...
▪️ Onboard Group – Wizard workflow for onboarding groups with different options for choosing group members and eligibility of pre-approved members. This workflow consists of seven steps, with two being based on the current user’s selections. These steps are configurable via workflow parameters.
Expand | ||
---|---|---|
| ||
|
...
▪️ Manage Your Identity Wizard – Provides a wizard with options to manage identity. This wizard workflow provides Delete MFA device, Enroll for Q&A password reset, Change my password, Edit my profile, Register an MFA authenticator options to manage a user’s identity.
▪️ Login Assistance Wizard Workflow – Presents a wizard with options to assist a person that is having trouble logging in. This wizard workflow provides Send an Azure Temporary Access Pass, Send EmpowerID One-Time Password, Send magic link invitation to change password, Reset Azure MFA for a user to unblock them, Unlock person from Q&A reset, Unenroll a person from Q&A password reset, Unlock a person, and their user accounts options to assist a user to login.
▪️ Manage Account Wizard Workflow – Presents a wizard with options to manage accounts for any mailbox type (User, Shared, Room, Equipment). This workflow can update Mailbox Attributes and SMTP Addresses. Onboard Account – Wizard workflow for onboarding person and non-person technical user accounts with options for vaulting a personal or non-personal credential for the account during the onboarding process. Contextual options are shown to the user depending on the type of account selected.
▪️ Onboard Mailbox – Wizard workflow for onboarding shared, room, or equipment mailboxes with options for publishing the mailbox in the IAM Shop, adding the mailbox to groups, configuring eligibility for requesting access to the mailbox (when published in the IAM Shop), and Access Request settings that direct the approval flow process for when users request access.
...
▪️ Onboard Credential – Wizard workflow for onboarding various types of credentials with options for configuring Access Request settings that control check-out and check-in process as well as eligibility settings for who may request the credential from the IAM Shop. The wizard contains steps for assigning owners and deputies as well as an optional step for assigning the credential to a computer for PSM.
...
▪️ Onboard Computer – Wizard workflow for onboarding computers with options for publishing the computer in the IAM Shop, configuring eligibility for the computer (when published in the IAM Shop), configuring Access Request settings that control approval flow for the computer, as well as options for enabling Privileged Session Management (PSM) and linking PSM credentials to the computer.
...
▪️ Onboard Management Role – Wizard workflow for onboarding Management Roles with options for selecting role type, parent Management Role Definition, IAM Shop publication, and nested roles.
...
Additional Wizard Workflows
▪️ Manage Your Identity Wizard – Wizard workflow with options for users to manage various aspects of their identity to include the following:
✔️ Delete an MFA authenticator
✔️ Enroll for Q&A password reset
✔️ Manage account recovery contacts
✔️ Change their password
✔️ Edit their profile
✔️ Register an MFA authenticator
▪️ Login Assistance Wizard Workflow – Presents a wizard with options to assist a person that is having trouble logging in. This wizard workflow provides Send an Azure Temporary Access Pass, Send EmpowerID One-Time Password, Send magic link invitation to change password, Reset Azure MFA for a user to unblock them, Unlock person from Q&A reset, Unenroll a person from Q&A password reset, Unlock a person, and their user accounts options to assist a user to login.
▪️ Login Assistance Self-Service Wizard Workflow – Accessible by clicking the Login Assistance Workflow link on the login page, this wizard workflow helps users having the following login issues:
Login Issue | Solution |
---|---|
Forgot password to Azure or are locked out of Azure | Send an Azure Temporary Access Pass (TAP) to the user |
Forgot password to EmpowerID or are locked out of EmpowerID | Reset person and account passwords and unlock the user |
Can no longer do MFA to Azure due to lost phone, new email address, etc. | Reset Azure MFA by unenrolling the user’s current MFA configuration in Azure |
Can no longer do MFA to EmpowerID due to lost phone, new email address, etc. | Reset EmpowerID MFA by deleting all the user’s MFA assets and preferences |
▪️ Manage Account Wizard Workflow – Wizard workflow with options and actions for managing one or more accounts. Available actions vary depending on the selected option.
Management Options | Management Actions |
---|---|
Only One Account |
|
Multiple accounts |
|
▪️ Manage Mailbox Wizard Workflow – Wizard workflow with options and actions for managing one or more mailboxes. The wizard performs a live access check on the person running the workflow to display only the actions the person is authorized to perform against the selected mailboxes.
▪️ Self-Register Wizard Workflow – Accessible by clicking Sign Up > Partner Self-Register link on the login page, this wizard workflow helps users within a partner organization register for an account in EmpowerID. This new version of the workflow includes more advanced logic to prevent duplicate signup attempts for someone who already exists in the system and it validate the email domain and verifies that the selected OROZID exists before allowing the user to complete the self-registration process.
▪️ Create Partner Organization Workflow – Accessible by clicking Sign Up > Partner Company Registration link on the login page, this workflow has been refactored to run through the Business Request engine. Now when an organization seeks to register themselves as a partner, the system creates a Business Request of type Onboard Partner Organization with one approval step. If approved, the system fulfills the request. To support integrating the workflow with the Business Request engine, the following new features were added:
Feature (Type) | Name |
---|---|
Resource Type Operation | CreatePartner |
Approval Flow Policy | Onboard Partner Organization Policy |
Approval Flow Step | Provisioning Organization Approval |
Approval Flow Policy Step | Onboard Partner Organization Policy - Provisioning Organization Approval |
Business Request Type | Onboard Partner Organization |
New Adaptive Card Designer in Workflow Studio
...
Upgrade the Azure AD SCIM Microservice from .NET 5 to .NET 6
Improve the Azure application onboarding workflow to support additional capabilities for OIDC, Non-gallery & gallery apps
Added the ability to inventory Exchange Online mailbox-level permissions
Resource Admin Microservice
...