How To

How do I configure role based provisioning in OpenIDM 3.x?

Last updated Jan 5, 2021

The purpose of this article is to provide a video demonstration that will help guide you through understanding and configuring role based provisioning in OpenIDM 3.x. This demonstration is based on sample2b and covers creating a role, assigning a role, removing a role from a user and deleting the role definition.


This article has been archived and is no longer maintained by ForgeRock.

Configuring role based provisioning


Although the Limitations section of the OpenIDM 3.1 Release Notes state "The OpenIDM implementation of roles does not enforce referential integrity", OpenIDM does enforce referential integrity when you delete a role for a user.

See Also

How do I provision external accounts in a pre-defined order in IDM (All versions)?

How do I maintain relationships for a managed user in IDM (All versions) using REST Patch operations?

OpenIDM Integrator's Guide › Managing Users, Groups, and Roles › Configuring Custom Roles

Related Training

ForgeRock Identity Management Core Concepts (IDM-400)

Related Issue Tracker IDs


Copyright and Trademarks Copyright © 2021 ForgeRock, all rights reserved.