Glossary
This section describes the commonly used terms in Harmonized Identity API.
| Term | Description |
|---|---|
| Business Units | Module that enables an Enterprise to manage the authentication and authorization of their Business Units according to the Enterprise's hierarchy. |
| Business Unit Types | Types of a business unit, for example: Enterprise, Store, Country, City |
| Parents of a Business Unit Type | For example, Store may have Parent business unit type: City. A Business Unit Type can have more than one parent Business Unit Type. |
| Location type | The options of the location types are: Office, Warehouse, Location. |
| Users | Module that enables users to set up and manage User details in HIDM. These users may be assigned to one or more applications integrated with HIDM, assuming different Roles in each application. |
| Multi-Factor Authentication (MFA) | Layered approach to securing data and applications where a system requires a user to present a combination of two or more credentials to verify a user's identity for login. Initially, the user logs in with valid credentials for the first time; then based on the Tenant settings, the user is directed to either use Time-Based or SMS/Email based MFA. |
| Roles | Logical grouping of Permissions or groups of Permissions. Roles can be specific to an Application or can be a Global Role, that can consist of Permissions across Applications. Using these roles, a registered user or a client is granted access to a specific resource. Local role is a role created specifically for a particular application, while Global roles are roles created such that they can be consumed by any application. |
| Applications | Module in HIDM that enables users to set up and manage applications or solutions that require integration with the HIDM solution for authentication and authorization. |
| Permission | Predefined and the most granular level of operation that can be permitted to a user or client. These are the leaf node in the overall permission hierarchy. These permissions can include tasks such as viewing, updating information, deleting , or managing entities. |
| Permission Groups | Sets of access rights or rules assigned to users based on their position and responsibilities. This grouping of permissions simplifies the process of granting and managing permissions within the system. For instance, individual APIs related to each other can be grouped into a permission group, and these groups can further be organized by application. |
| Clients | Represent applications that can request tokens from the Identity Server. A client can request for a token only if it was registered (through create client) in the HIDM system. A registered application can have multiple clients, for example, FCx_RetailManagement, FCx_ConfigurationManagement, FCx_POS. |
| Resources | Represent all the Identity resources, protected resources and scopes that are available as part of the application. |