How to Add or Edit Identity Attributes

Note: When mapping to a named column, specify the name to match the .hbm.xml property name, not the database column name. With camel case, the database column name is translated to lower case with underscore separators. For example, costCenter in the Hibernate mapping file becomes cost_center in the database.

Begin by clicking Add New Attribute or clicking an existing attribute to display the Edit Identity Attribute page.

Enter or change the Attribute Name and an intuitive Display Name.

Note: You cannot define an extended attribute with the same name as any existing identity attribute.

Caution: Changing an attribute name might cause attributes that were previously aggregated to no longer be recognized.

Advanced Options

Advanced options are optional. The Advanced Options you can set are described on the Edit Identity Attributes Page.

Source Mappings

Click Add Source to display the Add a source dialog, then specify a source for the new attribute. You can use more than one source for the attribute.

For Application Attributes you have the option to also make this source a target for attribute synchronization. If there are multiple source applications on which a user might have accounts, you would likely want to push the most authoritative value to the rest of the accounts.

  1. Select Application Attribute.

  2. Select an application from the Application dropdown list.

  3. Select an attribute from the Attribute dropdown list.

  4. Click Add.

This rule only applies to the application specified.

  1. Select Application Rule.

  2. Select an application from the Application dropdown list.

  3. Select a rule from the Rule dropdown list.

  4. Click Add.

This rule applies to all applications that contain this attribute.

  1. Select Global rule (all apps).

  2. Select a rule from the Rule dropdown list.

  3. Click Add.

When you have added your sources for the attribute, use the arrows to the right of the sources list to arrange the search order for the attribute sources. When aggregation tasks are run, they search the source at the top of the list, or the primary source, first and then work down the list.

Target Mappings

For Identity attribute types only, add targets for attribute synchronization

  1. Select Add Target to display the Add a target to the attribute dialog.

  2. Select the application to receive the value.

  3. Select the attribute to receive the value.

  4. Optional: Select a transformation rule to transform the value before it is set on the destination.

  5. Optional: Select Provision All Accounts to provision all of the identities accounts on the targeted application. If you disable this option you are asked to select the accounts to provision manually.

Click Save to create the new attribute and return to the Identity Attribute page.