Notification Settings

Use this tab to set default values for how notifications are sent in IdentityIQ.

Email Settings

Email notifications can be sent using HTTP / OAuth authorization or SMTP / Basic authorization. You can also opt to redirect emails to a specific email address or to a file, which is useful for testing your email settings and templates.

Choose your Email Notification Type, then configure your email options as described below.

HTTP / OAuth

Choose this option to use the OAuth2 authentication protocol to send email notification via HTTP / HTTPS. This option is recommended for use with Microsoft Office 365, as an alternative to the SMTP / Basic method which has been deprecated by Microsoft.

Note: IdentityIQ supports OAuth version 2.0.

To use HTTP/OAuth with IdentityIQ, you need to register and configure IdentityIQ with your OAuth provider, and generate an access token to use for authenticating connection requests.

In addition, when working with Azure instances, you must set the Microsoft Graph Mail.send permission as an Application level permission; setting the permission type to Delegated does not provide sufficient access for this feature.

Email Service Endpoint

The email service endpoint for sending email notifications. Use the provided syntax as a guide, substituting your organization's preferred email address.

Token Endpoint

The token endpoint for the email notifier to use. Use the provided syntax as a guide, substituting your organization's tenant ID.

Refresh Token Endpoint

The refresh token endpoint for the email notifier to use. Use the provided syntax as a guide, substituting your organization's tenant ID.

Scope

The scope for the email notifier. The provided syntax enables the /.default scope, which is the least restrictive. You can edit this scope as needed.

Client ID and Client Secret

The OAuth Client ID and Client Secret for authenticating. For Azure Active Directory, these can be found in the Azure application registration page for your organization.

SMTP / Basic

Choose this option to use basic authentication for email notifications.

Encryption

Choose your email encryption type from the drop-down list: NONE, SSL, or TLS

Default SMTP Host

Your organization's default mail host.

Default SMTP Port

Your organization's default SMTP port.

Default From Address

The address to use as the From address for all notices automatically generated by IdentityIQ.

Username and Password

The username and password required to access the SMTP host.

Connection Timeout

The email socket connection timeout value in milliseconds.

If there are session properties defined in the notification template objects that are used to send the email, those will take precedence over this property.

Read Timeout

The email socket read timeout value, in milliseconds.

If there are session properties defined in the notification template objects that are used to send the email, those will take precedence over this property.

Redirect to Email

Choose this option to redirect all IdentityIQ emails to a specific email address. The options you configure for this setting are the defined in the same way as the settings described above for SMTP / Basic, with the addition of this option:

Redirection Email Address

The email address to which email should be redirected.

Redirect to File

Choose this option to redirect email to a file. 

Redirection File Name

The name of the file to which email should be redirected.

Default From Address

The address to use as the From address for emails and notices generated by IdentityIQ.

Email Settings Common to All Notification Types

Every email notification type requires these configuration options:

Maximum Email Retries

Specify the maximum number of times to retry sending emails if a temporary error is returned. Set this to 0 to disable retries.

Suppress Duplicate Emails

Prevent the sending of multiple emails of the same type to the same recipient at one time. For example, if five work item reminders are generated for the same person at one time, they only receive an email for the first one. This option is used only for certification-related emails, and is enabled by default.

Notification Templates

Choose a template to use for each notification type. Notification templates are highly configurable; you can use IdentityIQ's provided defaults, or create your own. Detailed information about importing, customizing, and using IdentityIQ notification and email templates is in IdentityIQ Email Templates.

Email Task Alerts

You can configure IdentityIQ to send emails to users or groups with the status of tasks after completion. The settings defined here at the global level are typically used when the email notification configured at the task level is disabled. Note that email notification settings at the task level have priority over the global settings configured here. For example, if you set a global default to send task notifications to the Administrator, then configure "Task1" to send notifications to the IT Helpdesk and "Task2" without any notification settings, "Task1" will send notifications to the IT Helpdesk and "Task2" will send email notifications to the Administrator.

See Tasks for more information on choosing notification recipients and templates at the task level.

Select a frequency for email notification to be sent upon task completion:

  • Disabled – no email notification sent on task completion

  • Warning – send an email notification if the task results in a warning

  • Failure – send an email notification if the task fails

  • Always – always send an email notification upon task completion

Choose a notification email template from the dropdown list. The Task Status email template is provided out of the box as a default template for task notifications, but you can choose another template if you prefer. For details on creating your own custom email templates, see IdentityIQ Email Templates.

This option is disabled if Email Notification field is disabled.

Choose the users and / or groups to receive task completion notifications. You can use the drop-down arrow to display all identities, or type the first few letters of a name or group and select them from the list.

Microsoft Teams Notification Settings

Check Enable Microsoft Teams Notification to enable the Microsoft Teams Notification feature. This feature enables IdentityIQ to send notifications both to users' emails and to their Microsoft Teams application. When this option is checked, notifications are enabled on all Azure Active Directory applications on which Microsoft Teams are configured.