Introduction

The purpose of this page is to check the definition of authorizations.

You can take any existing user (or service or whatever subject is allowed to log into midPoint) and check the effects of their authorizations. You can add your own authorizations to the ones currently defined for the subject.

Alternatively, you can start from scratch by not choosing any subject. In that case, only the authorizations explicitly provided here will be applied.

Select any subject. Alternatively, the currently logged-in user is used (but ignoring its current authorizations).

You can define any additional authorizations here.

Object processing

Here you can check the application of authorizations on objects being read.

Authorization evaluation

By clicking on this button, the evaluation of authorizations starts. If specific object is selected, the "read" authorizations are checked against it. Otherwise, the filter is computed.
         

Here is the result of the evaluation.

Details about how the result was computed.