Leaver Configuration

Enable this option if the leaver process should include approvals. The approval path is defined in the Leaver Business Process you specify below.

Note that the default RapidSetup – Leaver business process delegates approvals to the LCM Provisioning business process.

Exclude uncorrelated identities from joiner processing. A correlated identity is an identity that has an account on an authoritative application.

Remove assigned roles from an identity during leaver processing.

Reassign objects, such as applications, workgroups, or policies, that are owned by a leaving user.

Choose which types of object should be reassigned, if the current owner is the leaving identity.

Reassign the objects selected above to the manager of the leaving identity.

Handle reassignment of object using a rule. If the Reassign Artifacts to Manager option is also enabled, the leaver process will first attempt to assign objects to the manager, then will use the rule chosen here, if no manager can be determined.

Reassign objects to this identity if none were discovered for manager or by the reassignment rule.

If the leaving identity is the owner or administrator of other identities, such as service accounts or RPA / bot identities, enable this option to reassign those identities to another identity or workgroup.

Reassign the identities to the manager of the leaving identity.

Handle reassignment of managed identities using this rule, if a manager cannot be determined, or if the Reassign Identities to Manager option is not enabled.

Reassign managed identities to this identity, if no identity was discovered as a manager or by the reassignment rule.

Select a workgroup to receive leaver notification emails, rather than a manager.

Email template to compose the email notification regarding reassignments (used for both artifact and identity reassignment).

For more information on email templates, see IdentityIQ Email Templates.

The template to use for notification emails.

For more information on email templates, see IdentityIQ Email Templates.

Rules can drive custom actions outside of the standard leaver processes. If you want to run a rule as the final step of the leaver process, choose the rule here. Rules of type LeaverReassignment are available to select here.

Identity Processing Thresholds stop lifecycle events before they are fully processed, in case of accidentally-triggered workflows, To enable an Identity Processing Threshold, choose from Fixed or Percentage.

For more information, see Using Identity Processing Thresholds for Error Prevention.

Enter a value to use in conjunction with the Threshold Type, for Identity Processing Thresholds.

Choose the business process for leaver processing.