Skip to content

Define Home Page Quicklinks

Quicklinks are objects in IdentityIQ that enable you to place customized links on the IdentityIQ Home page and in the Quicklinks menu available on every page. Quicklinks are defined when IdentityIQ is deployed and are based on the needs of your enterprise. You can determine the behavior and availability of these links for different users. For example, IdentityIQ can be set up to limit access based on the user capabilities, rights, or workgroup membership.

Three objects control links. QuickLink objects define the links, the DynamicScope object controls who can view those links, and the QuickLinkOption object references the first two to create the Quicklinks within the product.

QuickLinkOption

The QuickLinkOption object is created when a quicklink population, or DynamicScope object, is created on the Quicklink Populations page and associated with one or more QuickLink objects. The QuickLinkObjects objects do not control quicklink populations, nor the targets of the QuickLink objects, they are containers holding references to both.

    <QuickLinkOptions allowSelf="true" created="1443970828183" id="2c90900950335ce70150335e4797010e">

    <DynamicScopeRef>

        <Reference class="sailpoint.object.DynamicScope"        id="2c90900950335ce70150335e4783010c" name="Everyone"/>
    </DynamicScopeRef>
    <QuickLinkRef>
        <Reference class="sailpoint.object.QuickLink" id="2c90900950335ce70150335e478a010d" name="Access Reviews"/>
    </QuickLinkRef>
    </QuickLinkOptions>

DynamicScope

The DynamicScope object define groups of users, quicklink populations, based on capability, rights, indirect capabilities and rights granted by a workgroup, population, or any attribute of the identity. These objects are defined on the Quicklinks Populations page. Refer to the system administration documentation for more information.

DynamicScope objects are referenced by name or ID in a QuickLinkOption object. If the quicklink population applies to an identity, the Quicklink is visible to that identity. Only System Administrators can view Quicklinks with no scopes.

Note

DynamicScope objects are used to define the population of people who can view and run the Quicklink. DynamicScope objects are not the group of identities or objects that the Quicklink interacts with after the link is clicked.

Examples

The product ships with a DynamicScope that represents the allowAll option. The name of the DynamicScope is named Everyone. You can associate this option with any Quicklinks you want to enable the entire user population to view or use. The following QuickLinkOptions reference this DynamicScope by default:

  • Access Reviews

  • Approvals

  • Signoffs

  • Work Items

  • Policy Violations

<DynamicScope allowAll="true" created="1443970828163" id="2c90900950335ce70150335e4783010c" name="Everyone"/>

The following XML example of a DynamicScope restricts visibility to a specified Quicklink. Visibility is enabled for users in the IT department or who have the Help Desk Personnel capability. Visibility is also enabled for identities in the Inclusion list. Because Barbara.Wilson is in the Inclusions list, she can always see the Quicklink regardless of her capabilities or department.

    <DynamicScope created="1443973952475" id="2c90900950335ed60150338df3db000a" name="MyDynamicScope">
    <Description></Description>
    <Inclusions>
        <Reference class="iiq.object.Identity" id="2c90900950336e720150336f0797010d" name="Barbara.Wilson"/>
    </Inclusions>
    <PopulationRequestAuthority allowAll="true"/>
    <Selector>
        <IdentitySelector>
        <MatchExpression>
            <MatchTerm name="capabilities" value="Help Desk Personel"/>
            <MatchTerm name="Department" value="IT"/>
        </MatchExpression>
        </IdentitySelector>
    </Selector>
    </DynamicScope>

By default, IdentityIQ assumes that any link defined as a top-level QuickLink object is for a non-Lifecycle Manager action which does not operate on a target identity, so no user selection options are presented.

EmailTemplate Nested Elements

The components listed are generally expressed as nested elements due to their complexity and length.

<subject>
Subject line for the email message

<body>
Body, or main content, of the email message

<signature>
Hashmap of arguments to the email template The signature for each template cannot be changed through the XML. Arguments to each template vary based on the associated system activity to which they apply. Properties and methods belonging to any object passed as an argument are available to include in the message, but other objects that are not part of the template signature cannot be retrieved to use in the email message.

<Inputs>
Nested element within Signature, signifying the input arguments to the template

<Argument>

Note

HTML cannot be passed into a template as an argument value. All HTML must be included as part of the base template.

Nested element within Signature and Inputs. This element names and specifies the type of each input argument to the template.

<Description>
Indicates descriptive information for the reader of the XML. Describes the element in which it is nested.
For example:
<Description> within <Argument> describes the argument usage.
<Description> within the <EmailTemplate> describes the purpose and usage of the template.

At the most basic level, the contents of these elements and attributes can be written as straight text values with no variable substitutions. However, the real flexibility and usefulness of these templates is found when custom text is substituted into the message body, subject, and other attributes. This substitution is managed by the Apache Velocity Engine.