Hitachi ID Identity Manager 10.0 - Model-after user interface
- 8 years ago
Content:
• A requester -- be it the user himself in a self-service request or the user's manager -- may not know exactly what roles, groups or attributes are needed to grant a recipient some required privileges.
• However, requesters often know someone else who already has the required privileges. A model-after user interface allows a requester to compare the profile attributes and entitlements of the recipient with a model user and request just those items whose descriptions appear relevant to the task at hand.
Key concepts:
• A requester can assign a subset of a model user's rights to a recipient.
• Access controls limit what recipients and model user a given requester can access.
• Requests formulated in this way are user friendly -- the requester already knows who has the required entitlements, just not what they are called.
• Selecting just key entitlements eliminates the problem of propagating rights from one over-provisioned user to another.
See more at: https://hitachi-id.com/identity-manager/overview/access-requests.html
• A requester -- be it the user himself in a self-service request or the user's manager -- may not know exactly what roles, groups or attributes are needed to grant a recipient some required privileges.
• However, requesters often know someone else who already has the required privileges. A model-after user interface allows a requester to compare the profile attributes and entitlements of the recipient with a model user and request just those items whose descriptions appear relevant to the task at hand.
Key concepts:
• A requester can assign a subset of a model user's rights to a recipient.
• Access controls limit what recipients and model user a given requester can access.
• Requests formulated in this way are user friendly -- the requester already knows who has the required entitlements, just not what they are called.
• Selecting just key entitlements eliminates the problem of propagating rights from one over-provisioned user to another.
See more at: https://hitachi-id.com/identity-manager/overview/access-requests.html