Manage members
Members are users of Identity as a Service (IDaaS). Group membership, assigned roles, and user attributes determine which IDaaS features a user can access.
This section explains how to set up and manage users, attributes, roles, and groups. Access to user management depends on role and group assignment. Administrators can manage only the users who belong to the same groups.
Topics in this section
Add users to IDaaS
8 items
Create and manage groups
A group in IDaaS is a set of users. You can add users to groups or remove users from groups that your role allows you to manage. If your role includes permission to Manage All Groups (see Create, assign, and manage roles), you can create as many groups needed to control which applications users can access.
Create and manage organizations
An organization is an entity in IDaaS to which users can be associated. An IDaaS user can belong to one or more organizations. When the user authenticates using SAML or OIDC, the authentication response indicates the organizations to which the user belongs. Organizations can then be returned from an OIDC and OAuth as claim values or a SAML application as attribute values, as follows:
Create and manage user attributes
User attributes are the information fields stored in a User Profile. IDaaS supports two types of attributes:
Create, assign, and manage roles
Roles control what users can do in IDaaS. Each role defines which system entities a user can access and which actions they can perform on those entities. System entities represent different IDaaS management areas. For example, a role that includes the User Passkey/FIDO2 Token Management entity allows a user to view, add, edit, or remove Passkey/FIDO2 tokens, depending on the permissions assigned to the role.