Skip to main content

Change role membership attributes

Administrators can add attribute fields to gather additional information about role membership. End users can add or update the attribute values by requesting a change in role membership. The following procedure describes how to update role membership attribute values using the standard Change role membership request. It assumes that roles have been defined and assigned to an end user.

Add role membership attributes

To add role membership attributes:

  1. As a product administrator, click Manage the system > Resources > Resource attributes.

    res-attributes

  2. Click Add new…

    res-attr-role

  3. Enter values as follows:

    • ID: ROLE_ATTR1

    • Description: Role reason

    • Type: String

    • Minimum required number of values: 0

    • Maximum required number of values: 1

  4. Click Add.

  5. Click Add new… to add another attribute.

  6. Enter values as follows:

    • ID: ROLE_ATTR2

    • Description: Role date

    • Type: Date/time

    • Minimum required number of values : 0

  7. Click Add.

Now two attributes can be added to the role membership request page.

Set attribute access controls

To set access controls for the new attribute, add it to an attribute group:

  1. As a product administrator, click Manage the system > Resources > Resource attribute groups.

    resource-attribute-groups-SUI

  2. Click Add new…

  3. Enter the following values:

    • ID: ROLE_ATTR_GROUP

    • Description: Role attributes

    • Resource type: Role memberships

    role-attributes

  4. Click Add.

  5. Click the Access control tab.

  6. Select the checkboxes to allow the ALLUSERS group read and write permission.

    role-acl

  7. Click the Members tab.

  8. Click Select…

  9. Select the checkboxes for ROLE_ATTR1 and ROLE_ATTR2, then click Select.

    role-group-members
Add attributes to the pre-defined request

To add the role membership attributes to the Update role membership request:

  1. As a product administrator, click Manage the system > Workflow > Pre-defined requests .

  2. Select the built-in _UPDATE_ROLE_ request.

    roles-request

  3. Select the Attributes tab.

  4. Click Select…

  5. Select the checkbox for the ROLE_ATTR_GROUP, then click Select.

    roles-attr
Update role attributes

To update role attributes as an end user:

  1. Navigate to the Profile information and entitlements page

  2. Click Change role membership in the requests section.

    Bravura Security Fabric displays the request wizard.

    roles-wizard-attributes

  3. Enter values for the attributes.

  4. Click Submit.

    Relevant authorizers are notified to review the request if necessary.

    Attribute values are displayed on the request details page.

    role-attr-details
In this section: