You can grant permissions to organizations or accounts to access applications.
Accounts that do not have the required permissions cannot access the application.
You can set the Authorize parameter of the application to All Users in the SSO configuration of the IDaaS application. If you select All Users, you do not need to manage application permissions, and manual authorization is not applied. If you want to specify the authorization scope, set the Authorize parameter to Manually.
Manage Permissions
You must be an administrator to manage permissions. Go to the Application page, click the name of the application that you want to manage, click Sign-In, and then click the Authorize tab. Then, you can view the permissions and grant permissions to or revoke permissions from accounts or organizations.
After you grant permissions to an organization, all accounts under the organization have permissions. IDaaS does not record the permissions of individual accounts under the organization. You can choose Accounts > Accounts and Organizations in the left-side navigation pane, click the account that you want to view, and click the Permissions tab to check whether the account has permissions.
Grant Permissions
Click Authorize. The Authorize dialog box appears.
Search for the IDaaS organization or account in the dialog box. Select the organization or account to which you want to grant permissions.
Confirm the selected organization or account and click Confirm.