Most companies define their business policies through authorization assignments. Examples of authorizations are groups, roles, and profiles. These authorizations are different depending on each SaaS application. For more information, see Section 6.1, Supported Roles and Authorizations.
Authorizations give users access to resources. CloudAccess provides a simple solution that allows you to map your identity source roles (groups) to the SaaS application authorizations and approve or deny access to those authorizations.
Authorizations are available only to connectors that provision users. If you use connectors only for authentication, there are no authorizations. For example, the Connector for WebEx and the Connector for Accellion do not have authorizations.
The Policy Mapping page maps the authorizations from the SaaS applications to the roles (groups) in the identity sources and allows you to select whether the authorization requires an approval. The Approval page allows you to accept or deny the authorization request.