Most companies define their business policies through authorization assignments. Examples of authorizations are groups, roles, and profiles. These authorizations are different depending on each SaaS application. For more information, see Section 9.1, Supported Roles and Authorizations.
Authorizations give users access to resources. CloudAccess provides a simple solution that allows you to map your identity source roles (groups) to the SaaS application authorizations and approve or deny access to those authorizations.
Authorization categories are available for the connector types that provision users (Office 365, Google Apps, and Salesforce). If you use connector types that provide only authentication and they require mapped authorizations for entitlements instead of Public access, their authorizations are available in the Other Applications category. By default, Public access is disabled for all connectors, except for the connectors for Basic SSO.
The Policy Mapping page maps the authorizations from the SaaS applications to the roles (groups) in the identity sources and allows you to select whether the authorization requires an approval. If approval is required, the Approval page allows you to accept or deny the authorization request.