Centralized Identity Management (CIM) introduces the User Admin role. User Admins can enforce the separation of duties in your tenant. They can:
- Assign and unassign users from workspaces
- Create, update, enable, and disable user accounts
- The ability to assign and unassign users from workspaces is currently associated with both the User Admin and the Workspace Admin role. In a future CIM release, this will be User Admin only.
- When user is added to a workspace, they're a standard user. Their data access to the workspace is granted at the model-level.
- A User Admin can add themselves to any workspace on a tenant. The User Admin still requires model-level permission to access data.
- You can also use the SCIM API
(opens external page) package as an alternative to CIM.
If you're assigned the User Admin role, you can access the functions of Centralized Identity Management through the Administration console.