Holder group

Introduction

In some organizations is necessary to assign roles that affect only a part of the structure, for instance, a department, a division or a country. A Holder Group can be defined as a logical grouping or collection of entities (referred to as "holders") that share similar characteristics, roles, permissions, or access requirements. The concept of a Holder Group simplifies the management of identities by enabling administrators to apply policies, assign roles, and manage permissions at the group level rather than individually.

Key features

Grouping for Simplification: Holder Groups allow similar entities to be managed collectively. For instance, all employees in a specific department can be placed in a single Holder Group.

Role and Permission Assignment: Roles or permissions can be assigned to a Holder Group, and all members of the group inherit those permissions. This ensures consistency and reduces administrative overhead.

Policy Enforcement: Security policies, such as password requirements, multifactor authentication rules, or session timeout settings, can be applied to groups. Different Holder Groups can have tailored policies depending on their needs (e.g., high-security groups vs. regular user groups).