Skip to main content
Skip table of contents

Delegated Administration

The Delegated administration is based on Memority administration roles. It benefits from the same principles offered to manage applications but applied to the internal access rights and dimensions (Security Organization, …) of a Memority tenant.

As per other roles, Memority Administration roles can have dimension which offers a management scope on top of the permissions to access the different configured features. This scope is usually based on identity attributes such as Organization or Application and guarantee that even if a user has access to an administration feature, he will only be able to act the data is authorized to.

By applying this mechanism, Memority can grant administration access to users working in different BUs and make sure that they will only be able to manage other users belonging to their respective BUs. For example:

  • George Buck, manager of Marketing BU from France, could manage only identities which have Marketing BU as Organization and France as country.

  • John Paek, application owner of Google for France, can only grant Google access to identities located in France.

  • Jina Manson, Responsible of sensitive Google groups for Spain region, will be notified only when these groups are granted to identity located in Spain in order to validate the request

The organization and sites hierarchies are flexible, for example, we can define different independent organization trees (Application, Department, Geography, HR organization, operational organization, …).

This mechanism allows to scope visibility and action depending on the authenticated administrator.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close