Authentication and Authorization

Capital Investment Budget uses the same authentication method configured for your Nakisa Lease Administration instance. This can be one of the following methods:

• Nakisa's Identity & Access Management Solution (IAM)
• SAML 2.0-based Single-Sign-On (SSO) and an Identity Provider (IdP) for full user authentication and to fetch the user's assigned role.

  Note: Nakisa allows for one SSO connection. If you require additional SSO, contact Nakisa Support for options.

Roles assigned in the IdP are mapped to application roles in Nakisa Cloud Platform. Authenticated users and their application role are stored in the User table in the Administration section. Configurable Profiles must also be assigned to all users in the User table, to determine which submissions users have access to.

Application roles use authorities to grant access to different actions or areas of the application. These authorities are grouped together in authority groups. The Role Authority page lists the default application roles and contains a matrix where you can map the role to the authority group.

Refer to the following topics for more information:

• Users
• Profile
• Authorities
• Authority Groups
• Role Authorities

Capital Investment Budget 2022.R2-SP © 2024

Nakisa Inc. All rights reserved worldwide.