Roles

IdentityIQ roles are used to model a company's structure and business operations. Roles are designed to be highly flexible and can be customized to model a wide array of business structures and functions.

By default, there are four types of roles configured in IdentityIQ:

Organizational

Organize and manage the role hierarchy; typically do not perform any function other than creating a nesting structure in the Role Modeler.

Business

Identify job functions or titles, or other attributes by which users can be grouped together.

IT

Encapsulate sets of system entitlements from one or more applications to be grouped together into a single role. IT roles should encapsulate groups of related entitlements that are shared by one or more business roles.

Entitlement

Represent individual system entitlements; entitlement roles were originally created to represent a single entitlement on a single application; currently, Entitlement Roles exist for backward compatibility with versions 5.x and earlier of IdentityIQ, and are not recommended for current/new installations.

Custom Role types can be created to model a structure that does not easily fit into the IdentityIQ default model. In addition, the existing Role types can be configured to function differently from their default behavior to meet each organization's business needs.