The Role Mapping Administrator requires access to the Identity Vault. This enables the Role Mapping Administrator to perform the required Identity Vault operations, including:
Authenticating users who log in to the Role Mapping Administrator and establishing their authorization level (Role Module Administrator or Role Manager).
Retrieving roles information to display if the authenticated user is a Role Module Administrator. If the authenticated user is a a Role Manager, the Role Mapping Administrator uses the user’s credentials to display roles.
Adding authorization information to the Role objects when an authorization is mapped to an Identity Vault role.
Accessing information stored on the Identity Manager driver object to build the queries required to retrieve authorizations from connected systems.
Sending the queries to the Identity Manager drivers.
Creating, editing, and deleting roles.
For more information, see Section 2.5, Granting Rights to the Use Role Mapping Administrator.