Provide Application Details

You must provide the information marked with an asterisk (*) before the application can be saved.

Enter the Name* of the application. This is the named used to identify the application throughout IdentityIQ.

Note
IdentityIQ does not support applications names that start with a numeric value or that are longer than 31 characters
Enter the name of the application Owner*. The owner specified here is responsible for certifications and account group certifications requested on this application if no revoker is specified.

Application ownership can be assigned to an individual identity or a workgroup. If the application ownership is assigned to a workgroup, all members share certification responsibilities, are assigned certification request associated with the application and all can take action on those requests.
Select the Application Type* from the drop down list.
Provide a brief Description of the application.

Use the language selector to enter the description in multiple languages. The drop-down list displays the languages supported by your instance of IdentityIQ. The description displayed throughout the product is dependent on the language associated with the user’s browser. If only one description is entered, that is the description used by default.

Note
You must Save the description before changing languages to enter another description.
Select or enter the name of the default Revoker user or workgroup assigned revoke requests associated with entitlements on this application.

Note
If no user is specified in this field, all revocation requests are assigned to the to application owner by default.
Select the Proxy Application to specify an application to manage accounts and provide connector and schema settings for this application.

A proxy application is an application that handles the processing (aggregation and provisioning) on behalf of your application. Here are three examples of proxy applications:
- Multiplex applications: In this case you define an application and, most often, a build map rule that sorts the data out in multiple sub-applications. In that case, the sub-applications have the main application as the proxy.
- Similar to the multiplex applications are the connectors for legacy identity management systems such as, BMC, Novell/NetIQ, IBM Tivoli, and Sun/Oracle Waveset.
- The Cloud Gateway connector tunnels all aggregation and provisioning requests to the gateway in another network. The gateway then acts on behalf of IdentityIQ. All applications that live in the remote network need to have the cloud gateway connector set as the proxy.
Provide the optional Profile Class used to associate this application with a larger set of applications for role modeling purposes.

For example, you might set a profile class of XYZ on all of the applications where any user that has read account privileges should be assigned the role XYZ Account Reader. You can then create a single profile for that role instead of a separate profile for each instance of the applications. During the correlation process any user with read account privileges on any of the applications with the profile class XYZ is assigned the role XYZ Account Reader.
Enter the Scope for this application. This field is only visible if scope is enabled.

If scope is assigned, only the owner of the application or users that control the designated scope can work with this application.

Objects associated with this application, for example entitlements in a certification request, are visible to a user with any or no controlled scope, but if a new object is being created, for example a certification schedule, this application does not appear on the select list unless the creator controls the scope assigned.

Depending on configuration settings, objects with no scope assigned might be visible to all users with the correct capabilities.
Select the checkbox to identify this application instance as an Authoritative Application.

An authoritative application is a repository for employee information for your enterprise, for example a human resources application. These might not be at risk applications, but they are the data source from which the majority of the IdentityIQ Identity Cubes are built. Note that your organization can have multiple authoritative applications.
Select the Case Insensitive to cause case insensitive comparisons of account attribute values when evaluating provisioning policy.
Select Native Change Detection if this application should be included when IdentityIQ performs native change detection during aggregation.
Select the checkbox for Native Change Operations to select which operations are included when detecting Native Change.
- If no operations are selected, native change detection is disabled.
- Select which Attributes to Detect to indicate which attributes are compared when accounts are modified.
  - Entitlement - All entitlement attributes are included.
    
    User Defined - Enter the name of the attributes to compare in the Attribute Names box.
Select the Maintenance Enabled checkbox to enable provisioning and aggregation during the defined maintenance period.
- Enter the Maintenance Expiration date to end maintenance. If no date is defined, this application will be in maintenance indefinitely.

After adding the application information, click Save to save your changes then select the Configuration tab.

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Provide Application Details

Documentation Feedback