Personas and roles

A persona is a user with a predefined set of roles within the system. Personas are issued a certain set of security permissions, or grants, needed to achieve their goals as system users. Access to specific functions, user interface components, or endpoint types is limited by the specific grants allowed or disallowed for each persona or role.

The following chart illustrates the relationships among personas, roles, and grants.

Basic roles (shown with solid lines) are directly associated with grants, while composite roles (shown with dotted lines) are composed of basic roles. Optionally, composite roles can be associated directly with grants, as shown by the relationship between composite Role A with Grant 4 in the chart.