What Are Account Authorization and Fine-Grained Authorization

What Is Account Authorization

The binding relationship between "users on the IDaaS side" and "accounts on the application side," i.e., which application accounts an IDaaS user has in different application systems. This is a one-to-many relationship.

Account authorization determines which resources a user can access through corresponding accounts. The process of granting a user permission to access a specific application is the action of account authorization; the manifestation of a user accessing an application using a specific account is the effect of account authorization.

What Is Fine-Grained Authorization

Fine-grained authorization, also known as data scope authorization, means that different users have the same operational permissions, but the scope of data they can operate on is different.