When you leverage idemeum local directory, you can simply create custom attributes for your user records, and then combine users in groups based on these custom attributes. For example, you can create
Engineering group for all users who work in engineering department. What is more, when you integrate with external user source, such as HR system, idemeum can pull custom attributes from external user source and use those attributes to combine employees into groups.
Groups use cases
You can use groups to entitle applications to employees. For instance, your
Engineering group will have access to 3 applications (Atlassian, Slack, and AWS).
You can use groups to provision to integrated applications. For instance, once you create group Admins you can configure idemeum to push this group into AWS so that you can assign certain permission sets to it. Therefore, every new user of
Admins group will be provisioned into
Admins group in AWS.
- Navigate to idemeum admin portal and choose
- Give your group a name
- Now you can create rules based on which employees will become part of this group. For instance, in the case below I am using the
Job Titleattribute from my local directory to group
Engineersin the same group.
- You can also assign users directly to groups without leveraging attributes
- Once you configure the group hit
idemeum also supports pushing groups to applications and assigning users to these groups in applications. Please, check our integrations catalog to see what applications support group management.
If an application is assigned to a user that is part of the group, idemeum will first provision the group to application and then will assign the user to that group. If the user changes groups, idemeum will automatically update all information in target applications.
- Navigate to application configuration
- Make sure you have
group provisioningset to