Concept Guides
Organisations
Authorisation Domains and Roles for Organisations
benefit from the hierarchical structure of a trust framework get assigned regulatory roles that govern the classification for your organisation, api access, available access scopes, and more authorisation domains for organisations an authorisation domain is the highest level hierarchical entity inside a data sharing ecosystem or federation it enables trust framework participants docid\ zwoo4fno16xiy1mcodij5 to delineate the primary operational and regulatory areas that exist within the trust framework docid\ orq fx71kdupt8j17ckkd organisations are assigned domains by trust framework participants docid\ zwoo4fno16xiy1mcodij5 only and cannot be self assigned by organisation administrators authorisation domains are typically set based on a given regulation and include a clear definition of its existing actors, responsibilities, and governance for example, a country wide open data ecosystem can be divided into smaller parts like open banking, open health, open energy, and open telecommunications enabling one governing organisation to establish different regulatory areas and delegate their administration to authorities (like central bank, mininistry of health, and more) each ecosystem or federation must have at least one authorisation domain but more can be created if needed for your organisation, it does not mean that it has to be assigned to one domain only on the contrary for example, an insurance provider (acting both as a organisations docid\ sproag20ez4b y2pel7wz and a organisations docid\ sproag20ez4b y2pel7wz ) can be assigned to a couple of domains open insurance to pull information about already existing insurances, provide offer comparison, and more open banking to pull finance related information about the end user in order to, for example, initiate insurance payment or check account balance and prevent a not sufficient funds return open health to pull health related information about the end user to verify whether they can apply for a life insurance, and more being a part of an authorisation domain defines the roles your organisation can have if your organisation does not have any authorisation domain assigned, contact with your trust framework participants docid\ zwoo4fno16xiy1mcodij5 roles authorisation domain roles are regulatory roles associated with a specific authorisation domain they can dictate what rights and permissions your organisation has, such as the ability to register certain apis or specific types of servers roles can also define the set of apis an organisation can consume and access scope its application can request for example, if an organisation is assigned a role defined in the open banking authorisation domain, it is able to publish or access the finance related apis but not health related apis roles help to distinguish between different organisations by being a mean of classification they can differentiate data providers from data receivers, or common organisations and technical service providers additionally, roles are used to control access to raidiam connect apis by default, any organisation and their application registered in connect is assigned a role enabling access to application and software statement related apis organisations are assigned roles by trust framework participants docid\ zwoo4fno16xiy1mcodij5 only and cannot be self assigned by organisation administrators however, you can control which role is available to your application if you register more than one application, it is recommend only to claim the roles the application needs within its software statement if your organisation does not have any authorisation domain role assigned, contact with your trust framework participants docid\ zwoo4fno16xiy1mcodij5