Identity Cloud

Validate relationships between objects

Optionally, you can specify that a relationship between two objects must be validated when the relationship is created. For example, you can indicate that a user cannot reference a role if that role does not exist.

When you create a new relationship type, validation is disabled by default because it involves an expensive query to the relationship that is not always required.

To configure validation of a referenced relationship, set "validate":true in the managed object schema. The default schema enables validation for the following relationships:

  • For user objects—roles, managers, and reports

  • For role objects—members and assignments

  • For assignment objects—roles

Copyright © 2010-2024 ForgeRock, all rights reserved.