Handling Groups and Domains

In this section:

In addition to four primary roles (System Administrator, Data Steward, and so on), several more additional roles should be assigned to each user. In this case, these roles represent the authorities of the assignee. Authorities are created in the same way as the primary roles are, but their names start with the prefix and are delimited from the body with the period (.), for example, goup.GRP1 or domain.PartyMaster, and so on.

There are currently two types of authorities:
Top of page
x
Remediation Groups

The goal of the remediation groups is to map several data stewards to one data supervisor. To create a remediation group, you can just create a role with the group. prefix, as listed below:

Each remediation group must contain only one user using the Data Supervisor role. Otherwise, the system will fail to perform various operations.
Top of page
x
Mapping Domains to Users

Each user is permitted to work only with a provided set of domains (for example, PartyMaster). This set is defined through the assigned roles type, called domain. You can create a role with the domain prefix (for example, domain.PartyMaster).

Each user should be assigned to at least one of the domain roles. The order of the domains can be edited in the Table Order tab in the administration pane.

To get the domain name that should be used as a part of the domain role, navigate to the iIMC administration pane and edit the corresponding table, as shown in the following image.

The value of the Table property should be used as part of the domain role after the period character (.), for example, domain.PartyMaster.

In the Roles of User section of the WSO2 Identity Server, a similar method is used, as shown in the following image:

Note: After assigning users to a domain or any other roles, the user must log on again to the application.

iWay Software