Looking for Aveksa Entitlements description, it might be Long or short description.Its really confusing what are the entitlements for it would be great if we can have a description for each entitlement what it is for.
What is te difference between Account Collector: Manage All and Account Collector : Edit All?
From G&L Entitlement Definitions Needed for: View All, Review Permissions, and Request Workflow : Edit All
Edit allows you to edit existing objects. Manage allows you to create and delete as well as edit.
Checking the same "Authorization Checks" help page:
View access plus the ability to edit and run account collectors. Edit related Account attributes and user mappings.
Edit access plus the ability to delete account collectors.
Do we have a similar overview of the authorizations that are implicitly granted to users based on their responsibilities. have been looking in the help pages but without any luck.
Would be nice if we would not have to find out via trial and error.
For example against our expectation
On a role set the business owner seems to able to copy roles but the technical owner cannot.
Yes of course, the implicitly granted entitlements are nothing but renamed and scoped basic authorizations.
If you open the entitlement pop-up, you can see the Security Context action associated with the entitlement. For example (based on your question):
Role Set Business Owner has "Manage" action over Roles, while Role Set Technical Owner has "Edit" action.
Why is this even an idea? this info should have been available long time ago.
It's a wrong idea actually. This information has always been available in the Help pages under "Managing RSA Identity Governance and Lifecycle Application Privileges. You can just search for "Authorization Checks" and you'll get a table description of every entitlement.
Relative path: /aveksa/help/Launch_Help.htm#Administrators/Authorization_Checks.htm
Retrieving data ...