Mapped Security
Documents in a repository can often be viewed only by authenticated users, and different users are allowed to view different documents. In this case you might want any output from IDOL (for example, search results) to show only documents that a user has permission to see. This can be achieved by implementing mapped security.
Exactly how mapped security is implemented depends on how a particular repository restricts access to documents. Mapped security is usually split into two parts – Access Control Lists (ACLs), and Group Information.
Your connector might need to extract group membership information from a repository and send it to a group server. If this is the case, you can implement the synchronizeGroups
fetch action.