Versions Compared

Old Version 2

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version 3

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

In this exercise, you will put into practice what you have learned from this course and create the appropriate Eligibility and Approval Flow policies to successfully complete the four scenarios described below. In order to complete all the scenarios, you will need to fulfill the following prerequisitesprerequisite tasks:

...

Prerequisite Tasks

  1. Create seven Person identities and assign each to the Temporary Role in Temporary Location Business Role and Location:

    • User A

    • User B

    • User C

    • User D

    • A Manager for both User A and User B

    • A manager for both User C and User D

    • A person that can be chosen by the manager of User C as a delegate for approvals that require a response from User C’s manager

    • A Manager for User C

    • An Application Role Approver for the group

  2. Assign all seven Person identities to the IT Shop, MY Tasks, and My Identity Self-Service Full Access Management Role. This grants each user the ability to access the IT Shop, My Tasks, and My Identity applications.

  3. Create a generic groupand do the following:

    • Assign as the Application Role Approver the person you created above for that role

    • Grant User A and User B the Eligible eligibility type to the group as a resource

    • Grant User C the PreApproved eligibility type to the group as a resource

  4. Create two Approval Steps

    • The first with an Approval Resolver Rule that creates an approval task for the manager of the person initiating a business request

    • The second with an Approver Resolver Rule that creates an approval task for the resource owner

  5. Create an Approval Flow Policy and add both of the above Approval Steps to the policy. Be sure the precedence for the steps is correct.

  6. Create an Access Request Policy and add the Approval Flow Policy to it.

  7. Configure the Item Type Action for adding someone to a group with the Access Request and Approval Flow policies created above. The name of the Item Type Action for this is ADDPersonApplicationRoleResourceRole.

...

User D logs in to the IT Shop and submits a request for membership in the same group. EmpowerID fulfills the request without requiring any human approval.When you have completed the exercise, In the exercise, you will create the takes you through the process of provides the opportunity for you to implement what you have learned in both this course and the EmpowerID IGA Core course by creating the necessary components in EmpowerID related to compliant self-service access. eligibility and approval flow policies related to requesting access to resources in EmpowerID. For this exerciseTo complete the exerciserequired for users to request access to resources and have that request flow through the appropriate approval process to

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue