Assigning policies
This guide will walk you though the process of assigning policies to person and group.
Policy represents rights which are assigned by an organization or person to another person. The policies delegation can concern subject which can be an organisation (called here group) or another user represented by a principal (a person in Onegini IdP). Please consider following examples to get better understanding of a policy concept:
Acme (subject - group) represented by Harry (principal - person) allows Lisa (assignee - person) to read financial reports.
Lisa (subject - person) represented by Lisa (principal - person) allows John (assignee - person) to read last financial report.
What you need
To successfully complete this topic guide you need to ensure following prerequisites:
- have the DUM Application up and running
- have the DUM Application scopes configured
- have
GROUPS_MANAGE
andUSER_POLICIES_CRUD
DUM Application permissions required to manage group and person policies
Assign policies to group
This guide assumed that scopes are already created and permissions are assigned to your account. Assigning a policy to the group requires few additional steps to be done:
- Go to the main page of DUM Application and click
Add
button in the group column (sectionAdd new group
is shown). - Enter a group name
Acme
in the input box, select interesting scopes and press save.
These are the all steps required to assign a policy to a newly created group.
Assign policies to person
DUM Application users exist within group so the first step is to create a group with policies (only policies that belongs to the group within which user exists can be assigned to the user).
To assign a policy to the user please follow the steps:
- Find a group to which you want to add a user and select it.
- Click
Add
button in user column. - Section
Add user
is shown. It allows to add a new user or already existing one. Existing user is taken from external service and require additional configuration steps to be done. This guide covers assigning policy to a new user. - Fill in user data (first name, last name, email, permissions and policies) and press
Save
.
New user has been added and can be found in user column.
Congratulations! You have completed the guide.