RapidIdentity Product Guides - 2019 Rolling Release

Configuring Module Visibility

All RapidIdentity Portal modules support RBAC and ABAC to limit module visibility to users or groups. Module visibility is configured in the RapidIdentity Portal Configuration module under each individual module tab.

The ability to limit visibility only to necessary users or groups provides enhanced security for each RapidIdentity Portal module and precludes the likelihood of undesirable RapidIdentity Portal actions from occurring (e.g. My Profiles changes, and Workflow entitlement requests or approvals).

Administrators can choose either RBAC or ABAC, not both, to limit visibility. Users or groups matching a particular role or attribute filter will have that particular module visible upon accessing RapidIdentity Portal. Users must also be a member of the corresponding access Roles defined in the Appliance.

RBAC or ABAC module visibility is configured in the General tab for each RapidIdentity Portal module.

Table 309. Checkboxes



Enable Module Visibility RBAC

The clicked checkbox enables RBAC upon saving one or more Roles. Roles must be added individually. The module is visible only to users of the specified Role(s).

Enable Module Visibility ABAC

The clicked checkbox enables ABAC upon saving an LDAP filter. The filter can by typed or built using the LDAP criteria builder. The module is visible only to users matching the specified LDAP filter.