Granting and revoking organization roles
This article explains how to grant and revoke roles to organizations as a Cloud Identity Plane administrator.
About permissions and roles in CIP
Permissions and roles provide access control in systems where CIP is used to provide identity management. Additionally, roles allow you to set up fine-grained access control by applying a specific object constraint (for example, permission can be limited to a specific device, user or organization).
Roles can be assigned to organizations as explained in this article.
Prerequisites
- Administrator account in CIP
Grant a role to an organization
-
Select Organizations from the sidebar.
Result
The ORGANIZATIONS view opens and shows the list of your organizations.
-
In the ORGANIZATIONS view, select a user from the organizations list.
-
In the ORGANIZATION DETAILS view, select the meatballs menu (…) > Grant role.
Result
The GRANT ROLE pop-up window opens.
-
In the GRANT ROLE pop-up window, select a role from the drop-down list.
-
Select Grant role to confirm your choice.
Result
The role is granted to the organization as indicated by the system message.
Revoke a role from an organization
The procedure for revoking a role from an organization is essentially the same as for granting one - you only need to select a different menu option.
-
Select Organizations from the sidebar.
Result
The ORGANIZATIONS view opens and shows the list of your organizations.
-
In the ORGANIZATIONS view, select a user from the organizations list.
-
In the ORGANIZATION DETAILS view, select the meatballs menu (…) > Revoke role.
Result
The REVOKE ROLE pop-up window opens.
-
In the REVOKE ROLE pop-up window, select a role from the drop-down list.
-
Select Revoke role to confirm your choice.
Result
The role is revoked from the organization as indicated by the system message.
Related articles
If you want to learn how to create roles and permissions, read Managing roles and permissions.