Skip to content

Roles Overview

Overview

The Roles Overview displays all existing roles in the system. For each role, the following information is shown:

  • Name
  • Category
  • Associated client or application

The list is paginated for easy navigation. You can sort roles by any column and filter by name. The Add Role button allows you to create new custom roles.

Prerequisite

To manage roles, you must have the Admin role of the ie-management client.

Role Categories

  • System Roles

    • Created automatically by the system during startup or update.
    • No detail view available.
    • Cannot be edited or deleted.

  • Custom Roles

    • Created via the Add Role button.
    • Allow fine-grained resource access definition.
    • Can be viewed in detail, edited, and deleted.

  • Auto Generated Roles

    • Created automatically through resource sharing.
    • Can be viewed in detail.
    • Cannot be edited, but can be deleted.

  • Device Roles

    • Created for a device when "Enable Identity Federation" is activated.
    • No detail view available.
    • Cannot be edited or deleted.

  • Migrated Roles

    • Created during migration from v1 to v2.
    • Correspond to previously defined roles for old IEM groups (My Admin Groups for devices, My User Groups for self-developed apps).
    • Can be viewed in detail.
    • Can be deleted, but not edited.

Detail View

Roles that offer a detail view are clickable. Clicking on such a role opens the detail view, where you can see more information and perform actions (if permitted).

NOTICE

Each user must be assigned at least the predefined User role of the ie-management client to ensure proper access to IEM.