In the identity applications, a permission represents the access provided to a user or group of users for a role or resource. A role defines a set of permissions related to one or more target systems or applications. For example, a user administrator role might be authorized to reset a user's password, while a system administrator role might have the ability to assign a user to a specific server. A resource is any digital entity such as a user account, computer, or database that a business user needs to be able to access.