This policy allows the creation of one resource type but not another. In particular, the policy focuses on the create action and then allows the creation of Device resources but denies the creation of User resources.
- In the Policy Editor, go to Policies in the left pane and then click Policies along the top.
- From the + menu, select Add Policy.
- For the name, replace Untitled with User can only create Device resources.
- Click the + next to Applies to.
- Click Add definitions and targets, or drag from Components and add the create action.
- Set Combining Algorithm to Unless one decision is deny, the decision will be permit.
-
Add a rule to allow the creation of Device resources.
-
Add a rule to deny the creation of User resources.
- Send test requests to the SCIM service and verify data using the Policy Editor's Decision Visualiser.