Configuring IdentityNow for Provisioning
Use IdentityNow Provisioning to onboard new users faster, track user employment status, and adjust each user's access accordingly. And because you configure provisioning one time for multiple users, provisioning can greatly reduce the possibility for human error and make your job easier.
It's critical that you consider the specific needs of your organization to determine how to configure provisioning to meet those needs. Before you begin, ensure all prerequisites have been met.
- Provisioning is deployed for your org.
- You have IdentityNow org-level admin permissions.
- Foundation data is in place.
Always test new configurations in your IdentityNow sandbox before going live on your production system.
To set up IdentityNow provisioning:
- Review and update the provisioning policy for each source you want to provision to. The provisioning policies define how IdentityNow provisions to each source.
- Create access profiles to represent bundles of access in your organization. The access profiles ensure new accounts have the correct access.
- Configure any or all of the following provisioning methods, based on your site’s needs. Do not enable these configurations until you have tested them in your sandbox environment.
- Attribute sync, to synchronize account data on sources with the new data on IdentityNow.
- Lifecycle states, to automatically grant access based on users' employment status in the company.
- Roles, to provide access to applications and sources based on users' job functions.
- Access requests, if you have the Access Request service, to enable users to request application and other access. Users automatically receive access after approval.
- After you’ve tested each of your provisioning methods in the sandbox, enable them in production on the configuration page for each method.