Create permissions
To create a permission for an application:
- Go to Application management > Applications and select the application.
- Switch to the Permissions tab and click Create permission.
- Provide a valid Name and optionally provide a Description to identify the permission.
- Click Create.
Permission attributes
Name
This refers to the name of the permission. The permission name is mandatory and has to be unique within the application. It can contain alphanumeric characters and underscores only. The length of the 'Name' can be a maximum of 30 characters long.
For an application of protocol type OAuth 2.0/OIDC, the permission name is added to the claim permissions
of the issued access token. You can see a preview of the claim in OAuth claim preview when creating or editing a permission.
For an application of protocol type SAML, the permission name is added to the issued SAML attribute permissions
of the SAML assertion. You can see a preview of the claim in SAML assertion preview when creating or editing a permission.
Permission name logic
For the permission logic to work, the permission name in Identity Cloud has to match the name used in your application.
When your users sign in, you can check their permissions in the OAuth 2.0 claim or SAML attribute.
Description
Optionally you can set a description to provide further information about the permission. The length of the Description is at most 120 characters long.