Correlation

Correlation refers to how IdentityIQ maps data from the source system to authoritative identities stored in IdentityIQ. Correlation logic can be implemented in a variety of ways, including:

• Through direct mapping of attributes – for example, the application's account attribute "mail" is mapped directly to the identity's attribute "email."

• Using conditions that assign application accounts to existing identities by defining attribute conditions. For example, the root account on Unix typically does not have any identifying attributes that can help when trying to correlate it to an existing identity using direct attribute mapping, so you can use a condition, such as whether the identity is a Unix application owner, to drive the correlation.

• Through rules – custom BeanShell rules let you create your own specialized logic for correlation.

• Manually – the Identity Correlation feature lets you select an application, retrieve a list of all uncorrelated accounts for that application, then select a target identity to correlate the uncorrelated account to. See Identity Correlation.

For more information about correlation, see:

• The Correlation Tab in Application Configuration

• Identity Correlation

• In the Rapid Setup feature: Account and Manager Correlation and Service Account and RPA Account Correlation in Rapid Setup