Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-3307

Add support for Segregation of Duties

    XMLWordPrintable

Details

    • Feature Request
    • Status: Closed
    • Minor
    • Resolution: Deferred
    • None
    • None
    • None
    • None

    Description

      Segregation of Duties (SoD) is a mechanisms that prevents accumulating of too much power in the hands of a single person. It places a constraints on assignments of entitlements to users. For example SoD may prevent a single user to create a request and also approve it.

      Source:
      from https://wiki.evolveum.com/display/midPoint/Segregation+of+Duties

      In Keycloak this would mean to specifiy that two roles are mutually exclusive determined based on the overall effective roles of a user (the same applies to service accounts).

      Attachments

        Activity

          People

            Unassigned Unassigned
            thomas.darimont@googlemail.com Thomas Darimont
            Votes:
            2 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: