<IDHub should automatically be added as an Application with per-defined Roles and Entitlements>
Permission Management functionality allows you to configure the users, the roles that can access IDHub and their associated permissions that determine what each user is allowed to do with the system.
The default user store in IDHub is Mongo DB. This database stores all the information on users, roles and permissions. A default Admin user and default Admin password are configured and this is associated with a default Admin role with all permissions granted. After IDHub Install is completed you can log into the IDHub Admin console with the Admin user and get started.
IDHub Roles and Permissions
IDHub users are associated with Roles (one or many) that give them access privileges to IDHub UI and its features.
Roles associated with IDHub are:
Roles are assigned to users through the Admin Console by the Admin User (default ) or the System Administrator, who can add, remove users from IDHub Roles thereby granting or revoking privileges.
The Admin user is the superuser, stored in the primary store of the IDHub system and is assigned default privileges that cannot be modified.
IDHUb Roles are coarse-grained giving the user access to user interface and its specific modules (See table below)
Sample Access Privileges:
|Admin||All||All||Default IDHub user having all privileges associated with IDHub|
|Everyone||UserApp||All||Access to all functionality in UserApp.|
IDH Role Privileges, Grant or Revoke Permissions to Users
Go to Admin Console. Navigate to Admin in the left navigation bar → Select Permission Management. IDHub Roles are displayed in "Select a Role" Page. Select a Role to view or modify its privileges. View, Add, Remove members from the Role. Save Changes.
Note: It is recommended a Trusted User Source is integrated with IDHub before using the Permission Management functionality.