Normally, the concept of identity federation
is limited to user authentication. However, with Visual Guard, identity
federation also includes management of user roles and permissions,
and audit of actions performed by users and administrators:
- When a distant user is authenticated, Visual Guard applies their permissions, controlling access to the application’s functionalities.
- All operations performed by the users are logged in the Visual Guard repository.
- In addition, all operations performed by administrators, such as the declaration of user accounts or assignment of roles and permissions, are logged in the Visual Guard repository.
- Auditors can then review all these operations.