Entitlement Role Generator

The Entitlement Role Generator creates an Entitlement Role for every entitlement found in a specified application. Recommended role types are Entitlement or IT.

You can further refine creation by specifying an entitlement name or permission target so that only entitlements matching the specified criteria are used.

It is recommended to specify a template to be used to name the created roles. IdentityIQ uses Velocity templates. If no template is used, a generic name based on either the entitlement or role is created.

Option

Description

Applications

Select one or more applications from the dropdown list.

Type of Role to Create

Input the name of the role based on the specifications for your enterprise.

Enter the locale to check for descriptions. (If left blank the default Locale is used)

Enter the location of the role description.

Generate entitlements from attributes whose name starts with

Enter letters in the attribute name to filter the scan.

Generate entitlements from permissions whose target starts with

Enter letters in the permission name to filter the scan

Velocity template from which to generate entitlement role names. The template is always passed the applicationName parameter. The description, attributeName, attributeValue, permissionTarget, and/or permissionRights parameters are set when available.

Enter the Velocity template string.