Assigning policies

This guide will walk you though the process of assigning policies to person and group.

Policy represents rights which are assigned by an organization or person to another person. The policies delegation can concern subject which can be an organisation (called here group) or another user represented by a principal (a person in Onegini IdP). Please consider following examples to get better understanding of a policy concept:

Acme (subject - group) represented by Harry (principal - person) allows Lisa (assignee - person) to read financial reports.

Lisa (subject - person) represented by Lisa (principal - person) allows John (assignee - person) to read last financial report.

What you need

To successfully complete this topic guide you need to ensure following prerequisites:

  • have the DUM Application up and running
  • have the DUM Application scopes configured
  • have GROUPS_MANAGE and USER_POLICIES_CRUD DUM Application permissions required to manage group and person policies

Assign policies to group

This guide assumed that scopes are already created and permissions are assigned to your account. Assigning a policy to the group requires few additional steps to be done:

  1. Go to the main page of DUM Application and click Add button in the group column (section Add new group is shown).
  2. Enter a group name Acme in the input box, select interesting scopes and press save.

These are the all steps required to assign a policy to a newly created group.

Assign policies to person

DUM Application users exist within group so the first step is to create a group with policies (only policies that belongs to the group within which user exists can be assigned to the user).

To assign a policy to the user please follow the steps:

  1. Find a group to which you want to add a user and select it.
  2. Click Add button in user column.
  3. Section Add user is shown. It allows to add a new user or already existing one. Existing user is taken from external service and require additional configuration steps to be done. This guide covers assigning policy to a new user.
  4. Fill in user data (first name, last name, email, permissions and policies) and press Save.

New user has been added and can be found in user column.

Congratulations! You have completed the guide.