fontsize="12"; rank=same; node [shape=rect]; login [style=rounded, label="User Signs In"]; has_access [shape=diamond, label="does user have access?"]; has_data [shape=diamond, label="can sp provision access?"]; provision [label="provisions access dynamically"]; register [label="triggers workflow to ask admin to assign permission"]; assign_access [label="admin assigns role in permission management system"]; role_update [label="triggers group/role/entitlement data update in Directory"]; arp_update [label="triggers IDP ARP Update"]; done [style=rounded, label="user enters application"]; done2 [style=rounded, label="user has access"]; note1 [style=note, label="provision using role data supplied in Shib response"]; login -> has_access; has_access -> done [label="yes"]; has_access -> has_data [label="no"]; has_data -> provision; provision -> done; has_data -> register; register -> assign_access; assign_access -> role_update; role_update -> arp_update; arp_update -> done2; note1 -> has_data [arrowhead=none, style=dotted]; |