Hi all,
I wanted to have a multi-tenant in our OpenIAM CE. It says it’s possible by creating multiple Organization. I will then create an Org Admin for each Organization.
My question is how can I create an Org Admin role and ensure that it only access in what Org does it below? also what would you suggest the scope of Org Admin role?
Thank you in advance for your assistance.
XX
Hello @violettulips3270,
Yes, we can support this:
https://docs.openiam.com/docs-4.2.1.15/admin/1-usradmin/12-externaldelegation
This will allow you to have organization level separation.
Also note that this capability has been expanded in the current Enterprise Edition.
Thanks,
Ameet
Hi @ameet_shah ,
Thank you for your response.
This filtering only applies to the SelfService portal. The webconsole, which is intended for use by administrators, does not support this type of filtering.
We wanted to have intended Org admin per Organization (company). How to achieve this is the filtering is for SelfService portal only?
Hello @violettulips3270,
Organization-level separation can be achieved in the Self-Service portal using external delegation and organization-based filtering. This allows you to assign Org-specific admins who can manage users and requests within their respective organization.
For example, if you create four users and assign two users to one organization and the other two to a different organization, then when performing a user search in the Self-Service portal, each admin will only be able to view and manage users within their own assigned organization.
For the WebConsole, such organization-based filtering is not available.
Please let me know if you have any other questions.