diff --git a/404.html b/404.html index a451cf0..b3991d5 100644 --- a/404.html +++ b/404.html @@ -5,13 +5,13 @@ Page Not Found | RCIAM Docs - +
Skip to main content

Page Not Found

We could not find what you were looking for.

Please contact the owner of the site that linked you to the original URL and let them know their link is broken.

- + \ No newline at end of file diff --git a/assets/images/admin-group-admin-tab-394589ece744f3ba1999ed68926227d5.png b/assets/images/admin-group-admin-tab-394589ece744f3ba1999ed68926227d5.png new file mode 100644 index 0000000..1afc9f4 Binary files /dev/null and b/assets/images/admin-group-admin-tab-394589ece744f3ba1999ed68926227d5.png differ diff --git a/assets/images/admin-group-admin-tab-9b50996bfff7d05cce27c84cc3395ddf.png b/assets/images/admin-group-admin-tab-9b50996bfff7d05cce27c84cc3395ddf.png deleted file mode 100644 index b79569c..0000000 Binary files a/assets/images/admin-group-admin-tab-9b50996bfff7d05cce27c84cc3395ddf.png and /dev/null differ diff --git a/assets/images/admin-group-create-group-role-f546aa753543a3306ad56594eb59c94a.png b/assets/images/admin-group-create-group-role-f546aa753543a3306ad56594eb59c94a.png new file mode 100644 index 0000000..e3f7e79 Binary files /dev/null and b/assets/images/admin-group-create-group-role-f546aa753543a3306ad56594eb59c94a.png differ diff --git a/assets/images/admin-group-delete-group-role-6be2432de22107487d8364e37af5f177.png b/assets/images/admin-group-delete-group-role-6be2432de22107487d8364e37af5f177.png new file mode 100644 index 0000000..4a1e90e Binary files /dev/null and b/assets/images/admin-group-delete-group-role-6be2432de22107487d8364e37af5f177.png differ diff --git a/assets/images/admin-group-details-tab-4df80e864dede97aedc0bbc102e82be8.png b/assets/images/admin-group-details-tab-4df80e864dede97aedc0bbc102e82be8.png new file mode 100644 index 0000000..be8bd90 Binary files /dev/null and b/assets/images/admin-group-details-tab-4df80e864dede97aedc0bbc102e82be8.png differ diff --git a/assets/images/admin-group-edit-member-roles-8ffc7050c7453cfd16d3cd4bbb8bfb19.png b/assets/images/admin-group-edit-member-roles-8ffc7050c7453cfd16d3cd4bbb8bfb19.png new file mode 100644 index 0000000..b520e7e Binary files /dev/null and b/assets/images/admin-group-edit-member-roles-8ffc7050c7453cfd16d3cd4bbb8bfb19.png differ diff --git a/assets/images/admin-group-edit-member-roles-d1cda461b7fbe0d33b40019c8f4297ce.png b/assets/images/admin-group-edit-member-roles-d1cda461b7fbe0d33b40019c8f4297ce.png deleted file mode 100644 index d6f1da2..0000000 Binary files a/assets/images/admin-group-edit-member-roles-d1cda461b7fbe0d33b40019c8f4297ce.png and /dev/null differ diff --git a/assets/images/admin-group-edit-member-roles-window-36438010032ea9958ec1accb068b5ed3.png b/assets/images/admin-group-edit-member-roles-window-36438010032ea9958ec1accb068b5ed3.png deleted file mode 100644 index 38e62a9..0000000 Binary files a/assets/images/admin-group-edit-member-roles-window-36438010032ea9958ec1accb068b5ed3.png and /dev/null differ diff --git a/assets/images/admin-group-edit-member-roles-window-610a0862444543bc34fb80b4f39389cb.png b/assets/images/admin-group-edit-member-roles-window-610a0862444543bc34fb80b4f39389cb.png new file mode 100644 index 0000000..993a2c2 Binary files /dev/null and b/assets/images/admin-group-edit-member-roles-window-610a0862444543bc34fb80b4f39389cb.png differ diff --git a/assets/images/admin-group-effective-expiration-4e2df84762378087fcbba168c1f20e8b.png b/assets/images/admin-group-effective-expiration-4e2df84762378087fcbba168c1f20e8b.png new file mode 100644 index 0000000..22f6887 Binary files /dev/null and b/assets/images/admin-group-effective-expiration-4e2df84762378087fcbba168c1f20e8b.png differ diff --git a/assets/images/admin-group-enrollment-discovery-page-c921adadac6ea19ea244c9b0e9dd039a.png b/assets/images/admin-group-enrollment-discovery-page-c921adadac6ea19ea244c9b0e9dd039a.png new file mode 100644 index 0000000..b33fd58 Binary files /dev/null and b/assets/images/admin-group-enrollment-discovery-page-c921adadac6ea19ea244c9b0e9dd039a.png differ diff --git a/assets/images/admin-group-enrollments-tab-121a10e49f8f7c6b20106e8d757fc08c.png b/assets/images/admin-group-enrollments-tab-121a10e49f8f7c6b20106e8d757fc08c.png new file mode 100644 index 0000000..864404f Binary files /dev/null and b/assets/images/admin-group-enrollments-tab-121a10e49f8f7c6b20106e8d757fc08c.png differ diff --git a/assets/images/admin-group-enrollments-tab-e3bd237f60cbad70924f5ce2ddd3a172.png b/assets/images/admin-group-enrollments-tab-e3bd237f60cbad70924f5ce2ddd3a172.png deleted file mode 100644 index 040c86a..0000000 Binary files a/assets/images/admin-group-enrollments-tab-e3bd237f60cbad70924f5ce2ddd3a172.png and /dev/null differ diff --git a/assets/images/admin-group-extend-membership-f99d93db9939916c9070a3b79f5e892a.png b/assets/images/admin-group-extend-membership-f99d93db9939916c9070a3b79f5e892a.png new file mode 100644 index 0000000..f1ea5a8 Binary files /dev/null and b/assets/images/admin-group-extend-membership-f99d93db9939916c9070a3b79f5e892a.png differ diff --git a/assets/images/admin-group-invite-url-93b8f173321b599387781b951d9ff199.png b/assets/images/admin-group-invite-url-93b8f173321b599387781b951d9ff199.png new file mode 100644 index 0000000..a35ae94 Binary files /dev/null and b/assets/images/admin-group-invite-url-93b8f173321b599387781b951d9ff199.png differ diff --git a/assets/images/admin-group-invite-url-specific-183ea179cf8302ec26c477d02627e4cb.png b/assets/images/admin-group-invite-url-specific-183ea179cf8302ec26c477d02627e4cb.png deleted file mode 100644 index d06de14..0000000 Binary files a/assets/images/admin-group-invite-url-specific-183ea179cf8302ec26c477d02627e4cb.png and /dev/null differ diff --git a/assets/images/admin-group-invite-url-specific-8bec093e01c79288b5e32070ba4722bc.png b/assets/images/admin-group-invite-url-specific-8bec093e01c79288b5e32070ba4722bc.png new file mode 100644 index 0000000..7d96cd2 Binary files /dev/null and b/assets/images/admin-group-invite-url-specific-8bec093e01c79288b5e32070ba4722bc.png differ diff --git a/assets/images/admin-group-member-action-90cb10d9bd7a0a298aba66c057ad788b.png b/assets/images/admin-group-member-action-90cb10d9bd7a0a298aba66c057ad788b.png new file mode 100644 index 0000000..ac76753 Binary files /dev/null and b/assets/images/admin-group-member-action-90cb10d9bd7a0a298aba66c057ad788b.png differ diff --git a/assets/images/admin-group-member-action-confirmation-0eb646b22cd4d9427d4bd8375c280f86.png b/assets/images/admin-group-member-action-confirmation-0eb646b22cd4d9427d4bd8375c280f86.png deleted file mode 100644 index e59e76b..0000000 Binary files a/assets/images/admin-group-member-action-confirmation-0eb646b22cd4d9427d4bd8375c280f86.png and /dev/null differ diff --git a/assets/images/admin-group-member-action-confirmation-5d9f9a88713fde29dd2f656625ed5d0e.png b/assets/images/admin-group-member-action-confirmation-5d9f9a88713fde29dd2f656625ed5d0e.png new file mode 100644 index 0000000..193ffdb Binary files /dev/null and b/assets/images/admin-group-member-action-confirmation-5d9f9a88713fde29dd2f656625ed5d0e.png differ diff --git a/assets/images/admin-group-member-action-f6286df6b59d3109243ffa8bbedb113e.png b/assets/images/admin-group-member-action-f6286df6b59d3109243ffa8bbedb113e.png deleted file mode 100644 index 2266297..0000000 Binary files a/assets/images/admin-group-member-action-f6286df6b59d3109243ffa8bbedb113e.png and /dev/null differ diff --git a/assets/images/admin-group-members-ad25b62c4836c425b2bdd5ea4eedaa81.png b/assets/images/admin-group-members-ad25b62c4836c425b2bdd5ea4eedaa81.png deleted file mode 100644 index a0c1df8..0000000 Binary files a/assets/images/admin-group-members-ad25b62c4836c425b2bdd5ea4eedaa81.png and /dev/null differ diff --git a/assets/images/admin-group-members-c442b1514162e279a2f6e00409d9e141.png b/assets/images/admin-group-members-c442b1514162e279a2f6e00409d9e141.png new file mode 100644 index 0000000..8abedda Binary files /dev/null and b/assets/images/admin-group-members-c442b1514162e279a2f6e00409d9e141.png differ diff --git a/assets/images/admin-group-members-invite-1f19b38a89e9445b85f0dcd6a0924d19.png b/assets/images/admin-group-members-invite-1f19b38a89e9445b85f0dcd6a0924d19.png deleted file mode 100644 index e49755d..0000000 Binary files a/assets/images/admin-group-members-invite-1f19b38a89e9445b85f0dcd6a0924d19.png and /dev/null differ diff --git a/assets/images/admin-group-members-invite-25d1a06b08778c923d3d48e80aaab087.png b/assets/images/admin-group-members-invite-25d1a06b08778c923d3d48e80aaab087.png new file mode 100644 index 0000000..8dbf5e3 Binary files /dev/null and b/assets/images/admin-group-members-invite-25d1a06b08778c923d3d48e80aaab087.png differ diff --git a/assets/images/admin-group-members-invite-step1-0ca27aba42eb2d4e09edcb701593d566.png b/assets/images/admin-group-members-invite-step1-0ca27aba42eb2d4e09edcb701593d566.png deleted file mode 100644 index 89cca7b..0000000 Binary files a/assets/images/admin-group-members-invite-step1-0ca27aba42eb2d4e09edcb701593d566.png and /dev/null differ diff --git a/assets/images/admin-group-members-invite-step1-d934cd0a0d4d753e283e91a3299d6c2f.png b/assets/images/admin-group-members-invite-step1-d934cd0a0d4d753e283e91a3299d6c2f.png new file mode 100644 index 0000000..ce78eca Binary files /dev/null and b/assets/images/admin-group-members-invite-step1-d934cd0a0d4d753e283e91a3299d6c2f.png differ diff --git a/assets/images/admin-group-members-invite-step2-0ad691d5e5dcb07f416f238d25980be5.png b/assets/images/admin-group-members-invite-step2-0ad691d5e5dcb07f416f238d25980be5.png deleted file mode 100644 index da68df3..0000000 Binary files a/assets/images/admin-group-members-invite-step2-0ad691d5e5dcb07f416f238d25980be5.png and /dev/null differ diff --git a/assets/images/admin-group-members-invite-step2-7f73169364ad4a92e7a6093242c1a9a8.png b/assets/images/admin-group-members-invite-step2-7f73169364ad4a92e7a6093242c1a9a8.png new file mode 100644 index 0000000..fb60ae9 Binary files /dev/null and b/assets/images/admin-group-members-invite-step2-7f73169364ad4a92e7a6093242c1a9a8.png differ diff --git a/assets/images/admin-group-members-invite-step3-1487dbc182e4231d1f25878b8ab6a176.png b/assets/images/admin-group-members-invite-step3-1487dbc182e4231d1f25878b8ab6a176.png new file mode 100644 index 0000000..4fdd56a Binary files /dev/null and b/assets/images/admin-group-members-invite-step3-1487dbc182e4231d1f25878b8ab6a176.png differ diff --git a/assets/images/admin-group-members-invite-step3-b13c4da9e957a4f03da0f4cf930856db.png b/assets/images/admin-group-members-invite-step3-b13c4da9e957a4f03da0f4cf930856db.png deleted file mode 100644 index 20511da..0000000 Binary files a/assets/images/admin-group-members-invite-step3-b13c4da9e957a4f03da0f4cf930856db.png and /dev/null differ diff --git a/assets/images/admin-group-remove-member-81ed59e42dfbcc085ebbaf275a4282a2.png b/assets/images/admin-group-remove-member-81ed59e42dfbcc085ebbaf275a4282a2.png new file mode 100644 index 0000000..2131ea8 Binary files /dev/null and b/assets/images/admin-group-remove-member-81ed59e42dfbcc085ebbaf275a4282a2.png differ diff --git a/assets/images/admin-group-remove-member-f4dd0a1410022bd822b205d7720e316b.png b/assets/images/admin-group-remove-member-f4dd0a1410022bd822b205d7720e316b.png deleted file mode 100644 index e48edc6..0000000 Binary files a/assets/images/admin-group-remove-member-f4dd0a1410022bd822b205d7720e316b.png and /dev/null differ diff --git a/assets/images/admin-group-subgroups-delete-7444c3f473a4337497607e8655e48374.png b/assets/images/admin-group-subgroups-delete-7444c3f473a4337497607e8655e48374.png new file mode 100644 index 0000000..ea2d662 Binary files /dev/null and b/assets/images/admin-group-subgroups-delete-7444c3f473a4337497607e8655e48374.png differ diff --git a/assets/images/admin-group-invite-url-e644476efb3d2c54310cb770a83ce4b9.png b/assets/images/admin-group-subgroups-main-ea8011a6dd56c9425a4b800939156fae.png similarity index 58% rename from assets/images/admin-group-invite-url-e644476efb3d2c54310cb770a83ce4b9.png rename to assets/images/admin-group-subgroups-main-ea8011a6dd56c9425a4b800939156fae.png index f08bb66..58f2878 100644 Binary files a/assets/images/admin-group-invite-url-e644476efb3d2c54310cb770a83ce4b9.png and b/assets/images/admin-group-subgroups-main-ea8011a6dd56c9425a4b800939156fae.png differ diff --git a/assets/images/admin-group-subgroups-tab-create-b54cca440e264d26c1843ec19ffd730c.png b/assets/images/admin-group-subgroups-tab-create-b54cca440e264d26c1843ec19ffd730c.png new file mode 100644 index 0000000..7753f18 Binary files /dev/null and b/assets/images/admin-group-subgroups-tab-create-b54cca440e264d26c1843ec19ffd730c.png differ diff --git a/assets/images/admin-group-subgroups-tab-d9bb5198a06efd2b25c2f1a7835f5235.png b/assets/images/admin-group-subgroups-tab-d9bb5198a06efd2b25c2f1a7835f5235.png new file mode 100644 index 0000000..9af49c3 Binary files /dev/null and b/assets/images/admin-group-subgroups-tab-d9bb5198a06efd2b25c2f1a7835f5235.png differ diff --git a/assets/images/admin-group-subgroups-tab-delete-5124a661130d0bf76d932af1dc7fd7a0.png b/assets/images/admin-group-subgroups-tab-delete-5124a661130d0bf76d932af1dc7fd7a0.png new file mode 100644 index 0000000..b3c19e5 Binary files /dev/null and b/assets/images/admin-group-subgroups-tab-delete-5124a661130d0bf76d932af1dc7fd7a0.png differ diff --git a/assets/images/admin-group-view-members-tab-60bddedc21c8c0256bedc50e97e0f3e5.png b/assets/images/admin-group-view-members-tab-60bddedc21c8c0256bedc50e97e0f3e5.png deleted file mode 100644 index 7c9e926..0000000 Binary files a/assets/images/admin-group-view-members-tab-60bddedc21c8c0256bedc50e97e0f3e5.png and /dev/null differ diff --git a/assets/images/admin-group-view-members-tab-855d5fd635c0491b3f164e3380614910.png b/assets/images/admin-group-view-members-tab-855d5fd635c0491b3f164e3380614910.png new file mode 100644 index 0000000..74b9511 Binary files /dev/null and b/assets/images/admin-group-view-members-tab-855d5fd635c0491b3f164e3380614910.png differ diff --git a/assets/images/admin-groups-select-parent-f0a8a10f47e5ba7ef45e912f3ed7783c.png b/assets/images/admin-groups-select-parent-f0a8a10f47e5ba7ef45e912f3ed7783c.png new file mode 100644 index 0000000..0280117 Binary files /dev/null and b/assets/images/admin-groups-select-parent-f0a8a10f47e5ba7ef45e912f3ed7783c.png differ diff --git a/assets/images/admin-groups-select-sub-d77b9649a23036609ad388ba9d06ab43.png b/assets/images/admin-groups-select-sub-d77b9649a23036609ad388ba9d06ab43.png new file mode 100644 index 0000000..4ac9f1e Binary files /dev/null and b/assets/images/admin-groups-select-sub-d77b9649a23036609ad388ba9d06ab43.png differ diff --git a/assets/js/a026f14b.15397aa6.js b/assets/js/a026f14b.15397aa6.js deleted file mode 100644 index 321e3a4..0000000 --- a/assets/js/a026f14b.15397aa6.js +++ /dev/null @@ -1 +0,0 @@ -"use strict";(self.webpackChunkrciam_docs=self.webpackChunkrciam_docs||[]).push([[760],{3905:function(e,t,n){n.d(t,{Zo:function(){return p},kt:function(){return d}});var a=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var m=a.createContext({}),s=function(e){var t=a.useContext(m),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},p=function(e){var t=s(e.components);return a.createElement(m.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},c=a.forwardRef((function(e,t){var n=e.components,o=e.mdxType,r=e.originalType,m=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),c=s(n),d=o,g=c["".concat(m,".").concat(d)]||c[d]||u[d]||r;return n?a.createElement(g,i(i({ref:t},p),{},{components:n})):a.createElement(g,i({ref:t},p))}));function d(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var r=n.length,i=new Array(r);i[0]=c;var l={};for(var m in t)hasOwnProperty.call(t,m)&&(l[m]=t[m]);l.originalType=e,l.mdxType="string"==typeof e?e:o,i[1]=l;for(var s=2;s=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),p=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=p(e.components);return a.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},c=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,u=l(e,["components","mdxType","originalType","parentName"]),c=p(n),d=r,g=c["".concat(s,".").concat(d)]||c[d]||m[d]||o;return n?a.createElement(g,i(i({ref:t},u),{},{components:n})):a.createElement(g,i({ref:t},u))}));function d(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=c;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l.mdxType="string"==typeof e?e:r,i[1]=l;for(var p=2;p=o)&&Object.keys(a.O).every((function(e){return a.O[e](r[u])}))?r.splice(u--,1):(f=!1,o0&&e[d-1][2]>o;d--)e[d]=e[d-1];e[d]=[r,n,o]},a.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return a.d(t,{a:t}),t},r=Object.getPrototypeOf?function(e){return Object.getPrototypeOf(e)}:function(e){return e.__proto__},a.t=function(e,n){if(1&n&&(e=this(e)),8&n)return e;if("object"==typeof e&&e){if(4&n&&e.__esModule)return e;if(16&n&&"function"==typeof e.then)return e}var o=Object.create(null);a.r(o);var c={};t=t||[null,r({}),r([]),r(r)];for(var f=2&n&&e;"object"==typeof f&&!~t.indexOf(f);f=r(f))Object.getOwnPropertyNames(f).forEach((function(t){c[t]=function(){return e[t]}}));return c.default=function(){return e},a.d(o,c),o},a.d=function(e,t){for(var r in t)a.o(t,r)&&!a.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:t[r]})},a.f={},a.e=function(e){return Promise.all(Object.keys(a.f).reduce((function(t,r){return a.f[r](e,t),t}),[]))},a.u=function(e){return"assets/js/"+({19:"1a25ec0b",53:"935f2afb",62:"ea6ba674",64:"1bcd2510",75:"0dffb83e",121:"55960ee5",194:"99357be6",195:"c4f5d8e4",203:"377d5b3f",234:"401a4ed1",291:"e747ec83",372:"1db64337",384:"745ebf64",504:"3475cc35",514:"1be78505",524:"762e3d91",596:"5041332a",751:"3720c009",760:"a026f14b",918:"17896441"}[e]||e)+"."+{19:"750f797b",53:"61cf0b31",62:"da3988d3",64:"7872401b",75:"e688b5ab",121:"6919c67a",159:"bf955298",194:"e4d06362",195:"d571e374",203:"c8659271",234:"f8d08be8",291:"5f004357",372:"49d831ee",384:"1e1ce9cd",504:"208370f1",514:"39ab18d3",524:"4220e5c8",596:"c8134d44",608:"5654b3ee",698:"7a95d540",751:"2e71c95d",760:"e26ff288",918:"a44726f6"}[e]+".js"},a.miniCssF=function(e){return"assets/css/styles.0e6d925c.css"},a.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),a.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n={},o="rciam-docs:",a.l=function(e,t,r,c){if(n[e])n[e].push(t);else{var f,u;if(void 0!==r)for(var i=document.getElementsByTagName("script"),d=0;d=o)&&Object.keys(f.O).every((function(e){return f.O[e](r[u])}))?r.splice(u--,1):(a=!1,o0&&e[d-1][2]>o;d--)e[d]=e[d-1];e[d]=[r,n,o]},f.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return f.d(t,{a:t}),t},r=Object.getPrototypeOf?function(e){return Object.getPrototypeOf(e)}:function(e){return e.__proto__},f.t=function(e,n){if(1&n&&(e=this(e)),8&n)return e;if("object"==typeof e&&e){if(4&n&&e.__esModule)return e;if(16&n&&"function"==typeof e.then)return e}var o=Object.create(null);f.r(o);var c={};t=t||[null,r({}),r([]),r(r)];for(var a=2&n&&e;"object"==typeof a&&!~t.indexOf(a);a=r(a))Object.getOwnPropertyNames(a).forEach((function(t){c[t]=function(){return e[t]}}));return c.default=function(){return e},f.d(o,c),o},f.d=function(e,t){for(var r in t)f.o(t,r)&&!f.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:t[r]})},f.f={},f.e=function(e){return Promise.all(Object.keys(f.f).reduce((function(t,r){return f.f[r](e,t),t}),[]))},f.u=function(e){return"assets/js/"+({19:"1a25ec0b",53:"935f2afb",62:"ea6ba674",64:"1bcd2510",75:"0dffb83e",121:"55960ee5",194:"99357be6",195:"c4f5d8e4",203:"377d5b3f",234:"401a4ed1",291:"e747ec83",372:"1db64337",384:"745ebf64",504:"3475cc35",514:"1be78505",524:"762e3d91",596:"5041332a",751:"3720c009",760:"a026f14b",918:"17896441"}[e]||e)+"."+{19:"750f797b",53:"61cf0b31",62:"da3988d3",64:"7872401b",75:"e688b5ab",121:"6919c67a",159:"bf955298",194:"e4d06362",195:"d571e374",203:"c8659271",234:"f8d08be8",291:"5f004357",372:"49d831ee",384:"1e1ce9cd",504:"208370f1",514:"39ab18d3",524:"4220e5c8",596:"c8134d44",608:"5654b3ee",698:"7a95d540",751:"2e71c95d",760:"15397aa6",918:"a44726f6"}[e]+".js"},f.miniCssF=function(e){return"assets/css/styles.0e6d925c.css"},f.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),f.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n={},o="rciam-docs:",f.l=function(e,t,r,c){if(n[e])n[e].push(t);else{var a,u;if(void 0!==r)for(var i=document.getElementsByTagName("script"),d=0;d Identity Providers | RCIAM Docs - + @@ -120,7 +120,7 @@ community, along with a set of additional information as described in the following table (see also general attribute release requirements):

DescriptionOIDC claim
At least one of the following unique user identifiers:
  1. pseudonymous, non-targeted identifier;
  2. name-based, non-targeted identifier;
  3. pseudonymous, targeted identifier
  1. sub (public)
  2. N/A
  3. sub (pairwise)
Preferred name for display purposesname
First namegiven_name
Surnamefamily_name
Email addressemail
Affiliation within Home Organisation or Communityeduperson_scoped_affiliation
Group(s)/role(s) within Home Organisation or CommunityeduPerson_entitlement
- + \ No newline at end of file diff --git a/docs/developer/guide-for-sps/index.html b/docs/developer/guide-for-sps/index.html index 284b3ae..005ccab 100644 --- a/docs/developer/guide-for-sps/index.html +++ b/docs/developer/guide-for-sps/index.html @@ -5,7 +5,7 @@ Service Providers | RCIAM Docs - + @@ -268,7 +268,7 @@ a user having a Verified Email is eligible for the RAF value https://refeds.org/assurance/IAP/low

Some RCIAM SPs have been configured to provide limited access (or not to accept at all) credentials with the Low LoA.

- + \ No newline at end of file diff --git a/docs/features/index.html b/docs/features/index.html index 6380f92..8a70635 100644 --- a/docs/features/index.html +++ b/docs/features/index.html @@ -5,13 +5,13 @@ Features | RCIAM Docs - +

Features

Work in Progress#

This page is under construction.

- + \ No newline at end of file diff --git a/docs/glossary/index.html b/docs/glossary/index.html index 8245f6e..a945adb 100644 --- a/docs/glossary/index.html +++ b/docs/glossary/index.html @@ -5,13 +5,13 @@ Glossary | RCIAM Docs - +

Glossary

A#

  • AA: Authentication and Authorisation
  • AAA: Authentication, Authorisation and Accounting
  • AAI: Authentication and Authorisation Infrastructure
  • AARC: Authentication and Authorisation for Research and Collaboration
  • API: Application Programming Interface
  • AS: Authorisation Server
  • AUP: Acceptable Use Policy
  • AuthN: Authentication
  • AuthZ: Authorisation

B#

  • (No entries)

C#

  • CoCo: GÉANT data protection Code of Conduct
  • CSIRT: Computer Security Incident Response Team

D#

  • (No entries)

E#

  • EC: European Commission
  • eduGAIN: AAI confederation interconnecting national and community-wide R&E identity federations
  • eduroam: education roaming – International roaming service for users in R&E
  • eID: Electronic Identification
  • EOSC: European Open Science Cloud
  • EU: European Union

F#

  • FAIR: Findable, Accessible, Interoperable and Reusable (data principles)
  • FAQ: Frequently Asked Questions
  • FIM4R: Federated Identity Management for Research
  • FQDN: Fully Qualified Domain Name

G#

  • GDPR: General Data Protection Regulation
  • GÉANT: The pan-European research and education network
  • GUI: Graphical User Interface

H#

  • HA: High Availability
  • HO: Home Organisation
  • HTTP: Hypertext Transfer Protocol
  • HTTPS: Hypertext Transfer Protocol Secure

I#

  • IAM: Identity and Access Management
  • IdM: Identity Management
  • IdP: Identity Provider
  • IP: Internet Protocol

J#

  • (No entries)

K#

  • (No entries)

L#

  • LDAP: Lightweight Directory Access Protocol

M#

  • MFA: Multi-Factor Authentication

N#

  • NREN: National Research and Education Network

O#

  • OA: Open Access
  • OIDC: OpenID Connect
  • OpenAIRE: Open Access Infrastructure for Research in Europe

P#

  • PKI: Public Key Infrastructure

Q#

  • (No entries)

R#

  • R&E: Research and Education
  • R&S: Research & Scholarship
  • RAF: REFEDS Assurance Framework
  • REFEDS: Research and Education FEDerations

S#

  • SAML: Security Assertion Markup Language
  • SFA: Single-Factor Authentication
  • Shibboleth: An Internet2 project to investigate technology to support inter-institutional Authentication and Authorisation
  • SIRTFI: Security Incident Response Trust Framework for Federated Identity
  • SP: Service Provider
  • SSO: Single sign-on

T#

  • T&I: Trust and Identity

U#

  • UI: User Interface
  • UMA: User Managed Access
  • URI: Uniform Resource Identifier
  • URL: Uniform Resource Locator
  • URN: Uniform Resource Name

V#

  • VO: Virtual Organisation

W#

  • WebSSO: Web Single Sign-On
  • WISE: Wise Information Security for Collaborating e-Infrastructures

X#

  • XML: Extensible Markup Language

Y#

  • (No entries)

Z#

  • (No entries)
- + \ No newline at end of file diff --git a/docs/manager/expressing-vo-information/index.html b/docs/manager/expressing-vo-information/index.html index 7b90bb4..37bb93f 100644 --- a/docs/manager/expressing-vo-information/index.html +++ b/docs/manager/expressing-vo-information/index.html @@ -5,7 +5,7 @@ VO group/role information | RCIAM Docs - + @@ -27,7 +27,7 @@ This will generate two entitlements as:

urn:mace:example.org:group:vo.example.eu:role=associate#rciam.example.org

urn:mace:example.org:group:vo.example.eu:role=member#rciam.example.org

VO Groups (sub COUs)#

There are occasions where we need a VO to be organized in subgroups. For example vo.example.eu contains the sub-COU vo.example-sub.eu.

VO subgroup

The CO Person is affiliated as member and with the Role of Support in the VO sub-group vo.example-sub.eu:

VO subgroup membership

In such occasions the eduPersonEntitlement will have the following structure:

urn:mace:example.org:group:vo.example.eu:vo.example-sub.eu:role=support#rciam.example.org

urn:mace:example.org:group:vo.example.eu:vo.examples-sub.eu:role=member#rciam.example.org

- + \ No newline at end of file diff --git a/docs/manager/group-management/index.html b/docs/manager/group-management/index.html index 64d13fd..907ebdd 100644 --- a/docs/manager/group-management/index.html +++ b/docs/manager/group-management/index.html @@ -4,61 +4,78 @@ -Groups | RCIAM Docs - +Groups | RCIAM Docs +
-

Groups

Membership Managment#

View Group Members#

  1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
  2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. +

    Groups

    This page provides information about using RCIAM for managing your Group.

    Background#

    In simple terms, a Group is a collection of users. In RCIAM, Groups are created to organise researchers who aim to share resources across services to achieve a common goal within scientific collaborations.

    Group Management#

    Groups in RCIAM go beyond simple collections of users, providing structured membership management and advanced enrollment workflows tailored for complex access needs. Organised hierarchically, groups can contain subgroups within parent groups, with centralised administration allowing membership expirations to cascade through child memberships. This setup streamlines administrative tasks while enhancing security.

    Group Admins#

    In RCIAM, Groups are managed by Group Admins, who have several key responsibilities:

    Note: Group Admin is not a role within the Group; it is a separate administrative designation. Group Admins have the ability to manage all aspects of the Group, as well as any sub-groups in the hierarchy, including roles, memberships, and configurations.

    Group Roles#

    In RCIAM, members of Groups are assigned roles upon joining. Users can join a Group in one of two ways:

    • By accepting an invitation: Users receive the roles specified by the inviting administrator.
    • By submitting an enrollment request: Users can select their preferred roles from the options available, as defined by the Group’s enrollment configuration.

    Each assigned role includes an entitlement attribute, which grants authorization to specific resources. This flexible approach to role assignment allows Group administrators to control access while offering users the ability to select roles when available.

    Note: Entitlement values can be found on the Group Details Tab

    Membership Status#

    Members of a Group in RCIAM can have different statuses that affect their access and entitlements:

    • Active: The membership is fully active, and the user receives all entitlements associated with the roles they hold in the Group.

    • Suspended: Administrators can suspend a user’s membership for security reasons, such as suspicious activity. While suspended, the user retains membership but loses all entitlements tied to their roles. Administrators can later revoke the suspension and reactivate the membership.

    • Pending: A user’s membership can have a future start date based on the enrollment configuration used during joining. This scheduled membership will activate automatically on the specified start date. Administrators also have the option to activate the membership manually if needed.

    Note: Suspension/Activation of a member will also affect all memberships in Sub Groups of target group

    Each status provides Group administrators with flexible control over user access and helps ensure security within the Group.

    Membership Expiration#

    Memberships in Groups come with a defined duration, which may be set to indefinite if allowed by the Group’s configuration settings. However, the duration of any membership is also affected by the Group's position within the Group hierarchy. Membership in a higher-level Group imposes a duration limit on all memberships in its subordinate Groups. As a result, the expiration date for any membership in a lower-level Group cannot exceed the duration limit set by the higher-level Group.

    Understanding Expiration Dates in Group Memberships#

    When viewing members within a Group, you will encounter two types of expiration dates:

    • Direct Membership Expiration: This date indicates the expiration of membership specifically for the Group you are currently viewing. It applies only to that Group and not to any other Group within the hierarchy.
    • Effective Membership Expiration: If relevant, this reflects the actual expiration date imposed by a higher-level Group. If a higher-level Group has an earlier expiration date than the Direct Membership Expiration, the Effective Membership Expiration will take precedence, overriding the direct expiration date for the current Group.

    For example, if a user’s Direct Membership Expiration in a lower-level Group is set to indefinite (or a date beyond 2024), but the Effective Membership Expiration from a higher-level Group is November 12, 2024, the user’s membership will expire on November 12, 2024, in line with the higher Group’s restrictions.

    Admin Group Effective Membership Expiration

    This hierarchical approach to managing memberships allows for simplified administration and ensures consistent access policies are maintained across different Group levels.

    Pending Memberships with Future Start Dates#

    Some enrollment flows or invitations may specify a starting date in the future. In these cases, users who accept the invitation or submit an enrollment request will have a pending membership status until the specified start date. Once the start date arrives, the membership will automatically activate, transitioning from pending to active status.

    View Group Details and Manage Group Roles#

    The Group Details Tab provides essential information and management options, including:

    • Available Group Roles: Lists roles within the Group and displays the entitlements granted to users with these roles.
    • Group Path: Shows the hierarchical path of the Group within the overall structure.
    • Enrollment Discovery Page URL: Provides a link to the Enrollment Discovery Page, allowing users to access relevant enrollment options.
    1. Log in to the Keycloak Account Console using any of your login credentials linked to your RCIAM account.
    2. Go to the Group Management Page and select the target group to access its Group Configuration Page. +Admin Groups View
    3. View Group Details +Admin Groups Details View

    Create Group Role#

    1. To add a new role, enter the role name in the text input field and click the plus button to create it.
      Admin Groups Create Group Role

    Delete Group Role#

    Note: A role cannot be deleted from a group if it is assigned to any members.

    1. Locate the role you want to remove and use the minus button next to it to delete it. +Admin Groups Delete Group Role

    Create Sub Group#

    There are two ways to create a subgroup within the platform:

    A) Through the Group Management Page#

    1. Log in to the Keycloak Account Console using any of your login credentials linked to your RCIAM account.
    2. Go to the Group Management Page to locate your target group. +Admin Groups View
    3. Click on the more options menu next to your group, then select "Create Subgroup" from the available options. +Admin Create Subgroup

    B) Using the Sub Groups Tab in the Group Configuration Page#

    1. Log in to the Keycloak Account Console using any of your login credentials linked to your RCIAM account.
    2. Go to the Group Management Page and select the target group to access its Group Configuration Page. +Admin Groups View
    3. Navigate to the Sub Groups tab to view existing subgroups within this Group. +Admin Group Sub Group Tab
    4. To create a new subgroup, click the plus button (+) at the top of the Sub Groups tab. Alternatively, you can click the more options menu next to an existing subgroup and select the option to create a subgroup within that subgroup. +Admin Group Sub Group Tab Create

    Delete Sub Group#

    Note: Top-level Groups and Sub-Groups that contain additional Sub-Groups cannot be deleted.

    A) Through the Group Configuration Page#

    1. Log in to the Keycloak Account Console using any of your login credentials linked to your RCIAM account.
    2. Go to the Group Management Page and select the target group to access its Group Configuration Page. +Admin Groups View
    3. Click the trash icon to delete group +Admin Delete Sub Group

    B) Through the Higher Level Group#

    1. Log in to the Keycloak Account Console using any of your login credentials linked to your RCIAM account.
    2. Go to the Group Management Page and select the target group to access its Group Configuration Page. +Admin Groups View
    3. Navigate to the Sub Groups tab to view existing subgroups within this Group. +Admin Group Sub Group Tab
    4. To delete a subgroup, click the more options menu next to the subgroup you wish to delete and select the option to delete that. +Admin Group Sub Group Tab Create

    Membership Managment#

    View Group Members#

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. Admin Groups View
    3. To view the existing members, select the Group Members tab. -Admin Group ViewAdmin Group Members

    Add Group Members#

    By Invitation#

    Users can be added to a group by sending an email invitation. Users receiving the invitation can login to Keycloak Account Console with their RCIAM account and accept or reject the invitation to the group.

    Sending an email invitation to a User to join a group can be achieved by:

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. +Admin Group ViewAdmin Group Members

    Add Group Members#

    By Invitation#

    Users can be added to a group by sending an email invitation. Users receiving the invitation can login to Keycloak Account Console with their RCIAM account and accept or reject the invitation to the group.

    Sending an email invitation to a User to join a group can be achieved by:

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. Admin Groups View
    3. Select the Group Members tab. -Admin Group Members
    4. Click the Invite User button that opens the invitation pop-up window. -Admin Group Members Invite
    5. Select an Enrollment Configuration -Admin Group Members Invite Step 1
    6. Select the role(s) that you want the user have in the Group and click Next -Admin Group Members Invite Step 2
    7. Select the user from the drop down selection input or enter an email address and click Send Invitation. -Admin Group Members Invite Step 3

    NOTE: Once a user accepts or reject an invitation email notification will be sent to admins of the group

    By Enrollment URL#

    Users can be added to a group by creating an Enrollment Request through an enrollment url. There are two types of enrollment url, one that contains all public/visible group Enrollments and one that is tied to a specific Enrollment.

    Α) Sharing an Enrollment URL that contains all the public/visible group Enrollments following these steps:

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. -Admin Groups View
    3. Select the more options and from the available options select the “Copy enrollment link to this group”. -Admin Group Invite Url
    4. Share the copied Enrollment URL with the User.

    NOTE: Once a user submits an enrollment request admins of the group will receive an email notification.

    B) Sharing an Enrollment URL for a specific Enrollment

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. +Admin Group Members
    3. Click the Invite User button that opens the invitation pop-up window. +Admin Group Members Invite
    4. Select an Enrollment Configuration +Admin Group Members Invite Step 1
    5. Select the role(s) that you want the user have in the Group and click Next +Admin Group Members Invite Step 2
    6. Select the user from the drop down selection input or enter an email address and click Send Invitation. +Admin Group Members Invite Step 3

    NOTE: Once a user accepts or reject an invitation email notification will be sent to admins of the group

    By Enrollment Request#

    Users can be added to a group by creating an Enrollment Request. Enrollment Requests can be created through the Enrollment Discovery Page or a Direct Enrollment Link. The Enrollment Discovery has available all the visible and active enrollment flows and the Direct Enrollment Link points to a single Enrollment Flow that must be active.

    Α) Sharing the Enrollment Discovery Page Link following these steps:

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page. +Admin Groups View
    3. Select the more options and from the available options select the “Copy enrollment link to this group”admin-group-subgroups-main.png. +Admin Group Invite Url
    4. Share the copied Enrollment URL with the User.

    NOTE: Once a user submits an enrollment request admins of the group will receive an email notification.

    B) Sharing an Direct Enrollment Link to a specific Enrollment

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. Admin Groups View
    3. Select the Group Enrollment Tab -Admin Group Enrollment Tab
    4. Locate the desired Enrollment making sure it is active
    5. Select the more options and from the available options select the “Copy enrollment link to this group”. -Admin Group Enrollment Invite Url
    6. Share the copied Enrollment URL with the User.

    NOTE: Once a user submits an enrollment request admins of the group will receive an email notification.

    Remove Member from Group#

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. +Admin Group Enrollment Tab
    3. Locate the desired Enrollment making sure it is active
    4. Select the more options and from the available options select the “Copy enrollment link to this group”. +Admin Group Enrollment Invite Url
    5. Share the copied Enrollment URL with the User.

    NOTE: Once a user submits an enrollment request admins of the group will receive an email notification.

    Remove Member from Group#

    NOTE: Removing a member from a group will also remove them from all Sub Groups.

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. Admin Groups View
    3. Select the Group Members tab. -Admin Group Members
    4. Locate the User you want to remove from the group
    5. Click the X button and then the Yes button at the confirmation pop-up window -Admin Group Remove Member

    NOTE: Once a group member is removed admins of the group and the removed user will receive an email notification

    Manage Group Member Roles#

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. +Admin Group Members
    3. Locate the User you want to remove from the group
    4. Click the X button and then the Yes button at the confirmation pop-up window +Admin Group Remove Member

    NOTE: Once a group member is removed admins of the group and the removed user will receive an email notification

    Manage Group Member Roles#

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. Admin Groups View
    3. Select the Group Members tab. -Admin Group Members
    4. Locate the User you want to alter their roles.
    5. Click the edit button next to their assigned roles. -Admin Group Edit Member Roles
    6. Alter their roles by selecting the desired ones from the available options. -Admin Group Edit Member Roles Window
    7. To save edited member roles click the OK button.

    Suspend or Activate Group Member#

    User memberships can be suspended or activated by a group admin by following these steps:

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. +Admin Group Members
    3. Locate the User you want to alter their roles.
    4. Click the edit button. +Admin Group Edit Member Roles
    5. Alter their roles by selecting the desired ones from the available options. +Admin Group Edit Member Roles Window
    6. To save edited member roles click the Save button.

    Extend Group Member Membership#

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. Admin Groups View
    3. Select the Group Members tab. -Admin Group Members
    4. Locate the User you want to suspend or activate their membership.
    5. Click the suspend/activate button to open the confirmation pop-up window. -Admin Group Member Action
    6. Optionally provide a justification for your action that will be included in the notification sent to the User and the group Admins. -Admin Group Member Action Confirmation
    7. Click the YES button to submit your action

    NOTE: Once a group member is activated/suspended, admins of the group and the user will receive an email notification.

    Admin Management#

    View Group Admins#

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. +Admin Group Members
    3. Locate the User you want to alter their roles.
    4. Click the edit button. +Admin Group Edit Member Roles
    5. Alter the expiration date using the date picker. +Admin Group Edit Member Roles Window
    6. To save edited membership details click the Save button.

    Suspend or Activate Group Member#

    User memberships can be suspended or activated by a group admin by following these steps:

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. +Admin Groups View
    3. Select the Group Members tab. +Admin Group Members
    4. Locate the User you want to suspend or activate their membership.
    5. Click the suspend/activate button to open the confirmation pop-up window. +Admin Group Member Action
    6. Optionally provide a justification for your action that will be included in the notification sent to the User and the group Admins. +Admin Group Member Action Confirmation
    7. Click the YES button to submit your action

    NOTE: Once a group member is activated/suspended, admins of the group and the user will receive an email notification.

    Admin Management#

    View Group Admins#

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. Admin Groups View
    3. Select the Group Admins Tab. -Admin Groups Admin Tab
    4. Group Admin details are available in list form. +Admin Groups Admin Tab
    5. Group Admin details are available in list form. Admin Groups Admin Details

    Add Group Admin#

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. Admin Groups View
    3. Select the Group Admins Tab. -Admin Groups Admin Tab
    4. Use the input located in the Add New Group Admin section to search for a user to add as a group admin, or type a valid email address to send an invitation.
      Admin Groups Admin Discovery

    NOTE: Selecting a user discovered in the select input and will add the user immediately.

    NOTE: Once a User accepts or rejects an invitation and when a user is added directly to a group group admins receive email notification

    Remove Group Admin#

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. +Admin Groups Admin Tab
    3. Use the input located in the Add New Group Admin section to search for a user to add as a group admin, or type a valid email address to send an invitation.
      Admin Groups Admin Discovery

    NOTE: Selecting a user discovered in the select input and will add the user immediately.

    NOTE: Once a User accepts or rejects an invitation and when a user is added directly to a group group admins receive email notification

    Remove Group Admin#

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. Admin Groups View
    3. Select the Group Admins Tab. -Admin Groups Admin Tab
    4. Locate User you want to remove from being an admin and click the X button -Admin Groups Admin Remove
    5. Click the YES button in the confirmation pop-up window

    NOTE: Once a group admin is removed from a group he and all other admins are sent an email notification

    Manage Enrollment Configurations#

    User enrols to a group using a specific enrollment configuration, each enrollment has a configuration that defines the following things:

    Enrollment Name: The identifying name of the enrollment.

    Membership Expiration: The duration of the memberships of users enrolled with this enrollment.

    Membership Expiration can also be indefinite is configuration allows it.

    Start Date: Allows for memberships to be activated in future time and not directly after an enrollment is completed.

    Requires Approval: If true enrollment requests submitted by user need to be approved by an administrator.

    Comments: If activated Users that are submitting an enrollment request need to also provide additional information.

    Acceptable Use Policy (AUP): Acceptable Use Policy in the form of a URL.

    Available Roles: Available roles to users using this enrollment.

    Multiselect Roles: If activated users using this enrollment can select multiple roles.

    Visible to non-members: If activated the enrollment will be available in the Group Enrollment discovery page.

    Is Active: Only active enrollments can be used for user enrollments.

    Create Enrollment Configuration#

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. +Admin Groups Admin Tab
    3. Locate User you want to remove from being an admin and click the X button +Admin Groups Admin Remove
    4. Click the YES button in the confirmation pop-up window

    NOTE: Once a group admin is removed from a group he and all other admins are sent an email notification

    Manage Enrollment Configurations#

    User enrols to a group using a specific enrollment, each enrollment has a configuration that defines the following things:

    Enrollment Name: The identifying name of the enrollment.

    Membership Expiration: The duration of the memberships of users enrolled with this enrollment. See more

    Start Date: Allows for memberships to be activated in future time and not directly after an enrollment is completed.

    Requires Approval: When enabled, enrollment requests submitted by users need to be approved by an administrator; otherwise, requests will be automatically approved.

    Comments: If activated Users that are submitting an enrollment request need to also provide additional information.

    Acceptable Use Policy (AUP): Acceptable Use Policy in the form of a URL.

    Available Roles: Available roles to users using this enrollment.

    Multiselect Roles: If activated users using this enrollment can select multiple roles.

    Visible to non-members: If activated the enrollment will be available in the Group Enrollment Discovery Page.

    Is Active: Only active enrollments can be used for user enrollments.

    Enrollment Discovery Page#

    Each group has a group enrollment discovery page where users can view all the available (visible) enrollment flows. Selecting an enrollment flow and using the submit button after filling the form creates an enrollment request. Enrollment requests can be used to create a new membership to a group or update an existing one. Always preselected is the default enrollment flow.

    The Enrollment Discovery Page is accessed through a URL using the group path of a group following this format:

    https://kc-example/account/#/enroll?groupPath=/group/path/example

    Enrollment Discovery Page

    Create Enrollment Configuration#

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. Admin Groups View
    3. Select the Group Enrollment Tab -Admin Group Enrollment Tab
    4. Click on the + button located in the table header to open the creation window +Admin Group Enrollment Tab
    5. Click on the + button located in the table header to open the creation window Admin Group Create Enrollment
    6. Fill the form with the necessary information and click the Create button to create the Enrollment Configuration Admin Group Create Enrollment Form

    Update Enrollment Configuration#

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. Admin Groups View
    3. Select the Group Enrollment Tab -Admin Group Enrollment Tab
    4. Locate the Enrollment Configuration you want to update in the list.
    5. Select the Enrollment Configuration you want to update by clicking on it. +Admin Group Enrollment Tab
    6. Locate the Enrollment Configuration you want to update in the list.
    7. Select the Enrollment Configuration you want to update by clicking on it. Admin Group Select Enrollment
    8. Edit the fields you want to update and click the SAVE button to update the Enrollment Configuration -Admin Group Update Enrollment Form

    Delete Enrollment Configuration#

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. +Admin Group Update Enrollment Form

    NOTE: When updating an enrollment configuration, all ‘pending approval’ and ‘Waiting for reply’ enrollment requests with this configuration are archived.

    Delete Enrollment Configuration#

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Locate your group in the Group Management Page and access the Group Configuration Page by clicking it. Admin Groups View
    3. Select the Group Enrollment Tab -Admin Group Enrollment Tab
    4. Locate the Enrollment Configuration you want to delete in the list.
    5. Select the Enrollment Configuration you want to delete by clicking on it. +Admin Group Enrollment Tab
    6. Locate the Enrollment Configuration you want to delete in the list.
    7. Select the Enrollment Configuration you want to delete by clicking on it. Admin Group Select Enrollment
    8. Click the trash icon next to the Enrollment Configuration name. -Admin Group Delete Enrollment
    9. Click the YES button to delete the Enrollment Configuration in the confirmation pop-up window.

    Review Enrollment Request#

    Once a enrollment request to join a group is submitted admins of the group are notified to review the request if that request requires approval.

    To review an enrollment request follow these steps:

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Access the Review Enrollment Requests page available in the Group Management Section. +Admin Group Delete Enrollment
    3. Click the YES button to delete the Enrollment Configuration in the confirmation pop-up window.

    NOTE: When deleting an enrollment configuration, all ‘pending approval’ and ‘Waiting for reply’ enrollment requests with this configuration are archived.

    Review Enrollment Request#

    All enrollment requests—no matter for the status—are accessible through the Account Console for Group admins. When a user submits an enrollment request to join a Group and the request requires approval, Group admins are notified via email. These notifications include a direct link to the request that needs to be reviewed, streamlining the approval process. Admins can view and manage these enrollment requests directly from their Account Console, making it easy to keep track of pending requests and process approvals in a timely manner.

    To review an enrollment request follow these steps:

    1. Login to Keycloak Account Console using any of the login credentials already linked to your RCIAM account.
    2. Access the Review Enrollment Requests page available in the Group Management Section. Admin Groups View Enrollment Requests
    3. Locate the enrollment request In the list of all pending requests and click on the Review Button to open the Review Page. Admin Groups Review Select Enrollment Requests
    4. Check all the information about the User and his Membership.
    5. Optionally Leave a justification comment for your Review Action.
    6. Approve the request by clicking the green Approve button or reject it by clicking the red Reject button. -Admin Groups Review Enrollment Requests Action

    NOTE: After approving or denying an enrollment request email notifications are sent to the requesting user and other administrators of the group

    Enrollment Request Details#

    Information Available when reviewing an enrollment request:

    General Details#

    Submission Date: Date and time of the submission of the request by the user.

    Enrollment Request Status: Status of the request. (Pending Approval, Approved, Rejected)

    User Details#

    Full Name: Full name of the user submitting the request.

    Email: Email address of the user submitting the request.

    Identity Assurance: ????

    Linked Identity Providers:

    Membership Details#

    Group Name: Name of the group

    Enrollment Name: Name of the enrollment configuration used

    Group Roles: List of the roles that the user will acquire from this enrollment request

    Acceptable User Policy (AUP): Link of the AUP that the user has approved

    Membership Expiration Days: The duration of the membership in days

    Comments (or custom name): Additional information from the user submitting the request.

- +Admin Groups Review Enrollment Requests Action

NOTE: After approving or denying an enrollment request email notifications are sent to the requesting user and other administrators of the group

Enrollment Request Details#

Information Available when reviewing an enrollment request:

General Details#

Submission Date: Date and time of the submission of the request by the user.

Enrollment Request State: State of the request. (Pending Approval, Approved, Rejected, Self Reviewed, Archived)

User Details#

The User Details at the time the enrollment request was created:

Full Name: Full name of the user when the request was submitted.

Email: Email address of the user when the request was submitted.

Authentication Providers: Authentication provider(s) used by the user for submitting the request.

Assurance: Information for assessing the confidence level in the identity of the user when the request was submitted.

Show Current User Details#

Full Name: Current full name in the user profile

Email: Current email address in the user profile

Linked Identity Providers: Authentication providers linked to the user’s profile.

Membership Details#

Group Name: Name of the group

Enrollment Name: Name of the enrollment configuration used

Group Roles: List of the roles that the user will acquire from this enrollment request

Acceptable User Policy (AUP): Link of the AUP that the user has approved

Membership Expiration Days: The duration of the membership in days. See more

Comments (or custom name): Additional information from the user submitting the request.

+ \ No newline at end of file diff --git a/docs/manager/virtual-organisations/index.html b/docs/manager/virtual-organisations/index.html index 6e41474..db2f3f1 100644 --- a/docs/manager/virtual-organisations/index.html +++ b/docs/manager/virtual-organisations/index.html @@ -5,7 +5,7 @@ Virtual Organisations | RCIAM Docs - + @@ -109,7 +109,7 @@ check that the status is actually set to Active for each of the identified VOs (see the vo_id attribute)

  • Updating existing VO membership record:

    curl -vX PUT https://rciam.example.org/api/v1/VoMembers \     --user "example-client":"veryverysecret"  \     --data @update.json \     --header "Content-Type: application/json"

    The request body is the same as the one used for adding new members but update requires using PUT instead of POST.

  • Removing VO member:

    Same as the update but requires setting the membership status to Deleted

    • - + \ No newline at end of file diff --git a/docs/manager/voms/index.html b/docs/manager/voms/index.html index 4f4d821..0bb428c 100644 --- a/docs/manager/voms/index.html +++ b/docs/manager/voms/index.html @@ -5,7 +5,7 @@ VOMS | RCIAM Docs - + @@ -133,7 +133,7 @@ certificate available in your $HOME/.globus directory you can create a VOMS proxy to be used with clients with:

    voms-proxy-init --voms <name of the vo> --rfc

    See for example, using vo.example.org VO:

    voms-proxy-init --voms vo.example.org --rfcEnter GRID pass phrase:Your identity: /DC=org/DC=terena/DC=tcs/C=NL/O=XXX/OU=UCST/CN=YYY ZZZCreating temporary proxy ......................................................... DoneContacting  voms1.example.org:15002 [/DC=cz/DC=AAA/O=BBB/CN=voms1.example.org] "vo.example.org" DoneCreating proxy ................................................................... Done
 Your proxy is valid until Mon Feb  4 23:37:21 2019
    - + \ No newline at end of file diff --git a/docs/overview/index.html b/docs/overview/index.html index a78c73a..37f146a 100644 --- a/docs/overview/index.html +++ b/docs/overview/index.html @@ -5,7 +5,7 @@ Overview | RCIAM Docs - + @@ -20,7 +20,7 @@ services using popular protocols, such as OpenID Connect and SAML, to securely authenticate and identify their users, organise them in groups, assign them roles and centrally manage access rights for accessing protected resources.

    - + \ No newline at end of file diff --git a/docs/roadmap/index.html b/docs/roadmap/index.html index 20d54a0..81ffa63 100644 --- a/docs/roadmap/index.html +++ b/docs/roadmap/index.html @@ -5,13 +5,13 @@ Roadmap | RCIAM Docs - +

    Roadmap

    Work in Progress#

    This page is under construction.

    - + \ No newline at end of file diff --git a/docs/tags/index.html b/docs/tags/index.html index 91be716..d5364ef 100644 --- a/docs/tags/index.html +++ b/docs/tags/index.html @@ -5,13 +5,13 @@ Tags | RCIAM Docs - +

    Tags

    - + \ No newline at end of file diff --git a/docs/use-cases/index.html b/docs/use-cases/index.html index 24f66e1..ee01962 100644 --- a/docs/use-cases/index.html +++ b/docs/use-cases/index.html @@ -5,13 +5,13 @@ Use Cases | RCIAM Docs - +

    Use Cases

    Work in Progress#

    This page is under construction.

    - + \ No newline at end of file diff --git a/docs/user/faq/index.html b/docs/user/faq/index.html index 0ace81f..f395bdf 100644 --- a/docs/user/faq/index.html +++ b/docs/user/faq/index.html @@ -5,7 +5,7 @@ FAQ | RCIAM Docs - + @@ -35,7 +35,7 @@ different identity provider, click CHOOSE ANOTHER ACCOUNT and then select IGTF. Alternatively, you can click here for your convenience

    RCIAM IdP discovery IGTF

    - + \ No newline at end of file diff --git a/docs/user/linking/index.html b/docs/user/linking/index.html index d38c416..b4567f6 100644 --- a/docs/user/linking/index.html +++ b/docs/user/linking/index.html @@ -5,7 +5,7 @@ Linking identities | RCIAM Docs - + @@ -41,7 +41,7 @@ the source is https://edugain-proxy.igtf.net/simplesaml/saml2/idp/metadata.php.

    List organisational identities

  • Then scroll down to Certificates and you should see the subject DN of your certificate.

    Certificates preview

    • - + \ No newline at end of file diff --git a/docs/user/signup/index.html b/docs/user/signup/index.html index 499640d..85d4214 100644 --- a/docs/user/signup/index.html +++ b/docs/user/signup/index.html @@ -5,7 +5,7 @@ Sign up | RCIAM Docs - + @@ -40,7 +40,7 @@ can be categorised as follows:

    Basic profile#

    Includes the basic information about your profile:

    • Name
    • Identifiers
    • Email addresses

    User profile

    VO/Group membership and roles#

    Includes information about the Virtual Organisations and groups the user if member of and the roles assigned to the user within those Virtual Organisation.

    VO/Group membership

    Linked identities#

    Information about identites linked to your account. Check the guide for linking accounts for more information.

    Linked identities

    - + \ No newline at end of file diff --git a/img/manager/admin-group-admin-tab.png b/img/manager/admin-group-admin-tab.png index b79569c..1afc9f4 100644 Binary files a/img/manager/admin-group-admin-tab.png and b/img/manager/admin-group-admin-tab.png differ diff --git a/img/manager/admin-group-create-group-role.png b/img/manager/admin-group-create-group-role.png new file mode 100644 index 0000000..e3f7e79 Binary files /dev/null and b/img/manager/admin-group-create-group-role.png differ diff --git a/img/manager/admin-group-delete-group-role.png b/img/manager/admin-group-delete-group-role.png new file mode 100644 index 0000000..4a1e90e Binary files /dev/null and b/img/manager/admin-group-delete-group-role.png differ diff --git a/img/manager/admin-group-details-tab.png b/img/manager/admin-group-details-tab.png new file mode 100644 index 0000000..be8bd90 Binary files /dev/null and b/img/manager/admin-group-details-tab.png differ diff --git a/img/manager/admin-group-edit-member-roles-window.png b/img/manager/admin-group-edit-member-roles-window.png index 38e62a9..993a2c2 100644 Binary files a/img/manager/admin-group-edit-member-roles-window.png and b/img/manager/admin-group-edit-member-roles-window.png differ diff --git a/img/manager/admin-group-edit-member-roles.png b/img/manager/admin-group-edit-member-roles.png index d6f1da2..b520e7e 100644 Binary files a/img/manager/admin-group-edit-member-roles.png and b/img/manager/admin-group-edit-member-roles.png differ diff --git a/img/manager/admin-group-effective-expiration.png b/img/manager/admin-group-effective-expiration.png new file mode 100644 index 0000000..22f6887 Binary files /dev/null and b/img/manager/admin-group-effective-expiration.png differ diff --git a/img/manager/admin-group-enrollment-discovery-page.png b/img/manager/admin-group-enrollment-discovery-page.png new file mode 100644 index 0000000..b33fd58 Binary files /dev/null and b/img/manager/admin-group-enrollment-discovery-page.png differ diff --git a/img/manager/admin-group-enrollments-tab.png b/img/manager/admin-group-enrollments-tab.png index 040c86a..864404f 100644 Binary files a/img/manager/admin-group-enrollments-tab.png and b/img/manager/admin-group-enrollments-tab.png differ diff --git a/img/manager/admin-group-extend-membership.png b/img/manager/admin-group-extend-membership.png new file mode 100644 index 0000000..f1ea5a8 Binary files /dev/null and b/img/manager/admin-group-extend-membership.png differ diff --git a/img/manager/admin-group-invite-url-specific.png b/img/manager/admin-group-invite-url-specific.png index d06de14..7d96cd2 100644 Binary files a/img/manager/admin-group-invite-url-specific.png and b/img/manager/admin-group-invite-url-specific.png differ diff --git a/img/manager/admin-group-invite-url.png b/img/manager/admin-group-invite-url.png index f08bb66..a35ae94 100644 Binary files a/img/manager/admin-group-invite-url.png and b/img/manager/admin-group-invite-url.png differ diff --git a/img/manager/admin-group-member-action-confirmation.png b/img/manager/admin-group-member-action-confirmation.png index e59e76b..193ffdb 100644 Binary files a/img/manager/admin-group-member-action-confirmation.png and b/img/manager/admin-group-member-action-confirmation.png differ diff --git a/img/manager/admin-group-member-action.png b/img/manager/admin-group-member-action.png index 2266297..ac76753 100644 Binary files a/img/manager/admin-group-member-action.png and b/img/manager/admin-group-member-action.png differ diff --git a/img/manager/admin-group-members-invite-step1.png b/img/manager/admin-group-members-invite-step1.png index 89cca7b..ce78eca 100644 Binary files a/img/manager/admin-group-members-invite-step1.png and b/img/manager/admin-group-members-invite-step1.png differ diff --git a/img/manager/admin-group-members-invite-step2.png b/img/manager/admin-group-members-invite-step2.png index da68df3..fb60ae9 100644 Binary files a/img/manager/admin-group-members-invite-step2.png and b/img/manager/admin-group-members-invite-step2.png differ diff --git a/img/manager/admin-group-members-invite-step3.png b/img/manager/admin-group-members-invite-step3.png index 20511da..4fdd56a 100644 Binary files a/img/manager/admin-group-members-invite-step3.png and b/img/manager/admin-group-members-invite-step3.png differ diff --git a/img/manager/admin-group-members-invite.png b/img/manager/admin-group-members-invite.png index e49755d..8dbf5e3 100644 Binary files a/img/manager/admin-group-members-invite.png and b/img/manager/admin-group-members-invite.png differ diff --git a/img/manager/admin-group-members.png b/img/manager/admin-group-members.png index a0c1df8..8abedda 100644 Binary files a/img/manager/admin-group-members.png and b/img/manager/admin-group-members.png differ diff --git a/img/manager/admin-group-remove-member.png b/img/manager/admin-group-remove-member.png index e48edc6..2131ea8 100644 Binary files a/img/manager/admin-group-remove-member.png and b/img/manager/admin-group-remove-member.png differ diff --git a/img/manager/admin-group-subgroups-delete.png b/img/manager/admin-group-subgroups-delete.png new file mode 100644 index 0000000..ea2d662 Binary files /dev/null and b/img/manager/admin-group-subgroups-delete.png differ diff --git a/img/manager/admin-group-subgroups-main.png b/img/manager/admin-group-subgroups-main.png new file mode 100644 index 0000000..58f2878 Binary files /dev/null and b/img/manager/admin-group-subgroups-main.png differ diff --git a/img/manager/admin-group-subgroups-tab-create.png b/img/manager/admin-group-subgroups-tab-create.png new file mode 100644 index 0000000..7753f18 Binary files /dev/null and b/img/manager/admin-group-subgroups-tab-create.png differ diff --git a/img/manager/admin-group-subgroups-tab-delete.png b/img/manager/admin-group-subgroups-tab-delete.png new file mode 100644 index 0000000..b3c19e5 Binary files /dev/null and b/img/manager/admin-group-subgroups-tab-delete.png differ diff --git a/img/manager/admin-group-subgroups-tab.png b/img/manager/admin-group-subgroups-tab.png new file mode 100644 index 0000000..9af49c3 Binary files /dev/null and b/img/manager/admin-group-subgroups-tab.png differ diff --git a/img/manager/admin-group-view-members-tab.png b/img/manager/admin-group-view-members-tab.png index 7c9e926..74b9511 100644 Binary files a/img/manager/admin-group-view-members-tab.png and b/img/manager/admin-group-view-members-tab.png differ diff --git a/img/manager/admin-groups-select-parent.png b/img/manager/admin-groups-select-parent.png new file mode 100644 index 0000000..0280117 Binary files /dev/null and b/img/manager/admin-groups-select-parent.png differ diff --git a/img/manager/admin-groups-select-sub.png b/img/manager/admin-groups-select-sub.png new file mode 100644 index 0000000..4ac9f1e Binary files /dev/null and b/img/manager/admin-groups-select-sub.png differ diff --git a/index.html b/index.html index 18cc441..b2e759f 100644 --- a/index.html +++ b/index.html @@ -5,13 +5,13 @@ RCIAM Docs | RCIAM Docs - +
    RCIAM Logo (Full)

    RCIAM is an identity and access management solution that supports multiple identity protocols and frameworks, such as SAML 2.0, OpenID Connect, and OAuth 2.0.

    Learn More
    - + \ No newline at end of file