Personify
  • Introduction
  • Architecture
  • Model
    • Identity vault
    • Provisioning
    • Authentication and authorization
    • Gateway
  • Concepts
    • Entitlements
      • Internal entitlements
      • Custom entitlements
    • Workflows
    • Joiner - Mover - Leaver
    • Self service
    • Entitlement expiration
    • Toxic entitlements
    • (Re)Certification
    • Birth rights
    • Notifications
    • Entitlement prerequisites
    • Connectors
      • File connector
      • Database connector
      • SCIM Connector
      • LDAP connector
      • REST connector
      • Microsoft Graph connector
    • Auditing
    • Authorization
    • Gateway
    • API Based
    • Delegation
  • Usage
    • Get started
    • Configuration
  • Development
    • Customizations
      • PropertyProviders
      • AccountIdGenerators
      • RequestHandlers
      • Connectors
      • Workflows
      • Schedulers
    • REST API
    • JAVA SDK
    • Git
    • Issues
Powered by GitBook
On this page
  1. Concepts

Entitlements

PreviousConceptsNextInternal entitlements

Last updated 2 years ago

The entitlements or roles assignable to identities defined within a access management system are depending on the internal structure of a organisation.

Organisations tend to structure itself according to the services and products they provide. This gives us lots of possible models and therefore the engine behind is based on generating the identity management solutions based on a model.

Important concepts when talking about entitlements is the assignable to and assignable by dimension of the entitlement. This is also dominated by the organisation structure.

To manage the internal identity management system, one can specify make the difference between internal and custom entitlements

Internal entitlements are defined with the purpose to control access to the entitles and workflows of the identity management solution itself : 3 possible entitlements and their definition are given below

Custom entitlements are created to give privileges to people in other targetsystems. These entitlements will be more subject to provisioning, given their nature. Examples of this are : Sharepoint, Git-access, Corporate network access, employee badge, ... .

personify