There are cases when you need to force midpoint thinks that user has assigned some role. The assignemnt actually doesn't exist but there is a need to preted as it does. This can be used e.g. for post-authentication flow. The user has assigned all business, application, etc. roles but we don't want to consider these roles during his post-authentication proces. Instead, we want to pretend he has "temporary" role assigned which allows him to perform post-authentication.
Name | Type | Multiplicity | Description |
---|---|---|---|
$itemDefinition.Name.LocalPart |
property QName |
[0,1] | The target type of the assignment, e. |
$itemDefinition.Name.LocalPart |
property SearchFilterType |
[0,1] | No filter, no virtual assignemnts. |
Flags: RAM,runtime
Multiplicity: [0,1]
The target type of the assignment, e.g RoleType, ServiceType, OrgType, ...
Flags: RAM,runtime
Multiplicity: [0,1]
No filter, no virtual assignemnts.