Project roles and Business roles can be defined to control permissions to individual Simplifier projects:
Both Project roles and Business roles can be assigned to individual users or user groups. When a project-based role is assigned to a group, all users in that group automatically receive that role.
Synchronize groups via Identity Provider
For an authentication method, in addition to user roles, user groups can now be synchronized.
Default groups can be defined, which are always assigned to external users logging in via the authentication method. Optionally, it is possible to activate the external group synchronization with certain rules. These rules can be used, for example, to check a user’s attribute in an Active Directory and then assign a Simplifier group.
Use of Business Roles in Push Notification Connector
In addition to roles and groups, push notification connectors can now be assigned business roles of the connector’s projects.
FAQ
Yes, e.g. oAuth. Important for the synchronization is that the attribute which should be used for the synchronization is given by the IDP. You can see which attributes are returned in the test tab of the authentication method.
No. It would be difficult to resolve the project affiliation of the various project roles and business roles.
Yes, he then lands on the page for generating the QR code for logging into the mobile client. That’s all he can see.
No. With the execute permission you do not have the permission to test. Additionally you would need the view permission to see the connector/business object to get to the test dialog.
No, but you can have artifacts in multiple projects. That means you could have one project that contains all apps of a location, with only View permission. You could then create separate projects for the departments, where you assign higher permissions.
The permission disappears from the business role and when the connector is added to the project again, then you have to assign the permission to the role manually again.
All users. This is needed, for example, to add users to a project.