Investigating
Provide a means of permission and user-management for AppBuilder Applications (through Adobe IMS, AdminConsole)
| Request for Feature Enhancement (RFE) Summary: | Provide a means of permission and user-management for AppBuilder Applications (through Adobe IMS, AdminConsole) |
| Use-case: | When developing App Builder Apps, the question occurs how to give different users different permissions within the App (or access to the app at all). How can access to an App be granted or denied - and what about granual permissions within the app? How is permission-management / user-management within Appbuilder Apps handeled?IF we do not yet support something like that .. I think each app should have the ability for product profiles in the admin-console, which could then be customized to have as many different permission levels as required by creating additional profiles. (Naturally these should be easily available on runtime "OOTB" for developers to use. And not though something like the UMAPI - which is very cumbersome ... ) |
| Current/Experienced Behavior: | Unfortunately ORG level is the only granularity in terms of access to an app which is way too broad. Everything else currently needs to be handled within your app. IDPs like Auth0, cognito, supabase, must be integrated directly into the app (so only "non-Adobe IPDs can be used). This is not simple when you inevitably get into MFA, SSO, password rules enforcement, fraud detection, etc |
| Improved/Expected Behavior: | I'd also like to see more fine grained control built in on our side, e.g. via profiles added to an IO project, which would change the required scopes to invoke the action, so only users with that profile/group would be able to access it with their token |
| Environment Details (AEM version/service pack, any other specifics if applicable): | |
| Customer-name/Organization name: | Adobe & serveral customers using App Builder extensively |
| Screenshot (if applicable): | |
| Code package (if applicable): |