Role-based access control (RBAC) is used to provide a convenient way to assign a user to a particular job function or set of permissions within an enterprise, to control access. In Access Manager, you assign users to roles, based on attributes of their identity, and then associate policies to the role.
To assign a role to users at authentication, you must enable it for Identity Server configuration.
Click Devices > Identity Servers > Servers > Edit > Roles.
Click the role policy’s check box, then click Enable.
To disable the role policy, click the role policy’s check box, then click Disable.
To create a new role, click Manage Policies.
After enabling or disabling role policies, update Identity Server configuration on the Servers tab.