3b - Onboarding of a new Dataspace - Participant End-Users

3b - Onboarding of a new Dataspace - Participant End-Users

Description

To help understand the content of this document, readers should familiarize themselves with the key definitions and actors and the business process introduction containing the diagram legend.

The process of onboarding a new Participant End User outlines the tasks and decisions required by various actors to grant a Participant End User access to the dataspace. Before Participant End Users can participate, the Participant must be successfully onboarded into the dataspace (Business Process – 03A). For onboarding the Participant End User, the Participant must link its local preferred authentication mechanism to the identity provider of the Simpl-Open agent. This allows the Participant to assign their users one ore more roles enabling the access to the Simpl-Open Agent functionality. This enables the Participant End User to access the dataspace and act on behalf of the Participant.

The following actor is involved in this process: Participant.

Prerequisites business process:
The following prerequisites must be met to enable the process to occur:

1. Participant Onboarded: The Participant should have successfully completed the onboarding business process (Business Process – 03A);
2. Local preferred authentication mechanism: The Participant must have a local preferred authentication mechanism available to use for verification of the Participant End User identity;
3. Dataspace list of available roles: The Governance Authority should share a copy of the list of predefined roles that can be used within the dataspace. The provision of this list is necessary for the Participant to map the internal role directory to the available dataspace roles of the identity provider that is provided by the Governance Authority.

Business Process Diagram & Steps
This chapter presents a diagram visualising the business process, labelled with specific steps. Each step is further detailed in the accompanying 'Step Description'.

Figure 2: Diagram representing the onboarding of a New Dataspace - Participant End-User

Step Description:
Below there is a detailed description of the steps involved in this business process. Each step outlines the specific actions and decisions required to successfully complete the process:

1. Connect to identity provider: This step involves the Participant initiating and connecting its local preferred authentication mechanism with the identity provider of the Participant Simpl-Agent.
2. Verify identity provider connection: The Participant verifies whether the local preferred authentication mechanism has successfully connected with the identity provider.
3. Passed Verification?: As an outcome of the review in step 2, if the identity provider connection passed the verification check, then the process moves to step 5. If the identity provider connection fails the verification check, then the process moves to step 4.
4. Remediate Issues: The Participant is offered the possibility to correct issues or deficiencies discovered during the verification process. After the corrections are made the applicant can return to step 1 to retry the identity provider connection.
5. Assignment and mapping of roles/end-user: In this step, the Participant assigns dataspace user roles by mapping them with roles retrieved from the local preferred authentication mechanism. This ensures that each End User has the appropriate access and permissions within the dataspace.
    

Associated L1s - High Level Requirements

• 3b.1 - Access control - roles management
  Simpl shall support the management of ...

  See more details

   

Back to Simpl requirements overview