| Table of Contents | ||
|---|---|---|
|
Overview
The Authorization Customization feature provides flexible role management by allowing users to tailor how roles are defined and displayed. Roles are assigned through a scoped role string managed by an identity provider (IDP), and this feature introduces several customization options:
...
These enhancements enable organizations to align role management and display with their specific needs and identity provider configurations, facilitating more precise control over user access and role representation in the application.
Customizable Scoped Role Delimiter
The CDCM application allows the delimiter used in scoped role strings to be customized, providing flexibility in how roles are structured and integrated with various identity providers.
Configuration: The delimiter can be set using the environment variable
ROLE_DELIMITER. By default, the delimiter is a period (.), but it can be changed to any character, such as an underscore (_), to match the format used in the IDP.Usage Example: If
ROLE_DELIMITERis set to_, the scoped role string can be formatted asspaceKey_areaKey_roleKey, enabling clearer separation of the space, configuration area, and role components.
Customizable Wildcard
The CDCM application provides the ability to customize the wildcard used in scoped role strings, enhancing flexibility in defining access across multiple configuration areas.
...
This feature allows organizations to customize access patterns and streamline role management by using intuitive and relevant wildcard symbols that align with their identity provider and access control strategies.
Display Name Customization
The CDCM application allows for flexible customization of display names based on scoped role claims, enhancing clarity and alignment with organizational naming conventions.
...