Catalog Administrator serves as the primary method for managing roles and resources associated with the various connected systems in organizations managed by Identity Manager. Although the catalog is not a unique database or a set of files, it encompasses all information about roles, resources, and the relationship between them.
Users with the Role Administrator entitlement can perform the following tasks:
Create, remove, and modify roles.
Establish the process for the approving and revoking the role.
Create roles and role relationships within the roles hierarchy.
Create, remove, and modify separation of duty (SoD) constraints to manage potential conflicts among roles.
Browse the list of roles created.
Find out which role is associated with which container.
Users with the Resource Administrator entitlement can perform the following tasks:
Create new resources, either from an entitlement or without an entitlement.
Remove and modify resources.
Establish the process for the approving and revoking resource.
Associate resources to roles or a role that is part of other role, group, or a container in your organization.
Browse the list of resources.
Find out which resource is associated with which container.
Catalog Administrator provides a more up-to-date method for managing roles and resources than the User Application’s role and resource functionality. However, it does not support assigning permissions or ownership for the roles and resources.
All role and resource information comes from the User Application driver.