Identity Manager (IDM): Additional provisioning policy actions and nouns

In addition to the current policy actions in IDM 4.7 to request and revoke roles and resources and to the upcoming new actions in 4.8 it would be great to also be able to read assigned roles and resources.

For example on user termination we would like to be able to automatically read all roles and resources assigned explicitly to the user and revoke them. And I guess it would also make sense to be able to read all running requests for a user so that they can be denied.

So maybe something like the following argument builder nouns "Assigned Roles", "Assigned Resources" and "Running Requests" and an action "deny request"?

by: Stefan U. | over a year ago | Role Based Provisioning

Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.

2

Additional provisioning policy actions and nouns

Comments