An organization can have zero or more child organizations. Each child organization is a separate organization in its own right and has its own set of users, groups, roles, and permissions.
An organization can have zero or more child organizations. Each child organization is a separate organization in its own right and has its own set of users, groups, roles, and permissions.An organization can have one or more users. A user represents an individual who is an authorized user of CentraSite. Users are identified by a unique ID known to the external authentication system that CentraSite is configured to use. A user can belong to only one organization.An organization has one or more groups. A group represents a set of users. Groups enable you to collectively apply permissions and other capabilities to a specified set of users. All organizations include the following predefined groups:Group | Description |
Users | All users belonging to the organization. The API requires all organizations to have this group. |
Members | All users belonging to the organization or any of its descendants (that is, children, children's children, and so forth). |
An organization has one or more roles that can be assigned to users or groups. By default, each organization includes the following set of roles: Organization Administrator, Policy Administrator, Asset Administrator, Asset Provider, and Asset Consumer. A role is a collection of system-level permissions and/or organization-level permissions. These permissions enable users to work with specific types of objects or perform certain tasks. Roles can be assigned to individual users or to groups. The assignment of a role confers the permissions in the role upon the assigned user or group.Instance-level permissions are used to give specific users or groups access to individual assets or registry objects. They enable you to apply very fine-grain access controls to the assets in your organization.