Ownership and self-management
To manage access to Omada Identity, including ownership of objects and memberships to user groups, ownership, the Management concept requires that you enable the Self-management extension in the Role and Policy Engine (RoPE).
It is possible to disable the self-management extension. But in that case:
-
You must update the Effective owner fields manually or through a process/event,
-
You cannot synchronize ownerships between the connected systems and Omada Identity if you disable the self-management concept,
-
You cannot use the Delegation process to delegate ownership of the self-management resources.
When you use Self-management of ownerships you enable a RoPE extension that will create Calculated Resource Assignments to one of the self-management resources available in Omada Identity.
These represent the ownership of objects in to which you can assign owners. Once a user has been assigned to a self-management resource, the CRA will be shown in the Assignment grid and can be viewed in the Compliance Workbench.
Refer to the Ownership section of the documentation to learn more.