Summary of Workflows, Tasks, and Rules in Provisioning
The following table provides an at-a-glance list of workflows, tasks and rules for provisioning through IdentityIQ.
For an overview of developing and using rules in IdentityIQ, see Rules and Scripts in IdentityIQ.[Link needed]
| Type | Name | Purpose / Usage |
|---|---|---|
| Workflow | Lifecycle Manager: LCM Provisioning LCM Create and Update LCM Manage Passwords LCM Registration |
Manages actions requested through Lifecycle Manager. |
| Workflow | Identity Update | Manages the provisioning actions required based on an Identity Cube update. |
| Workflow | Identity Refresh | Manages the provisioning actions required from an Identity Refresh. |
| Workflow | Lifecycle Event – Joiner Lifecycle Event – Manager Change Lifecycle Event – Leaver Lifecycle Event – Reinstate |
Controls the Lifecycle Event-driven activities, which can contain provisioning actions. |
| Workflow (subprocess) | Do Provisioning Forms | Creates, presents and gathers data from provisioning forms. This step is the interactive provisioning policy phase of provisioning. |
| Workflow (subprocess) | Do Manual Actions | Presents the unmanaged portion of a provisioning project as work items to be processed manually. Update and Identity Refresh workflows use this step. Lifecycle Manager has a similar step but audits differently. |
| Workflow (subprocess) | Provision with Retries | Manages retries on the provisioning actions for Lifecycle Manager. |
| Workflow (subprocess) | Identity Request Initialize Identity Request Violation Review Identity Request Approve Identity Request Approve Identity Changes Identity Request Provision Identity Request Notify Identity Request Finalize Provisioning Approval Subprocess |
These workflows subdivide Lifecycle Manager Provisioning into more manageable workflow parts. Lifecycle workflows also use some or all of these tasks. |
| Task | Identity Refresh | Creates provisioning requests based on application of role assignment rules or role detection. |
| Task | Perform Maintenance | Processes certification-generated and policy violation-generated remediation requests. |
| Task | Account Aggregation | Provisioning activities driven by integration configurations or Work Items require a reaggregation from the target system before the identities can be updated with the access change. |
| Rule | FieldValue | Identifies the default value for the Provisioning Policy field. |
| Rule | AllowedValues | Constrains allowed values for the Provisioning Policy field. |
| Rule | Validation | Defines validation process for Provisioning Policy field. |
| Rule | Owner | Defines owner for Provisioning Policy field. |
| Rule | PlanInitializer | Can be specified for any IntegrationConfig or ProvisioningConfig to run installation-specific pre-processing in Plan Evaluation step before carrying out provisioning. |
| Rule | IdentityTrigger | Can determine the triggering of a Lifecycle Event. |