Delegation

Delegation within a identity management system is the concept to delegate certain actions or processes regarding identity management to the users of this system.

One can delegate different topics:

• identity management

• role definition and creation

• approval flow

Delegation is mostly based within a container or an organisation.

Personify supports delegation because:

• it works with fine grained access on entitylevel (not attribute level) which means the api's are protected and filtered based on policies, so identity creation can be delegated based on organisational properties.

• Roles are also entities

• it provides approval flows for the cases where entity level changes need to be requested.