Administrators can quickly search for a role by name or description in the Catalog > Roles page. Identity Governance performs a case-insensitive search of all of the technical roles in the catalog and returns any that contain the string in the technical role name, description, or cost. You can also use the advanced search feature to limit the number of roles. The search results also display the role states.
The life cycle of a technical role includes the following states, regardless of how the role was created:
|
Technical Role State |
Description |
|---|---|
|
CANDIDATE |
Technical role was created by role mining and must be promoted before it can be activated. This state corresponds to the internal state called MINED. |
|
ACTIVE |
Valid, meaning all included permissions are available in the catalog, and the role is included in the detection process. |
|
NOT ACTIVE |
Valid, but the role is excluded from the detection process. This state corresponds to the internal state called INACTIVE. |
|
INVALID |
Invalid and excluded from the detection process due to a detected error. Detection errors are usually the result of a deleted permission that is included in the technical role. |