EIM access control group: API authority

EIM access control group: API authority

This information displays tables that are organized by the Enterprise Identity Mapping (EIM) operation that the API performs.
Each of the following tables displays each EIM API, the different EIM access control groups, and the whether the access control group has authority to perform a specific EIM function.
Table 1. Working with domains
EIM API LDAP administrator EIM administrator Identifiers administrator EIM mapping lookup Registry administrator Aministrator for selected registry

eimChangeDomain X X - - - -
eimCreateDomain X - - - - -
eimDeleteDomain X X - - - -
eimListDomains X X - - - -

Table 2. Working with identifiers
EIM API LDAP administrator EIM administrator EIM identifiers administrator EIM mapping lookup EIM registries administrator EIM registry X administrator

eimAddIdentifier X X X - - -
eimChangeIdentifier X X X - - -
eimListIdentifiers X X X X X X
eimRemoveIdentifier X X - - - -

eimGetAssociated
Identifiers
X X X X X X

Table 3. Working with registries
EIM API LDAP administrator EIM administrator EIM identifiers administrator EIM mapping lookup EIM registries administrator EIM registry X administrator

eimAddApplication
Registry
X X - - - -
eimAddSystemRegistry X X - - - -
eimChangeRegistry X X - - X X

eimChange
RegistryUser
X X - - X X
eimChangeRegistryAlias X X - - X X

eimGetRegistry
NameFromAlias
X X X X X X
eimListRegistries X X X X X X

eimListRegistry
Associations
X X X X X X
eimListRegistryAliases X X X X X X

eimListRegistry
Users
X X X X X X
eimRemoveRegistry X X - - - -

Table 4. Working with identifier associations. For eimAddAssociation() and eimRemoveAssociation() APIs there are four parameters that determine the type of association that is either being added or removed. The authority to these APIs differs based on the type of association specified in these parameters. In the following table, the type of association is included for each of these APIs.
EIM API LDAP administrator EIM administrator EIM identifiers administrator EIM mapping lookup EIM registries administrator EIM registry X administrator

eimAddAssociation (administrative) X X X - - -
eimAddAssociation (source) X X X - - -
eimAddAssociation (source and target) X X X - X X
eimAddAssociation (target) X X - - X X
eimListAssociations X X X X X X
eimRemoveAssociation (administrative) X X X - - -
eimRemoveAssociation (source) X X X - - -
eimRemoveAssociation (source and target) X X X - X X
eimRemoveAssociation (target) X X - - X X

Table 5. Working with policy associations
EIM API LDAP administrator EIM administrator EIM identifiers administrator EIM mapping lookup EIM registries administrator EIM registry X administrator

eimAddPolicyAssociation X X - - X X
eimAddPolicyFilter X X - - X X
eimListPolicyFilters X X X X X X

eimRemove
PolicyAssociation
X X X X
eimRemovePolicyFilter - - - - -

Table 6. Working with mappings
EIM API LDAP administrator EIM administrator EIM identifiers administrator EIM mapping lookup EIM registries administrator EIM registry X administrator

eimGetAssociatedIdentifier X X X X X X
eimGetTargetFromIdentifier X X X X X X
eimGetTargetFromSource X X X X X X

Table 7. Working with access
EIM API LDAP administrator EIM administrator EIM identifiers administrator EIM mapping lookup EIM registries administrator EIM registry X administrator

eimAddAccess X X - - - -
eimListAccess X X - - - -
eimListUserAccess X X - - - -
eimQueryAccess X X - - - -
eimRemoveAccess X X - - - -

Parent topic:
EIM access control

EIM API	LDAP administrator	EIM administrator	Identifiers administrator	EIM mapping lookup	Registry administrator	Aministrator for selected registry
eimChangeDomain	X	X	-	-	-	-
eimCreateDomain	X	-	-	-	-	-
eimDeleteDomain	X	X	-	-	-	-
eimListDomains	X	X	-	-	-	-

EIM API	LDAP administrator	EIM administrator	EIM identifiers administrator	EIM mapping lookup	EIM registries administrator	EIM registry X administrator
eimAddIdentifier	X	X	X	-	-	-
eimChangeIdentifier	X	X	X	-	-	-
eimListIdentifiers	X	X	X	X	X	X
eimRemoveIdentifier	X	X	-	-	-	-
eimGetAssociated Identifiers	X	X	X	X	X	X

EIM API	LDAP administrator	EIM administrator	EIM identifiers administrator	EIM mapping lookup	EIM registries administrator	EIM registry X administrator
eimAddApplication Registry	X	X	-	-	-	-
eimAddSystemRegistry	X	X	-	-	-	-
eimChangeRegistry	X	X	-	-	X	X
eimChange RegistryUser	X	X	-	-	X	X
eimChangeRegistryAlias	X	X	-	-	X	X
eimGetRegistry NameFromAlias	X	X	X	X	X	X
eimListRegistries	X	X	X	X	X	X
eimListRegistry Associations	X	X	X	X	X	X
eimListRegistryAliases	X	X	X	X	X	X
eimListRegistry Users	X	X	X	X	X	X
eimRemoveRegistry	X	X	-	-	-	-

EIM API	LDAP administrator	EIM administrator	EIM identifiers administrator	EIM mapping lookup	EIM registries administrator	EIM registry X administrator
eimAddAssociation (administrative)	X	X	X	-	-	-
eimAddAssociation (source)	X	X	X	-	-	-
eimAddAssociation (source and target)	X	X	X	-	X	X
eimAddAssociation (target)	X	X	-	-	X	X
eimListAssociations	X	X	X	X	X	X
eimRemoveAssociation (administrative)	X	X	X	-	-	-
eimRemoveAssociation (source)	X	X	X	-	-	-
eimRemoveAssociation (source and target)	X	X	X	-	X	X
eimRemoveAssociation (target)	X	X	-	-	X	X

EIM API	LDAP administrator	EIM administrator	EIM identifiers administrator	EIM mapping lookup	EIM registries administrator	EIM registry X administrator
eimAddPolicyAssociation	X	X	-	-	X	X
eimAddPolicyFilter	X	X	-	-	X	X
eimListPolicyFilters	X	X	X	X	X	X
eimRemove PolicyAssociation	X	X			X	X
eimRemovePolicyFilter	-	-	-	-	-

EIM API	LDAP administrator	EIM administrator	EIM identifiers administrator	EIM mapping lookup	EIM registries administrator	EIM registry X administrator
eimGetAssociatedIdentifier	X	X	X	X	X	X
eimGetTargetFromIdentifier	X	X	X	X	X	X
eimGetTargetFromSource	X	X	X	X	X	X

EIM API	LDAP administrator	EIM administrator	EIM identifiers administrator	EIM mapping lookup	EIM registries administrator	EIM registry X administrator
eimAddAccess	X	X	-	-	-	-
eimListAccess	X	X	-	-	-	-
eimListUserAccess	X	X	-	-	-	-
eimQueryAccess	X	X	-	-	-	-
eimRemoveAccess	X	X	-	-	-	-