Call for tenders' details

Tenderers are requested to note that the closing date for submission of tenders has been extended to 26/05/2020 at 12:00 and the opening of tenders will now take place on 27/05/2020 at 14:00.
The Provision of IT Software Development, Configuration, Implementation and Main...
Contracting authority:
European Medicines Agency (EMA)
TED publication date:
Time limit for receipt of tenders:
English (en)
Question details
Lot 1 - Award Criteria - Criterion 5 - IAM & Perm.
1. How are internal and external users managed? In Active Directory? In other IdP(s)? 2. How are internal and external users authenticated? 3. Are all internal/external users already synced (or will they be) to Azure AD? 4. Any federated authentication with external IdPs already in place? 5. How fine-grained are the permissions? 6. The requirements mention row level security, what is defined by a row?
1. Internal and external users are managed in separate LDAP repositories at EMA’s on-premise’s infrastructure, Active Directory and Oracle Internet Directory respectively. 2. EMA is using Active Directory Federation Services (ADFS) and Oracle Access Manager to implement standalone authentication based on the directories mentioned at point 1. 3. On premise Active Directories are used as master repositories and ‘push’ internal and external users and user groups to Azure AD. 4. There is no federated authentication. 5. Typically fine-grained permissions refer to row-level (see answer below) security. In some cases, it can be considered to restrict access to only parts of business data objects. 6. Row level security is a level of security that restricts rows of datadata, representing instances of business data objects, from users or user groups when they query a virtual table.