- 0 minutes to read

Claims Overview

Gain complete control of your authorization Claims in Nodinite v7. This page guides you through managing, adding, editing, deleting, and restoring Claims—the building blocks of OIDC/OAuth 2.0 authorization.

✅ Centralized management of all Claims
✅ Inline editing for quick Claim creation
✅ Track which Policies use each Claim
✅ Powerful filtering and search capabilities

Note

Claims are only available when Nodinite is configured for OIDC/OAuth 2.0 authentication mode. For Windows authentication mode, use Users and Windows AD Groups instead.

Get started now: Add or manage Claim user guide.

The Overview displays all user-defined Claims. You can filter the list and manage Claims using inline editing and action menus.

The Claims Overview in the Access Management menu is where a Nodinite Administrator manages Claims for OIDC/OAuth 2.0 authorization.

Claims are key/value pairs used to define permissions and attributes. They are grouped into Policies, which are then assigned to Roles. Make sure to read the 'What is a Claim' topic to understand the basic concepts before continuing.

In the Claims Overview, you have a sortable list of defined Claims. You can narrow an extensive list by typing characters into the filter text box.

Claims Overview
The Claims Overview with the list of user-defined Claims.

Manage Claims

The available functionalities for Managing Claims are:

  • Add new Claim - Create Claims with inline editing
  • Edit existing Claim - Modify Key, Value, or Description
  • Delete Claim - Remove Claims (can be restored)
  • Restore deleted Claim - Recover previously deleted Claims
  • Filter the list of Claims - Search by Key, Value, or Description
  • Sort - Order by any column
  • View Usage - See which Policies use each Claim

Add new Claim

Click the "Add Claim" button to create a new Claim using inline editing.

Add Button
Click the "Add Claim" button to create a new Claim with inline editing.

A new row appears where you can enter:

  • Key (Required) - The claim key identifier
  • Value (Required) - The claim value
  • Description (Optional) - A clear description of the Claim's purpose

Click "Save" to create the Claim, or "Cancel" to abort.

Tip

Use consistent lowercase naming for Keys and Values to avoid case-sensitivity issues.

Edit Claim

To Edit an existing Claim, click the Edit button (pencil icon) in the row, or open the menu from the "Actions" button and click the "Edit" menu item.

Edit Action Button
Click the Edit button to modify an existing Claim.

The row enters edit mode where you can modify:

  • Key - Change the claim key
  • Value - Change the claim value
  • Description - Update the description

Click "Save" to apply changes, or "Cancel" to discard.

Warning

Changing the Key or Value creates a new unique combination. Ensure this doesn't duplicate an existing Claim.

Delete Claim

To Delete an existing Claim, open the menu from the "Actions" button and click the "Delete" menu item.

Delete Action Button Menu Item
Click the 'Delete' menu item to delete an existing Claim.

A confirmation modal appears showing:

  • The Claim being deleted
  • Which Policies currently use this Claim
  • Warning about the impact

Important

Deleted Claims remain visible in Policies where they were used (marked with a warning badge). This maintains the audit trail.

Restore deleted Claim

To Restore a deleted Claim, first check the "Include Deleted" checkbox.

When checked, deleted Claims are also presented in the list with a "Deleted" status badge.

Include Deleted Filter
Enable "Include Deleted" to show deleted Claims.

Then open the menu from the "Actions" button and click the "Restore" menu item.

Restore Action Button Menu Item
Click the 'Restore' menu item to restore a deleted Claim.

Filter Claims

Use the search filter at the top of the page to find Claims:

  • Type any text to search across Key, Value, and Description fields
  • Results update in real-time as you type
  • Clear the filter to show all Claims

Search Filter
Use the search filter to find specific Claims.

Sort Claims

Click any column header to sort the list:

  • Key - Alphabetical order
  • Value - Alphabetical order
  • Created - Date/time order
  • Changed - Date/time order

Click again to reverse the sort order (ascending/descending).

View Claim Usage

The "Used In" column shows which Policies reference each Claim:

Used In Column
The "Used In" column displays Policy badges showing where each Claim is used.

  • Policy badges - Clickable links to each Policy
  • Count indicator - "(+N more)" when more than 10 Policies use the Claim
  • Hover tooltip - Shows full list of all Policies
  • Empty - Claim not used in any Policy

Click any Policy badge to navigate to that Policy's detail page.

Tip

Always check the "Used In" column before deleting a Claim to understand the impact on your Policies.

Understanding the Columns

Column Description Sortable
Status Visual indicator - shows "Available" or "Deleted" badge No
Key The claim key identifier (e.g., department, access_level) Yes
Value The claim value (e.g., finance, admin) Yes
Description Optional description of the Claim's purpose No
Used In Badges showing which Policies use this Claim No
Created Timestamp when the Claim was created Yes
Changed Timestamp when the Claim was last modified Yes
Actions Dropdown menu with Edit, Delete, and Restore options No

Validation and Rules

When managing Claims, Nodinite enforces these rules:

Unique Key/Value Combination

  • The combination of Key and Value must be unique
  • ✅ Can have: department=finance and department=hr
  • ✅ Can have: department=finance and access_level=finance
  • ❌ Cannot have: Two Claims with department=finance

Required Fields

  • Key is required - cannot be empty
  • Value is required - cannot be empty
  • Description is optional but recommended

Case Sensitivity

  • Keys and Values are case-sensitive
  • department=Financedepartment=finance
  • Department=financedepartment=finance

Deletion Behavior

  • Deleted Claims can be restored
  • Deleted Claims remain visible in Policies (marked as deleted)
  • Cannot create a new Claim with the same Key/Value as a deleted one (restore instead)

Best Practices

Naming Conventions

Use consistent, lowercase naming:

✅ Good Keys:
   department
   access_level
   region
   environment

❌ Avoid:
   Dept
   AccessLevel
   REGION
   env-name

Always Add Descriptions

Good descriptions help your team understand each Claim:

✅ Good Description:
   "Member of the Finance Department - grants access to financial 
    integrations, invoicing systems, and reporting"

❌ Poor Description:
   "Finance"
   ""

Group Claims logically for easier management:

Department Claims:

  • department=finance
  • department=operations
  • department=hr

Access Level Claims:

  • access_level=readonly
  • access_level=editor
  • access_level=admin

Review Usage Before Deletion

  1. Check the "Used In" column
  2. Understand impact on Policies
  3. Plan replacement Claims if needed
  4. Communicate with your team

Regular Maintenance

  • Review Claims quarterly
  • Remove unused Claims
  • Update descriptions for clarity
  • Verify Policy assignments

Common Scenarios

Creating Department-Based Authorization

  1. Click "Add Claim"
  2. Create Claims for each department:
    • department=finance
    • department=operations
    • department=hr
  3. Group these into department-specific Policies
  4. Assign Policies to appropriate Roles

Setting Up Access Levels

  1. Create access level Claims:
    • access_level=readonly
    • access_level=editor
    • access_level=admin
  2. Combine with department Claims in Policies
  3. Create Roles like "Finance Editor" or "Operations Admin"

Regional Authorization

  1. Create region Claims:
    • region=europe
    • region=americas
    • region=asia
  2. Build region-specific Policies
  3. Assign to Roles for regional teams

Frequently Asked Questions

How do I know which Policies use a Claim?

Check the "Used In" column for each Claim. It shows badges for all Policies that reference that Claim. Click any badge to navigate to the Policy details.

Can I edit a Claim that's used in Policies?

Yes, but be careful:

  • Changing the Description is safe
  • Changing the Key or Value creates a new unique Claim
  • This may break the authorization logic in Policies
  • Consider creating a new Claim instead and migrating Policies

What happens when I delete a Claim?

  • The Claim is marked as deleted
  • It remains visible in Policies (with a warning badge)
  • It's hidden from the main list (unless "Include Deleted" is enabled)
  • You can restore it at any time
  • The audit trail is preserved

Can I create a Claim with the same Key but different Value?

Yes! Claims are unique by the combination of Key and Value:

  • department=finance and department=hr - Different Claims
  • access_level=admin and region=admin - Different Claims
  • ❌ Two Claims both with department=finance - Not allowed

Why can't I create a new Claim?

Possible reasons:

  1. Key/Value combination already exists - Check active and deleted Claims
  2. Missing required field - Both Key and Value are required
  3. Insufficient permissions - You need Administrator role
  4. Browser session expired - Refresh and log in again

How are Claims different from Windows Groups?

Claims (OIDC/OAuth 2.0 mode):

  • Platform-independent key/value pairs
  • Flexible authorization model
  • Works with any identity provider
  • Modern cloud-native approach

Windows AD Groups (Windows mode):

  • Direct Active Directory integration
  • Traditional Windows security
  • On-premises focused
  • Automatic sync with AD

You use either Claims or Windows Groups, not both—it depends on your authentication mode.

Troubleshooting

Cannot add Claim - "Already exists" error

Issue: Error when trying to create a Claim

Solution:

  1. Check if the Key/Value combination exists in the active list
  2. Enable "Include Deleted" - it may have been deleted
  3. If found deleted, restore it instead of creating new
  4. If you need a different Claim, change the Key or Value

Claim doesn't appear in Policy editor

Issue: Created a Claim but don't see it in Policy management

Solution:

  1. Refresh the browser page
  2. Verify the Claim was saved successfully
  3. Check if it was accidentally deleted
  4. Clear browser cache if issues persist

Cannot delete Claim

Issue: Delete button disabled or error

Possible causes:

  1. Insufficient permissions (not Administrator)
  2. Browser session expired
  3. Concurrent edit by another user

Solution:

  1. Verify Administrator role membership
  2. Refresh page and try again
  3. Log out and log back in

Security Considerations

Principle of Least Privilege

Create specific Claims for granular permissions:

✅ Specific:
   department=finance
   access_level=readonly
   environment=production

❌ Too Broad:
   access=all
   permission=everything

Audit Trail

All Claim operations are tracked:

  • Who created the Claim
  • When it was modified
  • Deletion and restoration events
  • Usage in Policies

Regular Reviews

Periodically audit your Claims:

  • Remove unused Claims
  • Update descriptions
  • Verify Policy assignments
  • Check for overly broad permissions

Next Step

Add or manage Claim - Create and manage Claims
What is a Policy? - Learn about Policies
Policies Overview - Manage all Policies

Claims:

What is a Claim? - Understanding Claims
Add or manage Claim - Claim management guide

Policies:

What is a Policy? - Understanding Policies
Policies Overview - Manage all Policies
Add or manage Policy - Policy management guide

Roles:

What is a Role? - Understanding Roles
Roles Overview - Manage all Roles

Access Management:

Access Management - Authorization overview
Install Nodinite v7 - Authentication - Authentication modes
Install Nodinite v7 - OpenID - Configure OIDC/OAuth 2.0

Windows Mode Alternative:

Users - Windows authentication mode
Users Overview - User management
Windows AD Groups - Windows authentication mode
Windows AD Groups - Overview - AD group management