Notification Settings
Use this tab to set default values for how notifications are sent in IdentityIQ.
Email Settings
Email notifications can be sent using HTTP / OAuth authorization or SMTP / Basic authorization. You can also opt to redirect emails to a specific email address or to a file, which is useful for testing your email settings and templates.
Choose your Email Notification Type, then configure your email options as described below.
HTTP / OAuth
Choose this option to use the OAuth2 authentication protocol to send email notification via HTTP / HTTPS. This option is recommended for use with Microsoft Office 365, as an alternative to the SMTP / Basic method which has been deprecated by Microsoft.
Note: IdentityIQ supports OAuth version 2.0.
To use HTTP/OAuth with IdentityIQ, you need to register and configure IdentityIQ with your OAuth provider, and generate an access token to use for authenticating connection requests.
In addition, when working with Azure instances, you must set the Microsoft Graph Mail.send permission as an Application level permission; setting the permission type to Delegated does not provide sufficient access for this feature.
Email Service Endpoint
The email service endpoint for sending email notifications. Use the provided syntax as a guide, substituting your organization's preferred email address.
Token Endpoint
The token endpoint for the email notifier to use. Use the provided syntax as a guide, substituting your organization's tenant ID.
Refresh Token Endpoint
The refresh token endpoint for the email notifier to use. Use the provided syntax as a guide, substituting your organization's tenant ID.
Scope
The scope for the email notifier. The provided syntax enables the /.default
scope, which is the least restrictive. You can edit this scope as needed.
Client ID and Client Secret
The OAuth Client ID and Client Secret for authenticating. For Azure Active Directory, these can be found in the Azure application registration page for your organization.
SMTP / Basic
Choose this option to use basic authentication for email notifications.
Encryption
Choose your email encryption type from the drop-down list: NONE, SSL, or TLS
Default SMTP Host
Your organization's default mail host.
Default SMTP Port
Your organization's default SMTP port.
Default From Address
The address to use as the From address for all notices automatically generated by IdentityIQ.
Username and Password
The username and password required to access the SMTP host.
Connection Timeout
The email socket connection timeout value in milliseconds.
If there are session properties defined in the notification template objects that are used to send the email, those will take precedence over this property.
Read Timeout
The email socket read timeout value, in milliseconds.
If there are session properties defined in the notification template objects that are used to send the email, those will take precedence over this property.
Redirect to Email
Choose this option to redirect all IdentityIQ emails to a specific email address. The options you configure for this setting are the defined in the same way as the settings described above for SMTP / Basic, with the addition of this option:
Redirection Email Address
The email address to which email should be redirected.
Redirect to File
Choose this option to redirect email to a file.
Redirection File Name
The name of the file to which email should be redirected.
Default From Address
The address to use as the From address for emails and notices generated by IdentityIQ.
Email Settings Common to All Notification Types
Every email notification type requires these configuration options:
Maximum Email Retries
Specify the maximum number of times to retry sending emails if a temporary error is returned. Set this to 0 to disable retries.
Suppress Duplicate Emails
Prevent the sending of multiple emails of the same type to the same recipient at one time. For example, if five work item reminders are generated for the same person at one time, they only receive an email for the first one. This option is used only for certification-related emails, and is enabled by default.
Notification Templates
Choose a template to use for each notification type. Notification templates are highly configurable; you can use IdentityIQ's provided defaults, or create your own. Detailed information about importing, customizing, and using IdentityIQ notification and email templates is in IdentityIQ Email Templates.
Email Task Alerts
You can configure IdentityIQ to send emails to users or groups with the status of tasks after completion. The settings defined here at the global level are typically used when the email notification configured at the task level is disabled. Note that email notification settings at the task level have priority over the global settings configured here. For example, if you set a global default to send task notifications to the Administrator, then configure "Task1" to send notifications to the IT Helpdesk and "Task2" without any notification settings, "Task1" will send notifications to the IT Helpdesk and "Task2" will send email notifications to the Administrator.
See Tasks for more information on choosing notification recipients and templates at the task level.
Select a frequency for email notification to be sent upon task completion:
-
Disabled – no email notification sent on task completion
-
Warning – send an email notification if the task results in a warning
-
Failure – send an email notification if the task fails
-
Always – always send an email notification upon task completion
Choose a notification email template from the dropdown list. The Task Status email template is provided out of the box as a default template for task notifications, but you can choose another template if you prefer. For details on creating your own custom email templates, see IdentityIQ Email Templates.
This option is disabled if Email Notification field is disabled.
Choose the users and / or groups to receive task completion notifications. You can use the drop-down arrow to display all identities, or type the first few letters of a name or group and select them from the list.
Microsoft Teams Notification Settings
Check Enable Microsoft Teams Notification to enable the Microsoft Teams Notification feature. This feature enables IdentityIQ to send notifications both to users' emails and to their Microsoft Teams application. When this option is checked, notifications are enabled on all Azure Active Directory applications on which Microsoft Teams are configured.