Within our organization we have setup our role based access through using standard roles that function dynamically by qualifying roles based on criteria we set. Would it be feasible or even worth the time to move forward with using dynamic roles in our environment when we are strictly using standard roles?
Some context or an example would be that we have many standard roles built out for nurses that qualify the type of nurse they are through the criteria.
This would be a business related question rather than technical question and will depend on individual business. If you have multiple roles with most of the criteria being common among them with minor differences (e.g. just a few identity attributes different between roles) then it might be worth the effort to migrate to dynamic roles. But one thing you need to remember is that it would seem as if you are setting up roles from scratch (based on my personal experience where large number of roles were redefined) but it might be worth the effort on a long term.
Biggest challenge with Dynamic roles is that you cannot use Search functionality to list the identities that qualify for the Dynamic section of the roles.
If you’re already using standard roles with membership criteria that dynamically assign roles, the value of switching to Dynamic Access Roles depends on complexity and scale. Dynamic roles excel when you have role sprawl—needing many similar roles differing only by attributes like location or specialty.
For your nurse example, if you have separate standard roles per nurse type (e.g., “Oncology Nurse Austin,” “Cardiac Nurse Dallas”), consolidating into one dynamic role with dimensions (location, specialty) would significantly reduce maintenance. However, if your current standard role setup is manageable and meets your needs, the migration effort may not be justified yet.
Key benefit: Dynamic roles can replace thousands of roles with a single dimensional role.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.