Hi, Apologies for the entry level question but I am new to administering Syncope. I am hoping to use Syncope as an identity store (password rules, data store, user data, and JWT) and access it via the REST interface. Users will never access Syncope Directly, they will pass through custom microservices and my webservices will create/delete/update users and validate/invalidate JWTs.
As I see it I really need three main types of users (are they realms? maybe groups?) - *User Group* - this is the main user group. They should only have access to their own identity information and should be very limited in the system - *Service Account *- A group (maybe only one) service account user that my microservices will use to create/delete users, update passwords. I would like to limit the ability of this user/group to be able to only manage users and not Administer the Syncope system - *Admin Users* - This is the main users that can create realms, update workflows, password requirements What is the recommended way to set this up? Thank you in advance. Craig
