Profile policy
The default profile is automatically generated at user creation. If no profile policy has been provided explicitly, then the default profile policy for the client is applied automatically.
defaultAuthorizations
- Data type: String
- Description: A comma-separated list of the default roles for a new profile. The roles are specified as in the security token:
<application_name>.<role_name>
.- Default: not set.
It is possible to define default data rooms for the nevisIDM authorizations. The data rooms can be defined as a comma-separated list of external IDs (extId), or the keyword "global". The external IDs of units and enterprise roles are unique per client. Therefore, specify the units and enterprise roles in the following format: <client_extid>/<unit_or_enterpriserole_extid>
Example:
defaultAuthorizations = nevisIdm.nevisIdmRole
nevisIdm.nevisIdmRole.authClients=100,101,102
nevisIdm.nevisIdmRole.authUnits=global
nevisIdm.nevisIdmRole.authApplications=global
nevisIdm.nevisIdmRole.authEnterpriseRoles=100/1001,100/1002,101/1003
Notes:
- If you add client data rooms, you can only add units, applications and enterprise roles which belong to one of the listed clients.
- Data rooms can be added only to nevisIDM roles.
- Enterprise role data rooms can be added only if enterprise roles are enabled in the configuration.
defaultEnterpriseRoles
- Data type: String
- Description: A comma-separated list of the default enterprise roles a new profile will get. The enterprise roles are specified by their extIds.
- Default: not set.
defaultUnit
- Data type: int
- Description: The external ID extId of the default unit of the corresponding client.
- Default: The extId of the first (generated) unit of the client.