This topic describes how to grant permissions in the IDaaS console. You can authorize groups by application or authorize applications by group.

Prerequisites

Confirm that you have completed the following tasks:

Authorize groups by application

This operation determines which organizations or groups can access an application.

Procedure

  1. Log on to the IDaaS console as an IT administrator. For more information, see Logon in Administrator Guide.
  2. In the left-side navigation pane, choose Authorization> Application Authorization.
  3. Click the Authorize OUs or Groups by Application tab.

  4. Select the target application in the Applications list on the left.
    Note You can search for an application with the application name.
  5. Select the organizations and groups allowed to access the current application in the OUs and Groups list on the right.
    Note You can search for a group with the group name.

Authorize applications by group

This operation determines which applications the members of a group can access.

Procedure

  1. Log on to the IDaaS console as an IT administrator. For more information, see Logon in Administrator Guide.
  2. In the left-side navigation pane, choose Authorization > Application Authorization.
  3. Click the Grant Application Access by OU or Group tab.

  4. Select the target group in the OUs and Groups list on the left.
    Note You can search for a group with the group name.
  5. Select the applications that the members of the group can access in the Applications list on the right.

Authorize applications by account

This operation determines which applications an account can access.

Procedure
  1. Log on to the IDaaS console as an IT administrator. For more information, see Logon in Administrator Guide.
  2. In the left-side navigation pane, choose Authorization > Application Authorization.
  3. Click the Grant Application Access by Account tab.

  4. You can perform a fuzzy or exact search in the Accounts list on the left.
    Note You can search for an application with the application name in the Applications list on the right.

Authorize accounts by application

This operation determines which accounts can access an application.

Procedure
  1. Log on to the IDaaS console as an IT administrator. For more information, see Logon in Administrator Guide.
  2. In the left-side navigation pane, choose Authorization > Application Authorization.
  3. Click the Authorize Accounts by Application tab.

  4. You can perform fuzzy or exact search in the Applications list on the left.
    Note You can search for an account with the account name in the Accounts list on the right.