Identity & Access Management

As an Organization Owner user, you control user and group access to your Organization and its resources.

• How do I manage roles and permissions
  As an Organization Owner user, you grant Tanzu Platform cloud services users role-based access when you invite them to join your Organization.
• How do I manage users in my Organization
  If you are an Organization Owner user, you manage user access and determine the service and Organization level permissions granted to users and groups in your Organization.
• How do I work with the Management Organization
  The Management Organization is a special cloud services Organization that lets you manage resources and policies across Organizations.
• How do I work with groups
  Assigning roles to groups is more efficient than assigning the same permissions to individual users one at a time. As an Organization Owner user, you create groups and determine the members that make up your groups and what roles they are assigned.
• What is enterprise federation and how does it work with Tanzu Platform cloud services
  As an enterprise using Tanzu Platform cloud services, you can set up federation with multiple corporate domains. By federating your corporate domains, you activate single sign-on for users in your enterprise. Enterprise federation with Tanzu Platform cloud services supports integration with SAML 2.0 based identity providers.
• What is Identity Governance and Administration and how does it work with Tanzu Platform cloud services
  Identity Governance and Administration (IGA) is a service that allows your enterprise to obtain data for audit trail and certification, and helps Organization Owner users to manage self-service access requests, approvals, violations, and API tokens in real time.
• How do I create OAuth 2.0 apps and authenticate applications
  Tanzu Platform cloud services console uses OAuth 2.0 so that you can give your applications secure delegated access to the protected resources in your Organization. Tanzu Platform cloud services supports web application access where users of your app authorize access, and server-to-server interactions where access tokens are issued directly to your app.
• What’s involved in working with Projects in Tanzu Platform cloud services console
  Tanzu Platform cloud services uses Projects as a way to group an Organization’s resources into distinct buckets and assign user and group access to the resources in each bucket. This allows Organization Owners to logically organize, map and track usage of their cloud services resources.