Manage Identity and Access
This page provides an overview of the concepts of Identity and Access Management in Ataccama ONE.
Identity is managed via Users and Roles. Access for users and roles is regulated by permissions that are configured via different blocks: Capabilities, Operation Sets, and Operations. For more information, see xref: Configuring Custom Permissions.
When launching Ataccama ONE for the first time, a default configuration exists, containing default roles with users assigned and their set capabilities, operation sets, and operations. It is possible to manage access either on all entity instances on the same level or instance by instance. It is also possible to manage access across a hierarchy of entities, i.e. assign a capability that will regulate access to the data source, locations and catalog items at the same time. The identity and access management is supported by two services:
-
Keycloak, which is primarily used to manage and assign Users and Roles. For more information on managing users in Keycloak, see Managing Users and Roles.
-
ONE web application, where it is possible to assign pre-configured permissions to Users and Roles. It is also possible to change the default configuration and create custom permissions. For more information on configuring roles in the web application, see Granting, Sharing and Revoking Permissions.
In this guide:
Was this page useful?