Defining Permissions in Script

In Authorization Manager, you define which users have access to which application resources by creating an authorization policy store.

To define access permissions

1. Create the store where the authorization policy is defined:

Creating an Authorization Policy Store in Script
2. Create a section in the authorization policy store for a specific application:

Creating an Application Object in Script

3. Define operations that the application implements to access and modify resources:

Defining Operations in Script

4. Group operations into high-level tasks that users want to perform:

Grouping Operations into Tasks in Script

5. Define roles that consist of groups of tasks:

Grouping Tasks into Roles in Script

A user that is assigned to a role has permission to perform any task assigned to that role. 6. Create scripts to qualify access to tasks at run time:

Qualifying Access with Business Logic in Script

This step is optional. 7. Define groups of users:

Defining Groups of Users in Script

These groups can then be assigned to roles to determine which tasks they can perform. 8. Add users to user groups:

Adding Users to an Application Group in Script