Managing consumption of Sudo capabilities
The Sudo Platform entitlements service enables you to manage your users' consumption of Sudo capabilities.
An entitlement specifies how much of a Sudo capability a user is entitled to consume. For example, the maximum number of phone numbers able to be allocated simultaneously to a Sudo.
Entitlements are managed by integrating with your organization's existing entitlements system and defined as groups of entitlements called Entitlements Sets.
An entitlements set typically corresponds to a product subscription level and specifies all of the entitlements conferred to a user at that subscription level.
Entitlements sets can be changed to increase, decrease, add or remove entitlements for existing users entitled by that entitlements set allowing easy broad changes to entitlements across all of your users.
Entitlements can also be managed on a per-user basis, allowing for fine grained control of entitlements available to individual users.
Whether you manage user entitlements by direct specification of individual users' entitlements or by entitlements sets or both will depend on your existing product entitlement system, if any, and how your users will initially register to the Sudo Platform.
If your users will register with Federated Single Sign-on, you will be able to configure a mapping from claims in the token issued by your identity provider to an initial entitlements set to allow for automatic entitlement of your users on first sign-on.
If you are unable to include a claim that can map to initial entitlements set during Federated Single Sign-on then entitlements must be pre-defined for each user. The
redeemEntitlementsAPI must still be called to establish the mapping between your users and Sudo Platform users in the Sudo Platform entitlements system.