Identity Library

Method / Usage	Description	Expected Args (Required Args are marked with a * )
public String getManager(WorkflowContext wfc)	Returns the name of the manager for the specified identity.	identityName
public Object calculateIdentityDifference(WorkflowContext wfc)	Derive a simplified representation of the changes made to an identity for an approval work item.	oldRoles newRoles plan approvalSet
private void addLinksInformation(WorkflowContext wfc)	Modifies workflow context lists of links (accounts) to be added, moved, or removed for the identity as a result of the provisioning plan.	linksToAdd linksToMove linksToRemove plan
public List<Map<String,Object>> checkPolicyViolations(WorkflowContext wfc) Evaluate policy violations that can be incurred by the provisioning plan/project's actions	Evaluates policy violations that the provisioning plan/project actions can incur.	policies identityName* project plan (either plan or project is required)
public void activateRoleAssignment(WorkflowContext wfc)	Assigns a role or roles to the identity.	identity* (ID) role* (ID) detected (Boolean indicating if role was detected vs. assigned)
public void deactivateRoleAssignment(WorkflowContext wfc)	Removes role assignments from the identity.	identity* (ID) role* (ID) detected (Boolean indicating if role was detected vs. assigned)
public void refreshIdentity(WorkflowContext wfc)	Performs an identity refresh on one identity.	identity (ID) identityName (either identity or identityName is required)
public void refreshIdentities(WorkflowContext wfc)	Performs an identity refresh on a set of identities. Can specify one or more identityNames, a filterString, or a list of roles. Processes the first of the above listed options that is non-null.	identityName identityNames (CSV) filterString identitiesWithRoles (CSV) (any one of these 4 is required)
public Object compileProvisioningProject(WorkflowContext wfc)	Compiles a provisioning plan into provisioning project.	plan identityName
public Object buildProvisioningForm(WorkflowContext wfc)	Creates a form to display provisioning policy questions. When requiredOwner is passed as an argument, a form owned by this user is returned. If no more forms for this user exist, null is returned. When preferredOwner is passed as an argument, a form owned by this user is returned. If there are no remaining forms for that owner, a form owned by a different user can be returned.	project* template (name of form to serve as page template) owner preferredOwner (owner or preferredOwner required but mutually exclusive)
public Object assimilateProvisioningForm(WorkflowContext wfc)	Collects data from completed a provisioning form and stores answers with questions on provisioningProject.	project* form*
public Object assimilateAccountIdChanges(WorkflowContext wfc)	Updates ApprovalSet with any changes to accountIDs.	project* approvalSet
public Object buildPlanApprovalForm(WorkflowContext wfc)	Builds a form that represents all attributes in a provisioningPlan for an approval before the provisioning occurs.	plan* template
public Object assimilatePlanApprovalForm(WorkflowContext wfc)	Collects data from a form and puts the data back into the provisioningPlan. Assumes buildPlanApprovalForm.	form plan*
public Object provisionProject(WorkflowContext wfc)	Called by the Identity Update and LCM Workflows after provisioning forms are completed. Provisions the remaining items in the project.	project* noTriggers (Boolean)
public Object finishRefresh(WorkflowContext wfc)	Called by the Identity Refresh workflow, after approvals are done and account completion attributes are gathered. Provisions what it can and completes the refresh process.	identitizer refreshOptions (map of args for creating new Identitizer if needed) previousVersion project
public Object buildApprovalSet(WorkflowContext wfc)	Called by the Lifecycle Manager workflows. Builds a simplified ApprovalSet representation of the items in the provisioning plan.	plan*
public Object processApprovalDecisions(WorkflowContext wfc)	Processes decisions made during approval process audit and react. Modifies the project masterPlan and recompiles the project if the recompile argument is set to true.	project* dontUpdatePlan disableAudit approvalSet* recompile
public Object processPlanApprovalDecisions(WorkflowContext wfc )	Processes decisions made during approval process audit and modifies the Used before the plan is compiled into a provisioningProject.	plan* dontUpdatePlan disableAudit approvalSet*
public Object auditLCMStart(WorkflowContext wfc)	Creates an audit event to mark the start of an Lifecycle Manager workflow.	approvalSet* flow (name of applicable UI flow)
public Object auditLCMCompletion(WorkflowContext wfc)	Creates an audit event to mark the completion of anLifecycle Manager workflow.	approvalSet* flow
public void disableAllAccounts(WorkflowContext wfc)	Used by lifecycle events to disable managed accounts for the identity specified in the workflow.	none
public void enableAllAccounts(WorkflowContext wfc)	Used by Lifecycle events to enable all accounts on the identity specified in the workflow.	none
public void deleteAllAccounts(WorkflowContext wfc)	Used by Lifecycle events to delete all accounts on the identity specified in the workflow.	none
public ProvisioningPlan buildEventPlan(WorkflowContext wfc)	Go through all links that the workflow's specified Identity hold and creates a plan to enable or disable all of the Identity's accounts. Specified by op.	op* (operation)
public void updatePasswordHistory(WorkflowContext wfc)	Adds a password to the link password history	plan*
public ProvisioningProject assembleRetryProject(WorkflowContext wfc)	Adds any account request for an original provisioning project that are retryable and then adds them to a new provisioning project. Rarely used in custom workflows.	project
public Object retryProvisionProject(WorkflowContext wfc)	Executes the retry provisioning project, created in assembleRetryProject. Rarely used in custom workflow.	project
public Object mergeRetryProjectResults(WorkflowContext wfc)	Merges results from the retry project onto the main project. Called between retries. Rarely used in custom workflow.	project* retryProject*
public Boolean requiresStatusCheck(WorkflowContext wfc)	Identifies if the project contains any Results that are queued with a requestID stored on the result.	project
public Object checkProvisioningStatus(WorkflowContext wfc)	Calls down to the connector for each Result in the plan that is marked queued with a requestID specified.	project
public Integer getProvisioningStatusCheckInterval(Workflow Context wfc)	Compute intervals between status checks for a request. The default is 60 minutes.	none
public Integer getProvisioningMaxStatusChecks(Workflow Context wfc)	Computes the maximum number of status checks permitted during a request. The default is infinite.	none
public Integer getProvisioningMaxRetries(WorkflowContext wfc)	Computes the maximum number of retries permitted during a request. The default is infinite.	none
public Integer getProvisioningRetryThreshold(WorkflowContext wfc)	Computes the retry threshold, the interval between retries, to use for a request. the Default is 60 minutes.	none

The methods are available for use. However these methods are rarely used in a custom workflow. It is recommended that custom workflows the workflow subprocesses instead of calling the library methods directly.

Note: This information is included for reference purposes and to document the purpose of the methods and what is passed to them. These explanations are also included to ensure that customizations do not remove calls to important methods from the subprocess workflows and to ensure that customizations only add other functionality around these method calls.


	You are here: