[midPoint] Manual permission management for a large set of access rights

[Eetu Salpaharju]

Hello,

I'd like to use Midpoint to manage our technician access to customer environments. There is a few hundred customers and actual access granting accesses is done manually by a dedicated team. This will be the case also in future, it is too time consuming to build a automation for each customer. 

My proposal involves creating a manual resource with each customer as an entitlement. To kickstart this, I've prepared a CSV file containing the list of customers, which will help me automate the creation of entitlements. Once these entitlements are in place, we can easily assign them to users through services or roles, streamlining the access-granting process.

When a user is added or removed from a customer (entitlement), the connector will generate a case and our team makes changes manually. 

But there is a few questions I have:

* Can I create entitlements for manual connector at all?
* Can I use a CsvConnector as a secondary connector to import entitlements? The CsvConnector seems more oriented towards handling account-related data from CSV files, rather than directly managing entitlements. Does anyone have experience using it for entitlement management as a secondary connector? I'd appreciate any insights.
 * Would there be some better ways to tackle this need? Creating separate resource for each customer isn't the optimal option in maintenance point of view. 


Thanks again,

Regards,
Eetu Salpaharju
Tietokeskus Finland oy