Users in SAP Cloud Identity Services fall into two categories: administrators and end users.
SAP Cloud Identity Services distinguish between two types of administrators: user administrator and system administrator.
-
User administrators are real persons. They manage tenant configurations, applications, corporate identity providers, identity provisioning, users and groups. The initial administrator of SAP Cloud Identity Services tenants is created as a user administrator.
-
System administrators are technical users. They are used for establishing system-to-system communication in provisioning scenarios, accessing real-time provisioning and proxy system APIs, as well as accessing tenant API for running Identity Provisioning jobs. System administrators can also act as user administrators because they have the same authorizations.
End users use business applications that consume Identity Authentication as identity provider. The service authenticates the users with credentials maintained in Identity Authentication or delegates the authentication request to a 3rd party identity provider. End users are initially created, imported or provisioned to the user store of SAP Cloud Identity Services.
There are six user types of end users:
|
User Type |
Description |
|---|---|
|
Customer |
External users that are customers for the company. They may need access to some applications. |
|
Employee |
Internal company users, mainly users with long-term contracts. |
|
Partner |
External users from a partner company that will need some kind of access. |
|
Public |
External users that are not controlled by the company. For example, self-registered. |
|
External |
External users that can be a temporary hired employees that need access to some applications, or external users that need access to learning materials and training managed by the company. |
|
Onboardee |
An employee user that needs a different authentication, because, for example the user may not exist in the corporate identity provider. |
Related Information