Identity and Access Management (IAM)
IAM Service provides out-of-the-box identity and access management.
Last updated
Was this helpful?
IAM Service provides out-of-the-box identity and access management.
Last updated
Was this helpful?
Here you can find an overview of the Emporix identity and access management (IAM) concept, along with its features and benefits.
The IAM feature has been introduced to help you control the user access level in specific services. By defining clear-cut roles and permissions, you can be sure that unauthorized users won't be able to modify or view sensitive data. We have prepared a set of predefined access control templates so that you can get started quickly.
The Emporix IAM concept introduces a set of features that make identity and access management easier:
User types
For a tenant, there are two types of users available: customers and employees of that tenant.
Employee groups
Access controls and access control templates
Resources
Objects within Emporix API services, for example area and time resources in the Delivery Service.
Roles
Roles encapsulate predefined permissions that allow users to perform actions on resources within services. For example, a user with a manager role can create, view, edit, and delete resources within a service.
Permissions
Permissions define what actions a user with a specific role can perform on resources within services. For example, a service might have permissions to perform the following actions on a resource: view, create, delete, and edit.
Localized fields
When creating or updating a group, permission, or role, you can specify its name and description in multiple languages.
The following diagram presents an example of the information flow in the IAM Service.
For example, a "Catalog editors" user group may comprise of users granted edit, create, and view permissions within the Catalog resource in the Catalog service.
Emporix provides you with several predefined access control templates that you can apply to a group:
Catalog Manager
Catalog
Category
Product
Product template
Label
Brand
Supplier
Webhook
Pricing Manager
Price Model
Price List
Tax
Unit
Order Fulfillment Manager
Customer
Order
SEPA
Return
Checkout
Site
Employee groups aggregate employees of a tenant that share the same access control within a particular service and resource. By assigning an employee to a particular group, you grant them a specific access control level. Access controls are applied to both the Emporix Management Dashboard and the APIs through scopes. To learn more about scopes, check out the .
Access controls combine both resources and roles. For example, a user with a manager role can view, create, delete, and edit resources within a service. You can use access control templates that contain predefined settings for roles. For more information, check out .
