User Role Manager

Microsoft Azure Active Directory is now Microsoft Entra ID

The User Role Manager (URM) Service Type provides methods for returning user, group, role and security label information from Security Providers registered in the product. This service is mostly used internally by the product, but can also be used for task allocation or group and role membership queries. It is sometimes helpful to query user information to determine what type of information is returned by the query and subsequently used by the product to do things like assign tasks to users. This is especially true if you have multiple identity providers that you use in your processes, for instance from AD and Azure Active Directory. A service instance of this service type is registered automatically when you install the product. You would not normally need to configure a Service Instance of this service.

See the following resources for more information:

Service Authentication

The following Authentication Modes may be used with the Service Type:

  • Impersonate
  • ServiceAccount
  • Single Single-on
  • Static
When connecting to on-premises systems from your environment, you must use static credentials. See KB002939: Connecting to On-Premises Data from K2 Cloud for more information about how to do this for supported systems.

Service Keys (Service Instance Configuration Settings)

Key Can be modified Data Type Sample Value Notes
Host Server Connection String Yes Text Integrated=True;IsPrimaryLogin=True; Authenticate=True; EncryptedPassword=False;Host=localhost;Port=5555

Connection string to the server.

This property contains sensitive information. You can enter and see your values when you first configure this value. The value will be masked when the service instance is updated.

FindUsersDefaultFilter Yes Text groupname=null;size=100

The groupname value must be left as is.

The size value determines the number of users returned at a time. The default value is set to 100 for optimal system performance. The size value can be increased or decreased depending on the requirement. Increasing the value of this setting could negatively impact the performance of your system.

Service Objects

The User Role Manager Service Instance creates four Service Objects: Group, Label, Role, and User. See the screen shot below for methods exposed by these Service Objects.

SmartObjects

The product automatically generates SmartObjects for these Service Objects. SmartObjects can be automatically created by selecting the Generate SmartObjects for this Service Instance check box when creating a new Service Instance. Designers can use the SmartObject design tools to build advanced SmartObjects that leverage the Service Objects in this service. It is recommended to use the SmartObject design tools to create SmartObjects rather than generating SmartObjects, since this allows better control over the naming, behavior and design of the SmartObject and its methods and properties.