Adding an application role
Add application roles to group permissions by function, then control access by assigning roles to users.
Before you begin
-
Add the application permissions that you want to grant to your roles.
-
Add the users that you want to assign to roles.
About this task
Roles determine which permissions a user has. A user can perform an action on an application resource if they have a role with the associated permission.
You can add up to 128 application roles in each PingOne environment. |
Steps
-
Go to Authorization → Application Roles.
-
Click the icon next to Application Roles.
-
Enter a unique Application Role Name and an optional Description. Click Next.
The name can include Unicode letters, marks, numbers, spaces, forward slashes, dots, apostrophes, underscores, and hyphens, with a maximum length of 20 characters.
Example:
For example, you might add an
Invoicing Processor
role for the BizPro invoicing application. -
Select the permissions that you want to assign to the role.
Permission names list the application resource and action separated by a colon. For reference, the PingOne resource associated with the application resource is displayed next to the check box.
-
Click Next.
-
Select the users that you want to assign to the role.
Result:
Selected users will have the permissions that are assigned to the role.
-
Click Save.
Next steps
Add additional roles and assign users to grant them the permissions assigned to the roles. For example, you might add a Billing Supervisor
role and assign the Invoices:Read
and Invoices:Void
permissions to it.