Table of Contents
Kuali Identity Management (KIM) provides identity and access management services to Rice and other applications. All KIM services are available on the service bus with both SOAP and Java serialization endpoints. KIM provides a service layer and a set of GUIs that you can use to maintain the identity information.
KIM is designed to be used with both Kuali and non-Kuali applications. The permissions and responsibilities it provides are defined by each user’s Role or Roles in the system. Roles can be customized to handle permissions and responsibilities in a variety of ways based on your particular needs.
KIM provides a reference implementation of the services but allows for customization and/or replacement to facilitate integration with institutional services or other third party identity management solutions.
KIM allows you to override one or more of its core services. For example, you could override the Identity Service, but not the Role Service.
KIM consists of these services, which encompass it’s API:
AuthenticationService
GroupService
GroupUpdateService
IdentityCacheService
IdentityService
IdentityUpdateService
PermissionService
PersonService
ResponsibilityService
RoleService
KIM evaluates permissions through its permission service. KIM provides plug points for implementing custom logic for permission checking, such as permission checks based on hierarchical data.
A more detailed picture of the KIM architecture:
