Administration Portal Overview
Cloudentity Administrator Portal enables administrator users to administer the whole Cloudentity tenant including all workspaces and their settings. The Admin Portal can be used to configure every connection/setting of the tenant and its workspaces – you can connect applications, identity sources, add organizations, administer the settings of the authorization server, and more. In other words, it allows you to administer the entire identity and authorization plane for application and user landscape.
Access to Administration Portal
Cloudentity platform has different levels of access control for the administration portal functionalities:
Policy-driven user access policies that can be attached to those who can access the admin portal itself in a dynamic fashion.
Tenant administration feature that allows you to define a set of tenant administrators who have access to the administration portal.
These users can be assigned a set of pre-defined roles like admin/auditor to have full access/read only access to configurations within the portal.
The role assigment functionality allows you to assign roles to administrators. This way, administrators only have access to actions in scope of their responsibilities, ranging from administrating the whole tenant to read-only access limited to a specific workspace.
Within the administration portal itself, there is logical separation of workspaces (aka authorization servers). From the above set of administrators, there can be a subset of users that are assigned different roles at a workspace level. For example, workspace A can have a different set of administrators/auditors than workspace B for administrative purposes. This allows fine grained control of configurations at the workspace level.