OrgType (Complex Type)

Namespace: http://midpoint.evolveum.com/xml/ns/public/common/common-3

Supertype: AbstractRoleType

Organizational unit, division, section, object group, team, project or any other form of organizing things and/or people. The OrgType objects are designed to form a hierarchical organizational structure (or rather several parallel organizational structures).

Orgs are designed for grouping of objects. Orgs usually group users, but they can group any kind of objects (roles, policies, resources, etc.) This can be used to create a flexible delegated administration setup.

See Organizational Structure in midPoint wiki for a general introduction to the concepts.

The OrgType is also used as a focal object for generic synchronization. In that case the Orgs can correspond to LDAP OUs or groups or any similar resource objects.

OrgType is also a role (RoleType). This feature may not be used for majority of OrgType instances. But it is very useful if membership in an org unit automatically grants some accounts or roles. Although roles and orgs are very similar there is one principal difference: Orgs are designed for grouping, roles are designed for flexible policy definition.

Item Summary  
Name Type Multiplicity Description
name property
PolyStringType
[0,1] Human-readable, mutable name of the object. 
description property
string
[0,1] Free-form textual description of the object. 
documentation property
string
[0,1] AsciiDoc-formatted technical documentation of the object. 
subtype property
string
[0,-1] Type of the object. 
fetchResult property
OperationResultType
[0,1] Result of the operation that fetched this instance of the object. 
extension container
ExtensionType
[0,1] Extension container that provides generic extensibility mechanism. 
parentOrgRef reference
ObjectReferenceType
[0,-1] Set of the orgs (organizational units, projects, teams) that the object relates to. 
trigger container
TriggerType
[0,-1] Triggers for this object. 
metadata container
MetadataType
[0,1] Meta-data about object creation, modification, etc. 
tenantRef reference
ObjectReferenceType
[0,1] Reference to the tenant to which this object belongs. 
lifecycleState property
string
[0,1] Lifecycle state of the object. 
operationExecution container
OperationExecutionType
[0,-1] Description of recent operations executed on this object (or related objects in special cases). 
lensContext container
LensContextType
[0,1] Model context describing executed operation  
policySituation property
anyURI
[0,-1] The policy situation(s) of this object. 
triggeredPolicyRule property
EvaluatedPolicyRuleType
[0,-1] Triggered policy rules for this object. 
policyException container
PolicyExceptionType
[0,-1] Recorded exception from a policy rule. 
diagnosticInformation property
DiagnosticInformationType
[0,-1] Diagnostic information attached to this object. 
indestructible property
boolean
[0,1] Protection against accidental deletion. 
effectiveMarkRef reference
ObjectReferenceType
[0,-1] Object marks assigned to the shadow. 
policyStatement container
PolicyStatementType
[0,-1] Policy statements to manually add or exclude effective marks of shadow. 
effectiveOperationPolicy container
ObjectOperationPolicyType
[0,1] Effective provisioning policy derived from Shadow marks and resource configuration. 
assignment container
AssignmentType
[0,-1] Set of object's assignments. 
iteration property
int
[0,1] Iteration number. 
iterationToken property
string
[0,1] Iteration token. 
archetypeRef reference
ObjectReferenceType
[0,-1] References to all applicable archetypes, including "indirect" archetypes such as archetype supertypes. 
roleMembershipRef reference
ObjectReferenceType
[0,-1] References to abstract roles (roles, orgs, services) that this focus currently belongs to - directly or indirectly. 
delegatedRef reference
ObjectReferenceType
[0,-1] References to objects (abstract roles as well as users) obtained via delegation. 
roleInfluenceRef reference
ObjectReferenceType
[0,-1] References to abstract roles (roles and orgs) that this focus may directly belong to. 
identities container
FocusIdentitiesType
[0,1] (Alternative?) identities of this focus object. 
linkRef reference
ObjectReferenceType
[0,-1] Set of shadows (projections) linked to this focal object. 
personaRef reference
ObjectReferenceType
[0,-1] Set of personas linked to this focal object. 
activation container
ActivationType
[0,1] Type that defines activation properties. 
jpegPhoto property
base64Binary
[0,1] Photo corresponding to the user / org / role. 
costCenter property
string
[0,1] The name, identifier or code of the cost center to which the user belongs. 
locality property
PolyStringType
[0,1] Primary locality of the user, the place where the user usually works, the country, city or building that he belongs to. 
preferredLanguage property
string
[0,1] Indicates user's preferred language, usually for the purpose of localizing user interfaces. 
locale property
string
[0,1] Defines user's preference in displaying currency, dates and other items related to location and culture. 
timezone property
string
[0,1] User's preferred timezone. 
emailAddress property
string
[0,1] E-Mail address of the user, org. 
telephoneNumber property
string
[0,1] Primary telephone number of the user, org. 
credentials container
CredentialsType
[0,1] The set of focus's credentials (such as passwords). 
behavior container
BehaviorType
[0,1] General-purpose behavioral data. 
displayName property
PolyStringType
[0,1] Human-readable name of the role or org. 
identifier property
string
[0,1] Identifier of the role or org. 
inducement container
AssignmentType
[0,-1] Inducements define the privileges and "features" that other objects should have. 
authorization container
AuthorizationType
[0,-1] Set of role authorizations. 
requestable property
boolean
[0,1] If set to true then this role may be directly requested by the users. 
delegable property
boolean
[0,1] If set to true then this role may be delegated to a deputy. 
idempotence property
IdempotenceType
[0,1] This value indicates whether the evaluation of this role gives the same results regardless of its position in the assignment/inducement hierarchy. 
riskLevel property
string
[0,1] Indication of the level of risk associated with the permissions that this role assigns. 
condition container
MappingType
[0,1] The role is applied only if the condition is evaluated to true. 
adminGuiConfiguration container
AdminGuiConfigurationType
[0,1] Specifies the admin GUI configuration that should be used for the members of this role. 
dataProtection container
DataProtectionType
[0,1] Specifies the GDPR related attributes  
autoassign container
AutoassignSpecificationType
[0,1] Specification of role auto-assignment properties. 
tenant property
boolean
[0,1] Flag indicating whether this object is a tenant or not. 
mailDomain property
string
[0,-1] Domain part of RFC822 e-mail address that applies to this organization. 
displayOrder property
int
[0,1] The content of this property specifies an order in which the organization should be displayed relative to other organizations at the same level. 
securityPolicyRef reference
ObjectReferenceType
[0,1] Reference to the security policy settings which will be used for this organization.