Identity Mappings
The Identity Mappings feature is where you configure the identities that are managed by IdentityIQ. This is where you specify the applications and application attributes from which the identity data is derived.
Use the Identity Attributes page to view and edit the identity attributes information for your configuration. These attributes are used throughout the product for certifications, searches, and to collect and correlate identity data from applications.
IdentityIQ also supports the use of Robotic Process Automation (RPA) or bot identities. A bot is an application that can perform automated tasks, especially simple, repetitive tasks such as requesting access and managing identities. See Robotic Process Automation (Bot) Identities for more information.
The Identity Attributes page lists any attributes that have been configured in your system, and shows the primary source mapping and any advanced options that have been configured for each attribute. For details on how to edit and further configure identity attributes, see Edit Identity Attributes Page.
Attribute
The Attribute column shows the display name of the identity attribute, which is derived from the attribute and its associated application in the Primary Source Mapping column.
The following attributes are required by IdentityIQ to perform correctly:
-
ID
-
manager
-
email
-
firstname
-
lastname
Manager and role are system attributes that are configured for grouping. However, you can use any identity attribute or grouping by defining it as a group factory in the Advanced Options.
Primary Source Mapping
The Primary Source Mapping column lists the first of the the application/attribute pairs from which employee attributes are derived. If the required data is unavailable on this primary source, the collection process continues down the list of configured sources until the information is found.
Set up the list of sources on the Edit Identity Attributes page.
Setting the same application and attribute as the source and target for an identity attribute creates circular references.
Identity attributes with circular references between sources and targets can cause values to be continually changed on every attribute synchronization. This can be problematic when a transformation rule modifies a value without first checking the identity attribute value has already been transformed.
Advanced Options
The Advanced Options column shows some of the main options that are enabled for this attribute. Additional Advanced Options can be configured in the Edit Identity Attributes Page.
Editable – the attribute can be edited.
Group Factory – the attribute can be used to create groups that are used for analytical purpose throughout IdentityIQ.
Searchable – the attributes that are available for filtering in identity searches.
To add a new identity attributed, click Add New Attribute. For details on how to set up new identity attributes, see How to Add or Edit Identity Attributes and the Edit Identity Attributes Page.
To delete identity attributes, right-click the attribute and select Delete.
Deleting an identity attribute also deletes any group factories that reference it. Review the group factory information in the Confirm Deletion of Attribute dialog before clicking Yes.
For additional information: