Why i need this?
Within your role definition, you can restrict the assignment of roles to other users.
You need these for e.g.
- Define local administrator accounts, that can only assign role for certain applications
- Secure self-registration services – in this case the anonym application role has the right to assign only a specific role to a new created user account.
Building roles with Assignment Restrictions
You have to assign the Roles Permission Objects and Choose the Add Permission Button to (multi-) select one or more roles that are allowed to assign to other users.