Hi,
based on some Group Audit recommendation we have to build up a authorization concept for using the IAM manger tools for the support staff. As an example they should not be able to administer their own accounts. Further we have a support team located in three different hubs (EMEA, Americas, APAC). Each team should only have write access to THEIR people / requests, shop maintenance should only be done in EMEA.
In general I know the features of the permissions section in the designer.
My question is: Could anybody share good practices / experiences / some code snippets / anything else :-) about defining permissions in IAM ?
Any comment is appreciated. Thanks in advance
CU
Wolfgang