Accounts
In the IBM® Security Verify Governance data model, a user can be associated to a set of accounts.
An account is a user (a Digital Identity) with the associated authentication attributes (in the
most common case, User ID and Password) that are used to log onto
a target system.
A target system can be considered as a container of different applications.
The properties for managing a target system are specified in the Account Configuration (see dedicated link Accounts).
An Account Configuration contains, for example, the password policies that are shared to the target system that is associated with the configuration.
For every Account Configuration, it is possible to associate several accounts: this feature is referred to as Multiple Account.
Through a Multiple Account, you can associate a user to different accounts on the same target.
IDEAS account configuration.In IBM Security Verify Governance, multiple accounts can be assigned to a single user.
Default Account
Each IBM Security Verify Governance user must have a defined default account for each target.
The first account that is associated to a user is set as default.
If you add other accounts, for every added account you can choose whether to set it to the default account or confirm the previous default account.
In the absence of any specific indication, the system assigns entitlements to the default account.
Entitlements and Accounts
In the IBM Security Verify Governance data model there is a relation between Users and Roles.
With Multiple Accounts, there is a new relation between assigned Roles and Accounts.
There are different kinds of roles (or entitlements): Business Roles, IT Roles, Permissions, and External Roles.
With an exception for Business Roles, all others entitlements are linked to a single application, thus to a single account.
For more information, see Account administration.