User authorization

User authorization occurs when an authenticated user uses IBM® Flex System Manager to perform a task on a resource. The authorization mechanism compares the user account, or the group to which the user belongs, to the role-based access control (RBAC) settings for that user or group. If a role exists that contains the authorizations necessary to complete that task on that specified resource, then the task proceeds.

Users can access only the applications, tasks, and resources that their user accounts are authorized to access. The authorities that you grant to a user determine the console and resource information that the user can access, and the tasks that the user can perform on those resources.

The authorization process that IBM Flex System Manager performs when accessing a resource is independent of the authentication that is required to access that resource. For example, a user might be able to authenticate to and therefore access IBM Flex System Manager Web interface or another resource by using IBM Flex System Manager Web interface, but to perform a task on that resource, both the task and the resource must be authorized in the role settings that are assigned to that user or the authorization group to which the user belongs.

After a user account is added to the applicable IBM Flex System Manager group to provide access to IBM Flex System Manager Web interface, you can log in to IBM Flex System Manager Web interface as an administrator and configure the authorization policies and rules for IBM Flex System Manager tasks and resources for that user.