Managing X-SGP
X-SGP support is intended to support its implementation with the ACF2 for DB2 Option, where names in the include/exclude lists at the bottom level, non-group SOURCE entities are treated as LIDs (accounts).
-
Add the following schema into the application via the Application Debug page:
Copy<Schema aggregationType="group" descriptionAttribute="" displayAttribute="SourceName" featuresString="PROVISIONING" identityAttribute="SourceName" instanceAttribute="" nativeObjectType="source" objectType="source">
<AttributeDefinition name="SourceName" required="true" type="string">
<Description>The name of Source</Description>
</AttributeDefinition>
<AttributeDefinition name="isIncomplete" required="true" type="string">
<Description>Obtained object data is incomplete</Description>
</AttributeDefinition>
<AttributeDefinition name="IncludeList" multi="true" required="true" type="string">
<Description>List of users included in the Source</Description>
</AttributeDefinition>
<AttributeDefinition name="ExcludeList" multi="true" required="true" type="string">
<Description>List of users excluded from the Source. This is subset of values from IncludeList</Description>
</AttributeDefinition>
</Schema> -
Add the following attributes into the account schema:
Attributes
Description
Properties
Sources
List of sources to which this user belongs.
Type – source
Entitlement – true
Multi-Valued – true
Managed – true
SourceGroups
List of source groups to which this user belongs.
Type – string
Entitlement – false
Multi-Valued – true
-
Add Create and Update provisioning policies to the application:
-
Create Source
Attribute
Type
Value
SourceName
String
Required – true
IncludeList
String
Multi-Valued – true
Required – true
ExcludeList
String
Multi-Valued – true
-
Update Source
Attribute
Type
Value
IncludeList
String
Multi-Valued – true
Required – true
ExcludeList
String
Multi-Valued – true
-