Creating and Editing Profile Types
Profile types are used to group similar profiles. They represent a type of object that Non-employee Risk Management governs, such as vendors, projects, or non-employees. All profiles must be part of a profile type.
A profile's type determines the workflows, forms, and pages used to create that profile. You can assign contributors to a profile type so they can manage profiles of that type, and you can use a profile type's duplication-prevention feature to prevent multiple profiles from being created with the same basic information.
Creating a Profile Type
To create a profile type:
-
Go to Admin > Lifecycle > Profile Types.
-
Select + New Profile Type.
-
In the BASIC SETTINGS section, complete the following fields:
- Name - Add a unique name for the profile type.
- UID - Add a unique identifier for the profile type. This can't be changed once the profile type has been created.
-
Category - Choose the category of profile for this profile type. The available options are:
- Employee - An employee that works directly for your company.
- Non-Employee - Non-employees such as contractors or vendors that work with your company.
- Organization - An external company that provides contractors to your company or is otherwise affiliated with your organization.
- Assignment - A specific engagement or project.
- Other - Profiles that don't fit other categories, such as departments or locations.
-
Create supporting content? - Select this checkbox to create some additional content when you save your profile type. This content includes:
- An empty form using the name of the new profile type.
- A Workflow Page with the name "Create <profile type>".
- A Profile Page containing the empty form created with this profile type.
- A disabled Create Workflow containing two steps. These are the "Request Form" action, containing the "Create <profile type> Workflow Page; and the "Create" action.
You can rename and edit supporting content.
-
Role filtering - Choose whether to filter the users that can be selected as contributors for this profile based on their role.
- If you select ALLOW and add roles within the Add role field, only users with one or more of the roles in this list can be added as contributors to profiles in this profile type.
- If you select ALLOW and don't add any roles, users can't be added as contributors to this profile type.
- If you select BLOCK and add roles within the Add role field, users with those roles can't be added as contributors to profiles in this profile type.
- If you do select BLOCK and don't add any roles, and don't add any roles, filtering will not be applied and users can be selected as contributors regardless of their role.
Note
The ACCESS PERMISSIONS section is read-only and states that profile owners and profile contributors will have access to this profile type.
-
In the PERMISSIONS section, choose whether or not the users from any additional roles, separate from the default roles, should be granted access to this profile type, based on the permissions granted to users with that role in the Profile Access section of its Permissions.
In the PERMISSIONS section, choose whether or not the users from any additional roles, separate from the default roles, should be granted access to this profile type. Adding a role to this list also updates the role's Profile Access settings in its Permissions section.
Note
These permissions can be applied to both lifecycle and collaboration roles.
- If you select ALLOW and add one or more roles within the Add role field, users with the roles you select can access this profile type regardless of whether they are also contributors.
- If you select ALLOW and don't add any roles, users who aren't contributors to this profile type won't be able to access it.
- If you select BLOCK and add one or more roles within the Add role field, users with the roles you select will not be able to access this profile type unless they are also contributors. However, users with all other roles can access this profile type regardless of whether they are also contributors.
- If you select BLOCK and don't add any roles, users with any role can access this profile type regardless of whether they are also contributors.
-
Select create.
Your profile type is saved. The PROFILE NAMING tab is displayed.
-
In the Name Attributes section, in the Add attributes field, enter the names of one or more attributes. The attributes you select here will be used to construct the unique name of each profile in this type.
For example, if you choose the attributes
firstName
,lastName
, andemployeeNumber
in that order, a profile representing a user named John Smith with an employee number of 001 would be calledJohnSmith001
.By default, the
id
attribute is used as the name attribute. -
Select save.
Your profile type has been created. Before you can add profiles to this profile type, you must complete the following tasks:
- Create the attributes that will be used within profiles.
- Create forms to gather the data needed to populate those attributes when a profile is being created.
- Create pages from those forms so that they can be included in workflows to create and update profiles for this profile type.
- Add those pages to Create Workflows. When the workflow associated with this profile type is executed, those forms and pages are used to fill out the attributes associated with new profiles of this profile type.
Note
If you selected Create supporting content? while initially creating the profile type, a workflow, page, and form were created already, using the name of the profile type you created. These objects are empty and must be edited before they can be used.
You can make additional changes to your profile type after it's been created, such as configuring duplicate prevention.
Editing Profile Types
You can view and edit profile types in bulk or individually.
Updating Profile Types in Bulk
You can make some changes to the profile types in your tenant in bulk.
-
Go to Admin > Lifecycle > Profile Types.
-
Select the checkbox beside the profile types you want to edit.
To select all profile types, select the checkbox next to the PROFILE TYPES header.
-
Select the ellipsis icon next to the Actions header to display the available actions.
-
Archive - Deactivates the selected profile types and moves them to the Archived tab.
Profile types that are in use can't be archived. You must delete or archive any items connected to this profile type before it can be deleted. A list of the items that use each profile type that can't be deleted is displayed.
-
Unarchive - Immediately activates the selected profile types and moves them to the Active tab.
- Export - Generates a .json file containing the metadata about the selected profile types. When the file has been generated, select Download to save the metadata to a local file.
-
Updating an Individual Profile Type
You can make updates to most information about a profile type.
-
Go to Admin > Lifecycle > Profile Types.
-
Select the name of the profile type you want to edit.
-
On the BASIC SETTINGS tab, make any necessary changes to the basic information for your profile type.
This includes the Name, Category, and Role Filtering fields that you configured when first creating this profile type.
You can also configure several additional fields:
- Id label - The label that should be used for the unique technical ID for each profile in this profile type.
- Show profile id in header - Whether to display the value of the ID on each profile in this profile type.
If you have previously created a profile type without a category, you must assign it a category before you can save changes to your profile type.
-
In the PROFILE NAMING tab, edit how the name attribute is configured as described Creating a Profile Type.
-
In the DUPLICATE PREVENTION tab, enter an error message in the Error message field to display when users attempt to create a duplicate profile in this profile type.
-
In Allow user to bypass?, select whether the user creating the profile can create it even if Non-Employee Risk Management detects that the new profile might be a duplicate.
-
In the Add attributes field, choose one or more attributes that Non-Employee Risk Management should use to check for duplicate profiles. When you add an attribute in this field, it appears in the Duplication protection field.
-
In the PERMISSIONS tab, edit the permissions for this profile type as described in Creating a Profile Type.
-
Select save.
Documentation Feedback
Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.