...
The Authorization Customization feature provides flexible role management by allowing users to tailor how roles are defined and displayed. Roles are assigned through a scoped role string managed by an identity provider (IDP), and this feature introduces several customization options:
Customizable scoped role delimiter: Users can define their own delimiter to separate parts of the scoped role string. By default, a period (
.) is used, but it can be changed to an underscore (_) or any other character, enhancing integration with different IDP configurations.Customizable Wildcard: The second part of a three-part scoped role string specifies a configuration area, and a wildcard character can represent access to all non-confidential areas. While the default wildcard is an asterisk (
*), users can now customize it to any character or string, providing more flexibility in defining access levels.Display Name Customization: Depending on the scoped role claim present in the IDP token, different formats for role display names can be configured within the application. This allows for more intuitive and organization-specific naming conventions that align with the user’s role and access permissions.
These enhancements enable organizations to align role management and display with their specific needs and identity provider configurations, facilitating more precise control over user access and role representation in the application.
...