The schema object that contains provisioning role definitions.
Table B-4 Role Definition Object Schema Definition
Attribute |
Description |
---|---|
nrfActive |
Whether role is active. |
nrfApprovers |
Role approvers. Order of approvers is maintained by an integer in the second element. |
nrfChildRoles |
Child roles of the current role. |
nrfEntitlementRef |
Identity Manager entitlement associated with the role. Supports embedding of dynamic parameter macros to allow users to specify values at request time. |
nrfImplicitContainers |
Containers assigned to the role. nrfRequestDef Provisioning request definition used for approving a role assignment. |
nrfImplicitGroups |
Groups assigned to the role. |
nrfLocalizedDescrs |
The localized description of the role. |
nrfLocalizedNames |
The localized name of the role. |
nrfParentRoles |
Parent role of the current role. |
nrfQuorum |
Used to support quorum approvals in template PRDs. This is the quorum condition. Can be percentage or number of approvers required. |
nrfRevokeRequestDef |
Provisioning request definition used for approving the revocation of a role assignment. |
nrfRoleCategoryKey |
Used to categorize role. |
nrfRoleLevel |
Role level that defines the role hierarchy. |
nrfStatus |
Status of role. Valid codes are described inRole Status Codes (nrfStatus). |
Table B-5 Valid Role (nrfStatus) Status Codes
Status Code |
Key |
Description |
---|---|---|
50 |
CREATED |
Role created. |
15 |
DELETE PENDING |
Role delete pending. |