Identity and Access Management (IAM)

IAM Service provides out-of-the-box identity and access management.

Here you can find an overview of the Emporix identity and access management (IAM) concept, along with its features and benefits.

Purpose

The IAM feature has been introduced to help you control the user access level in specific services. By defining clear-cut roles and permissions, you can be sure that unauthorized users won't be able to modify or view sensitive data. We have prepared a set of predefined access control templates so that you can get started quickly.

Features

The Emporix IAM concept introduces a set of features that make identity and access management easier:

Feature
Description

User types

For a tenant, there are two types of users available: customers and employees of that tenant.

Employee groups

Employee groups aggregate employees of a tenant that share the same access control within a particular service and resource. By assigning an employee to a particular group, you grant them a specific access control level. Access controls are applied to both the Emporix Management Dashboard and the APIs through scopes. To learn more about scopes, check out the Authorization and scopes guide.

Access controls and access control templates

Access controls combine both resources and roles. For example, a user with a manager role can view, create, delete, and edit resources within a service. You can use access control templates that contain predefined settings for roles. For more information, check out Access control templates.

Resources

Objects within Emporix API services, for example area and time resources in the Delivery Service.

Roles

Roles encapsulate predefined permissions that allow users to perform actions on resources within services. For example, a user with a manager role can create, view, edit, and delete resources within a service.

Permissions

Permissions define what actions a user with a specific role can perform on resources within services. For example, a service might have permissions to perform the following actions on a resource: view, create, delete, and edit.

Localized fields

When creating or updating a group, permission, or role, you can specify its name and description in multiple languages.

Overview

The following diagram presents an example of the information flow in the IAM Service.

Access control templates

Emporix provides you with several predefined access control templates that you can apply to a group:

Name
Service/Resource

Catalog Manager

  • Catalog

  • Category

  • Product

  • Product template

  • Label

  • Brand

  • Supplier

  • Webhook

Pricing Manager

  • Price Model

  • Price List

  • Tax

  • Unit

Order Fulfillment Manager

  • Customer

  • Order

  • SEPA

  • Return

  • Checkout

  • Site

Last updated

Was this helpful?