Passwords on New Account Requests

New account requests often contain password values. If you want to use default account-creation passwords that are different from the standard password policy for that application, IdentityIQ uses a configuration setting to govern the enforcement of password policies on account creation.

To enforce password policies on account creation, complete these steps:

• On the Lifecycle Manager Configuration page located under the gear icon menu, Additional Options tab, select the Check Password Policy rule as the Password Validation Rule. Check Password Policy is a rule that is supplied with Lifecycle Manager that validates the password field on an application's provisioning policy against the application's password policy. To write a custom rule, click the button to the right of that box.

• Define a Create provisioning policy for the application that includes a password field. This field name must end with password, must be of type Secret, and must not have its own validation rule specified for the Password Validation Rule to be applied. The connector maps this password provisioning policy field to the application's password field as the account is created.

When the provisioning policy form is presented for completion, by default to the application owner, the value entered in the Password field on the form is validated against the application's provisioning policy.