Group and Role Management allows an organization to manage application authorizations more efficiently by treating a collection of users who need the same type of application access as a unit.
One or more authorizations can be associated to the group or role and users can be assigned to that group or role either by request or automatically based on some attribute they possess (their department, job title, position, etc.).
The University’s group and role management solutions can be found under Group and Role Management in the service catalog.
Apollo
Apollo is a centralized, mainframe-based authorizationAuthorization Authorization refers to the act of determining whether an authenticated user is allowed to access a specific resource or take a specific action. For more information, see our Concepts page. and group membership repository. It allows developers to set up group membership and authorization schema for their applications.
For requests and support, please see the Group and Role Management business service and knowledge articles in UT ServiceNow.
Enterprise Group Services (EGS)
Enterprise Group Services (EGS) allows University departments to automate the management of application and system authorization groups. EGS group membership is managed using Attribute-Based Access Control (ABACABAC Attribute-Based Access Control (ABAC) is a mechanism for managing of user access to information systems based on values of user attributes. Attribute-Based Access Control (ABAC) evaluates the access dynamically, using an algorithm that takes “attributes” as an input, and outputs access decision (allow/deny). The attributes are usually user attributes from the user profile, supplemented with context attributes, such as time of access and user’s current location.) rules with members being added and removed automatically.
See the “Is my use case a good fit for Enterprise Group Services (EGS)?” knowledge article to learn if EGS is right for your CSUCSU College, School, or Unit.
Enterprise Group Services (EGS) is currently in soft launch and working with selected early adopters. While the team will field requests from other University departments, requests from early adopters will be prioritized.
For additional requests and support, please see the Group and Role Management business service and knowledge articles in UT ServiceNow.
Organizational Hierarchy System Contacts (OHSC)
OHSC is a tool used by central offices to identify individuals in campus departments that are responsible for specific business and technical roles.
For requests and support, please see the Group and Role Management business service and knowledge articles in UT ServiceNow.
SailPoint IdentityIQ (IIQIIQ SailPoint IdentityIQ (IIQ) is a group- and role-based authorization management service. See Identity Lifecycle Management for more information.)
IIQ provides group and role management functionality which allows an organization to manage application authorizations more efficiently by treating a collection of users who need the same type of access as a unit. One or more authorizations can be associated with the role and users can be assigned to that role either by request or automatically based on an attribute on the user.
For requests and support, please see the Group and Role Management business service and knowledge articles in UT ServiceNow.
Service Availability Metrics
The IAMIAM Identity and Access Management (IAM) is a set of policies, processes, and technologies designed to ensure that the right individuals (identities) have the right access to resources within an organization. IAM involves managing and securing digital identities, controlling access to systems and data, and maintaining the confidentiality, integrity, and availability of information. Team has set a Service Level Objective (SLO) of 99.178% availability for SailPoint IdentityIQ (IIQ).
Year | SailPoint IdentityIQ (IIQ) |
---|---|
2023 | 99.994% |
2022 | 99.499% |
2021 | 99.972% |
2020 | 98.275% |
2019 | 99.876% |
2018 | 99.941% |
For more data, please see our Metrics page.
Release Notes
- Release Notes – Enterprise Group Services – Release 2025.2.0
- Release Notes – Enterprise Group Services – Release 2025.1.0
- Release Notes – Enterprise Group Services – Release 2024.4.2
- Release Notes – SailPoint IdentityIQ (IIQ) – Version 2024.2.2
- Release Notes – Enterprise Group Services – Release 2024.4.1