Alpha and Bravo realms
The Alpha and Bravo realms are the two default realms that are included as part of an PingOne Advanced Identity Cloud tenant. These realms are configurable, unlike the top-level realm that Advanced Identity Cloud configures for tenant administrator identities.
Advanced Identity Cloud does not support more than two realms in the same tenant. |
The Alpha and Bravo realms are nearly identical, with the exception of delegated administration.
End-user sign-in
End users access their sign-in page using a URL that specifies the realm they belong to. For example:
-
Alpha realm end users: https://<tenant-env-fqdn>/am/XUI/?realm=alpha&authIndexType=service&authIndexValue=Login
-
Bravo realm end users: https://<tenant-env-fqdn>/am/XUI/?realm=bravo&authIndexType=service&authIndexValue=Login
Tenant administrators cannot authenticate using these realm-specific login URLs, learn more in Tenant administrator sign-in.
Delegated administration
In the Alpha realm, you can set up internal roles for delegated administration using a custom set of privilege attributes.You can then assign those internal roles to users so that Alpha realm users can act as delegated administrators and perform actions on the custom set of attributes specified by the role.
The Bravo realm does not support delegated administration.
Assign internal roles
You can assign the internal roles in two different ways using the Advanced Identity Cloud admin UI:
-
To add an internal role to a user, go to Identities > Manage > Realm - Users. Select a user, then select the Authorization Roles tab, then click + Add Authorization Roles.
-
To add a user to an internal role, go to Identities > Manage > Internal Roles. Select a role, then select the Members tab, then click + Add Members.
In the Bravo realm, while you can set up internal roles for delegated administration, you cannot use them. Also, you cannot add a user to an internal role, and even though it appears possible to add an internal role to a user, this will not correctly link the user to the role. If you attempt this, the user will not be listed in the internal role Members tab.
The following table summarizes these differences:
Action | Alpha Realm | Bravo Realm |
---|---|---|
Create internal role for the purposes of delegated administration |
||
Add user to internal role |
||
Add internal role to user |
|