Skip to main content

Role assignment rules

Description

Soffid console provides an option that allows you to customize policies to assign or revoke roles automatically to specific users. To assign or revoke roles, the users must comply with the defined requirements.

That option allows you to Preview changes before to Apply changes, to verify that the actions to be performed are the correct ones. 

To Apply now the Role assignment rule, it is mandatory to have previously saved any changes made in the customization of the role assignment rule using the Apply changes button.

The rule evaluation is performed asynchronously.

When a user is updated, no matter from where, Soffid will launch the role assignment rules defined.

image-1661337836100.png

  1. User
  2. Roles
Custom attributes

Role detail

  • Name: name of the rule.
  • Description: brief description of the rule.
  • Script (Rule expression):  when returns true, the roles will be applied and the script that assigns roles.
  • Rule Progress: displays the time remaining to finish applying the rule.

Roles to apply when rule expression returns true

  • Role list: roles to apply when rule expression returns true.
  • Script to assign roles: allows you to customize the rules to apply roles. That roles will be added to the role list.

The roles result will be a Role list, or RoleAccount list, or String list. 

Actions

Role assignment rules query action

Add new

Allows you to add a new role assignment rule in the system. You can choose that option on the hamburger menu or clicking the add button (+).To add a new role assignment rule it will be mandatory to fill in the required fields

Delete

Allows you to remove one or more role assignment rule by selecting one or more records and next clicking the button with the subtraction symbol (-).To perform that action, Soffid will ask you for confirmation, you could confirm or cancel the operation.

Import

Allows you to upload a CSV file with the role assignment rule list to add or update role assignment rules to Soffid.First, you need to pick up a CSV file, that CSV has to contain a specific configuration. Then you need to check the content to be loaded, it is allowed to choose if you want or not to load a specific attribute. And finally, you need to select the mappings for each column of the CSV file to import the data correctly and to click the Import button.

Download CSV file

Allows you to download a CSV file with the basic information of all role assignment rule. 

Role assignment rules detail action

Apply changes

Allows you to save the changes made on the rule specification, or to save a new rule.

Undo

Allows you to undo any changes made on the rule, except the roles added or deleted to the role list.

Add new role

Allows you to add a role to be applied with the rule.

Preview changes

Displays a list with the changes that would be applied with that rule definition.

Apply now

Allows you to launch the role assignment rule process. When users comply with the rule specification, their roles will be updated.