Versions Compared

Old Version 19

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

WSO2 products has two types of roles. External Roles and Internal Roles. Let say there are two user stores.



Store-AStore-B
Usersuser_Auser_B
Rolesrole_Arole_B


External Roles :
Store in user store itself. Only users in that user store can assign to external roles in same user store.
Eg : user_A can assign to role_A
       user_B can't assign to role_A

In the user stores Users are assign to a

Group

Groups. Within the WSO2 servers we have Roles and directly map one Group to a Role then assign the permission for that role. There is a one to one mapping between Groups and Roles and same Group name is used to represent the Role in the server.


Internal Roles :
Store in Identity server database. User in all user stores can assign to these roles.

...

For internal Roles there are not no mapped Groups in user stores. So we directly assign users to these roles (Do not support to assign Groups to these Roles)

...