Skip to main content
Version: 8.2411.x.x RR

Multi-client setups and the data model

As mentioned, nevisIDM is able to handle multi-client setups, i.e., completely separated user populations. You will find installation instructions for the multi-client setups in the chapter Operation and Administration. At this point, we only mention certain critical aspects that have to be known when using nevisIDM in multi-client mode.

  • All external IDs as well as the login ID of the user are only unique within the context of a specific client, i.e., the same external ID or login ID may exist in another client. Note that this has a direct impact on all clients using the SOAP interface: all callers will have to define the client's name or extId in their SOAP requests.
  • Most of the entities in nevisIDM are client-specific as shown in the next table. There are a few exceptions: applications (and their roles) are explicitly assigned to clients, and reference data and properties of certain scopes are defined globally (no relation to clients at all).
  • Client-specific configurations are stored in a policy of type ClientPolicy.
Entityclient-specific (1:n)client-shared (m:n)global
applicationx (client-app assignment)
authorizationx (but may contain FK to client for client data room)
credentialcredential login infouser login infox (via user)
enterprise authorizationx (via profile and enterprise role)
enterprise rolex (FK to client)
event queuex (FK to client)
personal questionx (FK to client)
policyx (FK to client)
profilex (via user, FK to client)
propertiesx (only scopes onUserGlobal, onProfileGlobal, onCredentialGlobal, onUnitGlobal)x (all scopes)
reference data (tidmr_*)x
rolex (via application)
template collectionx (FK to client)
templatetemplate textx (via template collection)
userx (FK to client)