on 01-31-2019 9:43 AM
Hi experts,
I have a question about the roles that can be created in the service configuration of the identity provisioning. What can be achieved with this roles new roles?
We created a new group, and a new role, but when the user access the identity provisioning then we see the message 'user is not assigned to the IPS_ADMIN role'.
What we want is to give some users only acces to the logging in the identity provisioning service , is this possible?
Thanks in advance,
Vo.
Dear J. Vo,
n order to access the service (Identity Provisioning) the predefined role "IPS_ADMIN" is required and I assume there is no "workaround" to create custom roles for it. See the documentation's "1.6.3 Authentication and Roles" section:
https://help.sap.com/doc/c30747989e33466e8e4f789dd9c3c81c/Cloud/en-US/Provisioning_Service.pdf
IPS_ADMIN – this is the main administrator role. It provides you with access to all Identity Provisioning UI systems and features. You can manage source, target and proxy systems, run and schedule jobs, view and
maintain job logs, and reset the tenant.
Also in "1.3.1 Access the Identity Provisioning (Trial)" part if you check "Prerequisites" part you can see only this predefined role can be added to the service. Custom roles can be only added to applications, see SAP Help Document:
At least there is no documentation that would prove the opposite
Best Regards,
Barnabás Paksi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.