RapidIdentity Administrators' and Users' Guide

Create a Role

Many configurations within the RapidIdentity Portal allow the organization to determine who has access to control particular modules. Roles assist in establishing this facet.

Once the lower-level RapidIdentity server and client configurations are completed, Roles can be created.

Follow these steps to create a Role.

  1. Log into RapidIdentity through a web browser: https://<your-host-name>

  2. Select the Roles module from the top navigation drop down.

    2020-01-03_12-32-18.png

  3. Select Add Role + from the upper right section of the window.

    Add_Role.png

  4. In the Add Role sidebar:

    Role_Name.png

    1. Enter a Name for the role.

    2. If the role will serve as a distribution list, click the Distribution List checkbox.

    3. Click Save.

  5. The Role Details panel will immediately open, allowing the role to be more clearly defined. Make necessary changes according to your organization's requirements and suggestions. See the Create A Role - Detail Fields table for field specifics.

    Note

    These settings can also be modified at any time after the role has been created.

    Role_Details.png
    Table 65. Create A Role - Detail Fields

    Field

    Description

    Name

    Provide a name for the role

    Description

    Optional description for the role

    Distribution List

    Check this box if this role will serve as a distribution list

    Note

    This option will only have an effect if RapidIdentity is using Active Directory as its main directory service

    Membership Managers Can Edit

    Allows Membership Managers to edit the Role details in addition to their permission of managing the Role membership criteria

    Note

    The function of this field does not change Membership Managers ability to add members to the role.

    Auto Synchronization Interval (Hours)

    Automatically sync the role based on hours

    Auto Synchronization Priority

    If auto-sync has been selected for more than one role, select the sync priority for this role

    Owners

    Select at least one owner for the role. Role Owners and Membership Managers can be added or removed



  6. Fill out the Static and Dynamic filters in their respective tabs as needed. This step is optional.

    1. The Static filter associates current users to the role by name. Click the Static Includes or Status Excludes field and type to begin a search for a user. As you type, the user list will appear in the drop-down. Click the user to add to the exclusion/inclusion list.

      Note

      Viable search input includes First Name, Last Name, or Email address.

      Static_Fileds.png

    2. The Dynamic filter associates current users to the role based on LDAP filter queries. Upon user entry into the RapidIdentity Portal, if the attribute for their department value matches the name of a particular Role, the user will dynamically become a member of that role.

      Filter value is the department equals the department attribute.

      Example: (department=IT)

      Dynamic_Fields_2.png

  7. Click Save.

  8. Any changes to users' membership status in a role will not be reflected until the role is either automatically or manually synchronized. The status filed in the Role table will indicate if a sync is needed. Once synced, any users in pending status to be added or removed will be changed once it is synchronized.

    To manually sync multiple roles, select the roles and click on the Sync button (Sync_Button.png) on the bottom navigation bar.

    Sync_Mult.png

    To sync a single role, click on the Sync button located at the end of the role's row.

    Sync_One.png
In this section: