Enable Access Restriction by Role in Addition to Category

What is a one sentence summary of your feature request?

Add support for restricting access by role, not just by category.

Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.

The limitation of a profile is done through the profileContext directive, which makes it possible to restrict access management of that profile to accesses with a specific category.
We have around a hundred applications managed by 100 different administrators. Therefore, we need to create 100 different categories in order to assign each administrator a profile limited to the application they manage.

An improvement would be to allow the implementation of access restrictions based on a given role, in addition to the current option of restricting by category—that is, a group of roles.

How do you currently solve the challenges you have by not having this feature?

We have created a large number of categories to assign access rights to profiles.

We will be addressing this new way of managing profiles in Identity Manager with our NIM connector planned for our next minor release 6.3 schedule for this year.
This connector will allow you to:

• Managing Identity Manager profiles in roles
• Category management
• Multi-criteria on profile assignment
• Multi-resource (standard AD account and administrator)
• Enable roles to be traced through workflow validations - by default, a single validation.
• Certify roles in certification campaigns
• Role assignment traceability (Assigned Profiles)
• Assigned profile life cycle

Follow this thread for updates, and let us know your thoughts/feedback!