Managed Identities and User Accounts
Apporetum creates a strict hierarchy of your organization to help you easily manage your access and identity lifecycle. There are three objects that should be understood to operate Apporetum:
- Account
- Identity
- Workforce Person
Accountsβ
Apporetum is designed to sync user accounts from all your connected Data Sources into our store. Accounts are read-only objects which represent a user's account (e.g. username, password, name and email). These Accounts own the access provided to them in Apporetum.
Workforce Personβ
Apporetum imports Workforce Persons from your HR and ITSM services as a representation of employees or contractors in your organization. Information on the Workforce Person is read-only and owned by the Workforce Person Feed.
Identityβ
Identities are the collection of accounts and a workforce person to represent an entity in your organization. Identities typically represent an employee and provide insight into all their accounts (and associated permissions) in your Data Sources. Identities' own state, like their employment status (Long service leave, contractor, active, inactive), can be used to manage their associated accounts.