EIM access control group: API authority

 

This information displays tables that are organized by the Enterprise Identity Mapping (EIM) operation that the API performs.

Each of the following tables displays each EIM API, the different EIM access control groups, and the whether the access control group has authority to perform a specific EIM function.

Table 1. Working with domains
EIM API LDAP administrator EIM administrator Identifiers administrator EIM mapping lookup Registry administrator Aministrator for selected registry
eimChangeDomain X X - - - -
eimCreateDomain X - - - - -
eimDeleteDomain X X - - - -
eimListDomains X X - - - -

Table 2. Working with identifiers
EIM API LDAP administrator EIM administrator EIM identifiers administrator EIM mapping lookup EIM registries administrator EIM registry X administrator
eimAddIdentifier X X X - - -
eimChangeIdentifier X X X - - -
eimListIdentifiers X X X X X X
eimRemoveIdentifier X X - - - -

eimGetAssociated
Identifiers

X X X X X X

Table 3. Working with registries
EIM API LDAP administrator EIM administrator EIM identifiers administrator EIM mapping lookup EIM registries administrator EIM registry X administrator

eimAddApplication
Registry

X X - - - -
eimAddSystemRegistry X X - - - -
eimChangeRegistry X X - - X X

eimChange
RegistryUser

X X - - X X
eimChangeRegistryAlias X X - - X X

eimGetRegistry
NameFromAlias

X X X X X X
eimListRegistries X X X X X X

eimListRegistry
Associations

X X X X X X
eimListRegistryAliases X X X X X X

eimListRegistry
Users

X X X X X X
eimRemoveRegistry X X - - - -

Table 4. Working with identifier associations. For eimAddAssociation() and eimRemoveAssociation() APIs there are four parameters that determine the type of association that is either being added or removed. The authority to these APIs differs based on the type of association specified in these parameters. In the following table, the type of association is included for each of these APIs.
EIM API LDAP administrator EIM administrator EIM identifiers administrator EIM mapping lookup EIM registries administrator EIM registry X administrator
eimAddAssociation (administrative) X X X - - -
eimAddAssociation (source) X X X - - -
eimAddAssociation (source and target) X X X - X X
eimAddAssociation (target) X X - - X X
eimListAssociations X X X X X X
eimRemoveAssociation (administrative) X X X - - -
eimRemoveAssociation (source) X X X - - -
eimRemoveAssociation (source and target) X X X - X X
eimRemoveAssociation (target) X X - - X X

Table 5. Working with policy associations
EIM API LDAP administrator EIM administrator EIM identifiers administrator EIM mapping lookup EIM registries administrator EIM registry X administrator
eimAddPolicyAssociation X X - - X X
eimAddPolicyFilter X X - - X X
eimListPolicyFilters X X X X X X

eimRemove
PolicyAssociation

X X     X X
eimRemovePolicyFilter - - - - -  

Table 6. Working with mappings
EIM API LDAP administrator EIM administrator EIM identifiers administrator EIM mapping lookup EIM registries administrator EIM registry X administrator
eimGetAssociatedIdentifier X X X X X X
eimGetTargetFromIdentifier X X X X X X
eimGetTargetFromSource X X X X X X

Table 7. Working with access
EIM API LDAP administrator EIM administrator EIM identifiers administrator EIM mapping lookup EIM registries administrator EIM registry X administrator
eimAddAccess X X - - - -
eimListAccess X X - - - -
eimListUserAccess X X - - - -
eimQueryAccess X X - - - -
eimRemoveAccess X X - - - -

 

Parent topic:

EIM access control