area (wildcard * in the second part of the token)
Assign a role to a user for a specific configuration area
...
On log-in the user receives this scoped role and is now able to work with the assigned permissions in this specific configuration area.the role role “user” (last part of the token value) in the space with the key “spaceOne” (first part of the token value) in the configuration area with the key caOne (second part of the token value)
Conclusion
Managing scopes, roles, and permissions in Smartfacts CDCM is crucial for maintaining proper access control and security within the configuration management system. By defining roles within specific scopes and assigning appropriate permissions, organizations can ensure that users have the necessary access to perform their tasks effectively while maintaining data security. For detailed instructions on managing roles and permissions, refer to the administration documentation or contact support for assistance.