Identity Workspace Settings

The Identity Workspace Settings screen allows you to view and manage many of the elements in the Identity Workspace. When creating multiple Identity Workspaces, the tabs on the Settings screen refer only to the currently displayed Identity Workspace.

Accessing and Editing Identity Workspace Settings 

To access the Identity Workspace Settings screen:

• Click the Identity Workspace settings icon ().

Identity Workspace Tabs

The Identity Workspace Setting screen displays the following tabs:

• Details
• Identity Attributes
• Attribute Sources
• Permissions

Details

The Details tab of the Identity Workspace screen displays the:

• Name
• Description (optional) 
• Logo URL
  • The Identity Attribute icon is the same logo defined for the Workspace.
• Workspace ID (unique value) 
• Environment ID (unique value)
• Identity Template Settings section, which includes:
  • Identity Template ID: An Identity Workspace identifier used by the PDP for the access decision calculation. In a Request Flow, it is sent in the ‘entityType’ property.
  • Identity Template Matcher: A JSON Path to the JWT request claim or Header property used for matching.
  • Matcher Value: The value that the Identity Template Matcher validates against. If matched this Identity Template will be used for the request processing.
  • Identity ID Mapper: A JSON Path to the request JWT claim or Header property from which the Identity ID value is extracted.
  • Toggles for JWT Validation

Click Edit to modify the current Identity Template Settings or Description fields.

The Identity Attributes screen is divided into the following areas:

• Attributes List: contains a list of all currently defined Identity Attributes
• Details area: which displays details of the currently selected Attribute in the Attributes List. This area is divided into two sections:
  • General Details, which includes the Attribute Key, Display Name, Description, Source, and whether the Attribute is Active or Inactive.
  • Attribute Usage Settings, which includes whether the Attribute is Available for Policies, Can be used in Access Request, the Name for Request (defines the Attribute Name as it would appear within a Request), the JSON Path, and the Type (String or Numeric).

Attribute Sources

The Attribute Sources tab opens the Sources List, containing a list of all currently defined Identity Sources. Note that multiple Sources can be defined for each Environment and can include both Internal and External Sources.

The following types of Sources can be created: 

• Main
• Aux
• Context

When defining an Identity Source, you can define the following parameters:

In the General Details section:

• Source Name (required)
• Source Type: options include Main, Aux, Context (required)
• Logo URL

In the Source Detail section:

• Policy Authorization Group (required)
• Source View (required)
• Cache Duration (required)
• Validate user (optional field which appears when you select the Source Type as Main)

For more information, see Managing Attribute Sources.

Permissions