This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Skip to end of metadata
  • Created by Former user, last modified by Former user on Aug 21, 2013
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 19 Next »

A user role is a title that contains permissions for users to manage security. Different roles are created with various combinations of permissions with the objective of segregation of duties for users who access the Server.

Identity Server supports the role-based authentication model where privileges of a user based on a role attached with.  

A user is associated with one or more roles (generally specified upon user creation), and each role is associated with zero or more permissions (also generally specified upon user creation). Therefore, the set of permissions owned by a user is determined by the roles assigned to that user.

If a user has several assigned roles, their permissions are added together.

By default, Identity Server comes with the following roles:

  • Admin - Provides full access to all features and controls. By default, the user "admin" is assigned to both the "Admin" and the "Everyone" roles.
  • Everyone - Every new user is assigned to this role by default. It does not include any permissions.
  • System - This role is not visible in the Management Console.

Roles contain permissions for users to manage the Identity Server. You can create different roles with various combinations of permissions and assign them to a user or a group of users.

Follow the instructions below to create a new user's role.

  1. Sign in. Enter your username and password to log on to the Management Console.
  2. Click Configure to access the Configure menu.
     
  3. From the Configure menu, select Users and Roles.
  4. On the User Management page, click on the Roles link.
  5. On the Roles page, click on Add New Role.
  6. Enter the name for the role and click "Next." You can also click "Finish," in which case the new role will be created with default permissions (none) and no assigned users.
  7. The permission model of WSO2 Identity Server is hierarchical. Permissions can be assigned to a role in a fine-grained or a coarse-grained manner. For example, you can either select the whole class of permissions, such as Configure, by checking the corresponding box, or you can expand that class and select one or several items. 
  8. Select the permissions you would like to add to your role and click Next.
     
  9. Select the users to be assigned to the role. You can conduct a search by name, or view all users by entering "*" into the search field.
  10. Click Search.
  11. Select the users you want to add the role to.
  12. Click on the Finish button.
  13. The new role is added to the list.

From here, you can rename roles, assign new permissions and users, and delete a role.

  • No labels