Configuring IdentityNow for Provisioning
Use IdentityNow Provisioning to onboard new users faster, track user employment status, and adjust each user's access accordingly. And because you configure provisioning one time for multiple users, provisioning can greatly reduce the possibility for human error and make your job easier.
It's critical that you consider the specific needs of your organization to determine how to configure provisioning to meet those needs. Before you begin, ensure all prerequisites have been met. Reach out to your Customer Success Manager (CSM) if you have questions.
- Provisioning is deployed for your org.
- You have IdentityNow org-level admin permissions.
- Foundation data is in place.
Always test new configurations in your IdentityNow sandbox before going live on your production system.
To set up IdentityNow Provisioning, configure, but do not enable, the following:
- Access profiles for each source, to ensure the new account reflects the appropriate IdentityNow data.
- Lifecycle states, to automatically grant access based on their employment status in the company.
- Roles, to provide access to applications and sources based on job function.
- Access requests (if you have the Access Request service), to enable users to request application and other access. Users automatically receive access after approval.
- Attribute sync, to synchronize account data on sources with the new data on IdentityNow.
After you’ve tested your configuration in your sandbox environment, and have confirmed that everything works as expected, you can enable the new configurations:
- Go to Admin > Identities > Identity Profiles.
- Select the identity profile you've been working from for this configuration.
- Select the Provisioning tab.
- Select the newly configured lifecycle state.
- Select Provisioning State > Enabled.
- Click Save.