{"type":"doc","content":[{"type":"table","attrs":{"layout":"default","localId":"f26fe6d3-929d-4b23-b1bb-44b5b7f93c82"},"content":[{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[380.0]},"content":[{"type":"heading","attrs":{"level":2},"content":[{"text":"Introduction To Attribute Flow","type":"text"}]},{"type":"paragraph","content":[{"text":"Attrbiute Flow, is the key processes of identity management which enables to have updated identity data across all your systems. Attribute flow rules define what attribute changes in any connected system (Source), triggers changes in EmpowerID person object and subsequently on other managed systems (Subscriber) the person has account in. For e.g., Job title, EmployeeID is updated in HR system and you want this information to be updated in outlook address, Attribute flow will automate the process .","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Attribute Flow is a flexible process that is used to detect changes that occur to a managed identity by comparing the attributes of each EmpowerID Person object with the attributes of each user account that has been joined to those Person objects.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"As you understand the Person object is the main identity in EmpowerID system, you can set Attribute Flow rules to update EmpowerID person, EmpowerID can evaluate flow and makes updates in the Identity Warehouse and other external systems. When attribute changes are detected for an attribute configured to flow, EmpowerID flags the account and processes those changes, issuing commands to update any affected attributes in either the EmpowerID Identity Warehouse (metadirectory) or the connected account store, depending on the origin of the change.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If the changes occurred through actions originating in an Account Store, EmpowerID retrieves those changes and records them in the Identity Warehouse, where they are evaluated and either used to update the Identity Warehouse or discarded as appropriate.","type":"text"}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[380.0]},"content":[{"type":"paragraph"},{"type":"extension","attrs":{"layout":"default","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"easy-html-macro","parameters":{"macroParams":{"theme":{"value":"{\"label\":\"solarized_dark\",\"value\":\"solarized_dark\"}"},"contentByMode":{"value":"{\"html\":\"

\\r\\n

About Attribute Flow

\\r\\n

\\r\\n \\r\\n

\\r\\n

Attribute Flow Configuration

\\r\\n

\\r\\n \\r\\n

\\r\\n

Attribute Flow Rules

\\r\\n

\\r\\n \\r\\n

\\r\\n\",\"javascript\":\"\",\"css\":\"@import 'https://fonts.googleapis.com/css?family=Lato';\\r\\n\\r\\n\\r\\nbody {\\r\\n\\t\\r\\n\\tfont-family: 'Lato';\\r\\n}\\r\\n\\r\\narticle{\\r\\n\\tbackground: #343436;\\r\\n\\twidth: 80%;\\r\\n\\ttext-align: center;\\r\\n\\tpadding: 30px 5%;\\r\\n\\tbox-sizing: border-box;\\r\\n\\tbox-shadow: 0 0 21px 0px rgba(0,0,0,0.3);\\r\\n\\tborder-radius: 10px;\\r\\n\\tmargin-left: 40px;\\r\\n}\\r\\n\\r\\n.cont h3{\\r\\n\\tfont-family: 'Lato';\\r\\n\\tfont-size: 25px;\\r\\n\\tmargin: 0 0 10px 0;\\r\\n\\tcolor: #ccc;\\r\\n}\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n}\"}"},"__bodyContent":{"value":""}},"macroMetadata":{"macroId":{"value":"91a3a62a-fd02-4369-a1f3-b32db6607a20"},"schemaVersion":{"value":"1"},"placeholder":[{"type":"icon","data":{"url":"https://macrosuite-production.web.app/img/EasyHtml.svg"}}],"title":"Easy HTML (by MacroSuite)"}},"localId":"8b2d2212-5d57-41b5-a245-36fea7bceaeb"}}]}]}]},{"type":"table","attrs":{"layout":"default","localId":"09ff3797-6db4-4abe-90c0-59a248f1919e"},"content":[{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[381.0]},"content":[{"type":"heading","attrs":{"level":2},"content":[{"text":"Flow Rules – Weighting and Scoring (Data Quality)","type":"text"}]},{"type":"paragraph","content":[{"text":"There might be conflicts within the flow rules when same attribute might have been configured to be updated from two or multiple systems. To resolve this issue when multiple systems might be providing different values of the same attribute for a EmpowerID Person and there is a conflict, you can use the weighting technique to resolve the conflict automatically.","type":"text"}]},{"type":"mediaSingle","attrs":{"layout":"center","width":50.0},"content":[{"type":"media","attrs":{"width":924,"id":"976b9434-4b96-4640-8f0e-8961f4094545","collection":"contentId-2387741036","type":"file","height":75}},{"type":"caption","content":[{"text":"Attribute Flow Rule for Email Attribute","type":"text"}]}]},{"type":"paragraph","content":[{"text":"Higher the value, higher the precedence , you will have to set the score to the highest in the account store that is authoritative for that particular attribute. ","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Create Score ","type":"text","marks":[{"type":"strong"}]},{"text":"– In the event of conflicting create actions for a attribute from 2 separate accounts, this weighting determines which account attribute value will take precedence if the current person attribute is null","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Update Score ","type":"text","marks":[{"type":"strong"}]},{"text":"- In the event of conflicting updates from 2 separate accounts into the same attribute, this weighting determines which account attribute value will take precedence if the current person attribute has a value. This score determines value from which system would be selected when there is an update ","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Delete Score ","type":"text","marks":[{"type":"strong"}]},{"text":"– In the event that an attribute value from one account store has a value in it and another has a null value, this weighting determines if the value should be nulled or not. If the account store with the null value has a higher weighting, then the attribute will be nulled. Otherwise, it will be left alone.","type":"text"}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[379.0]},"content":[{"type":"paragraph"},{"type":"extension","attrs":{"layout":"default","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"easy-html-macro","parameters":{"macroParams":{"theme":{"value":"{\"label\":\"solarized_dark\",\"value\":\"solarized_dark\"}"},"contentByMode":{"value":"{\"html\":\"

\\r\\n

Attribute Scoring

\\r\\n

\\r\\n \\r\\n

\\r\\n\",\"javascript\":\"\",\"css\":\"@import 'https://fonts.googleapis.com/css?family=Lato';\\r\\n\\r\\n\\r\\nbody {\\r\\n\\t\\r\\n\\tfont-family: 'Lato';\\r\\n}\\r\\n\\r\\narticle{\\r\\n\\tbackground: #343436;\\r\\n\\twidth: 80%;\\r\\n\\ttext-align: center;\\r\\n\\tpadding: 30px 5%;\\r\\n\\tbox-sizing: border-box;\\r\\n\\tbox-shadow: 0 0 21px 0px rgba(0,0,0,0.3);\\r\\n\\tborder-radius: 10px;\\r\\n\\tmargin-left: 40px;\\r\\n}\\r\\n\\r\\n.cont h3{\\r\\n\\tfont-family: 'Lato';\\r\\n\\tfont-size: 25px;\\r\\n\\tmargin: 0 0 10px 0;\\r\\n\\tcolor: #ccc;\\r\\n}\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n}\"}"},"__bodyContent":{"value":""}},"macroMetadata":{"macroId":{"value":"97ae0def-4e1d-4979-80b2-9f687e2efae9"},"schemaVersion":{"value":"1"},"placeholder":[{"type":"icon","data":{"url":"https://macrosuite-production.web.app/img/EasyHtml.svg"}}],"title":"Easy HTML (by MacroSuite)"}},"localId":"9b1a41f0-c846-4daa-99b3-d8fa205d2e76"}}]}]}]},{"type":"table","attrs":{"layout":"default","localId":"942fd105-80b3-451f-aa21-dfe25bf0d6d0"},"content":[{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[381.0]},"content":[{"type":"heading","attrs":{"level":2},"content":[{"text":"Inventory and Attribute Flow","type":"text"}]},{"type":"mediaSingle","attrs":{"layout":"center"},"content":[{"type":"media","attrs":{"width":522,"id":"b9ba3f8b-7ccb-4553-81b8-c966fe744212","collection":"contentId-2387741036","type":"file","height":578}}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Step A1 -","type":"text","marks":[{"type":"strong"}]},{"text":" The EmpowerID Worker Role service calls the Inventory Job for the HR System account store.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Steps A2, A3, and A4 ","type":"text","marks":[{"type":"strong"}]},{"text":"- The EmpowerID Worker Role service evaluates the accounts, discovering the change to the Job Title attribute by comparing the attributes of the returned accounts with the corresponding attributes of those same user accounts currently in the Account table of the EmpowerID Identity Warehouse.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Step A5 and A6 ","type":"text","marks":[{"type":"strong"}]},{"text":"- The change to the Job Title attribute is pushed to the Attribute Inbox, which is based on the configuration of the Attribute Flow rules which either updates the Job Title attribute for the linked EmpowerID Person object in the Person table of the EmpowerID Identity Warehouse or ignores the change.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Steps A7 and A8 ","type":"text","marks":[{"type":"strong"}]},{"text":"- The change to the Job Title attribute on the EmpowerID Person is pushed to the Attribute Outbox, which flows those changes back to the EmpowerID Worker Role service.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Step B1 -","type":"text","marks":[{"type":"strong"}]},{"text":" The EmpowerID Worker Role service calls the Attribute Flow: Directory Change Processor Job , which passes the Job Title attribute change to the LDAP Management Host on the EmpowerID Agent.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Step B2 -","type":"text","marks":[{"type":"strong"}]},{"text":" The LDAP Management Host pushes the Job Title attribute change to the user account in Active Directory that is joined to the EmpowerID Person.","type":"text"}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[379.0]},"content":[{"type":"paragraph"},{"type":"extension","attrs":{"layout":"default","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"easy-html-macro","parameters":{"macroParams":{"theme":{"value":"{\"label\":\"solarized_dark\",\"value\":\"solarized_dark\"}"},"contentByMode":{"value":"{\"html\":\"

\\r\\n

Inventory and Attribute Flow

\\r\\n

\\r\\n \\r\\n

\\r\\n

Attribute Flow Handlers

\\r\\n

\\r\\n \\r\\n

\\r\\n\",\"javascript\":\"\",\"css\":\"@import 'https://fonts.googleapis.com/css?family=Lato';\\r\\n\\r\\n\\r\\nbody {\\r\\n\\t\\r\\n\\tfont-family: 'Lato';\\r\\n}\\r\\n\\r\\narticle{\\r\\n\\tbackground: #343436;\\r\\n\\twidth: 80%;\\r\\n\\ttext-align: center;\\r\\n\\tpadding: 30px 5%;\\r\\n\\tbox-sizing: border-box;\\r\\n\\tbox-shadow: 0 0 21px 0px rgba(0,0,0,0.3);\\r\\n\\tborder-radius: 10px;\\r\\n\\tmargin-left: 40px;\\r\\n}\\r\\n\\r\\n.cont h3{\\r\\n\\tfont-family: 'Lato';\\r\\n\\tfont-size: 25px;\\r\\n\\tmargin: 0 0 10px 0;\\r\\n\\tcolor: #ccc;\\r\\n}\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n}\"}"},"__bodyContent":{"value":""}},"macroMetadata":{"macroId":{"value":"b0dfc0c3-25f0-4bbd-bac7-7eba92d72141"},"schemaVersion":{"value":"1"},"placeholder":[{"type":"icon","data":{"url":"https://macrosuite-production.web.app/img/EasyHtml.svg"}}],"title":"Easy HTML (by MacroSuite)"}},"localId":"f803efcf-177c-4b0f-aa9c-3057680a362f"}}]}]}]},{"type":"paragraph","content":[{"text":"The diagram below provides an overview of the Attribute flow rules and relationships between accounts, person identities, and core identities.","type":"text"}]},{"type":"mediaSingle","attrs":{"layout":"center","width":65.0},"content":[{"type":"media","attrs":{"width":725,"id":"5a367b06-680c-4869-9b15-f313ed4649e8","collection":"contentId-2387741036","type":"file","height":390}}]},{"type":"paragraph","content":[{"text":" ","type":"text"},{"text":"Step1","type":"text","marks":[{"type":"strong"}]},{"text":" – The Attribute Flow engine evaluates the attribute flow rules including directionality and weighting to determine what attributes need to be updated to the Person record from the account records joined to the Persson along with which attributes should be exported for updates to the account.","type":"text"}]},{"type":"paragraph","content":[{"text":"Step 2","type":"text","marks":[{"type":"strong"}]},{"text":" – The Person record is updated with the resulting set of attribute values determined by the attribute flow engine. Export files are created with any attribute values that need to be updated in the native system accounts.","type":"text"}]},{"type":"paragraph","content":[{"text":"Step 3","type":"text","marks":[{"type":"strong"}]},{"text":" – The Attribute Flow engine evaluates the attribute flow rules including directionality and weighting to determine what attributes need to be updated to the Core Identity record from the Person records joined to the Core Identity along with which attributes should be exported for updates to the account.","type":"text"}]},{"type":"paragraph","content":[{"text":"Step 4","type":"text","marks":[{"type":"strong"}]},{"text":" – The Core Identity record is updated with the resulting set of attribute values determined by the Attribute Flow engine. The Person objects are updated with any attribute values that need to be updated based on the flow rules.","type":"text"}]},{"type":"paragraph","content":[{"text":"Step 5","type":"text","marks":[{"type":"strong"}]},{"text":" – An API call is made to update an account record for an existing account. Attribute updates continue normally.","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Attribute Flow Demo","type":"text"}]},{"type":"rule"},{"type":"embedCard","attrs":{"layout":"center","originalHeight":480.0,"width":50.0,"url":"https://youtu.be/NKMelV8df8g","originalWidth":853.34}},{"type":"paragraph"},{"type":"paragraph","content":[{"text":" ","type":"text"}]},{"type":"paragraph"},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Related Docs Topics:","type":"text"}]},{"type":"paragraph","content":[{"type":"inlineCard","attrs":{"url":"https://dotnetworkflow.jira.com/wiki/spaces/EAGV21/pages/1446549396"}},{"text":" ","type":"text"}]},{"type":"paragraph","content":[{"type":"inlineCard","attrs":{"url":"https://dotnetworkflow.jira.com/wiki/spaces/EAGV21/pages/1446555690"}},{"text":" ","type":"text"}]},{"type":"paragraph","content":[{"type":"inlineCard","attrs":{"url":"https://dotnetworkflow.jira.com/wiki/spaces/EAGV21/pages/1446553176"}},{"text":" ","type":"text"}]}]},{"type":"paragraph","content":[{"type":"inlineExtension","attrs":{"extensionType":"com.atlassian.confluence.macro.core","extensionKey":"excerpt-include","parameters":{"macroParams":{"":{"value":"IL:External Stylesheet"},"nopanel":{"value":"true"}},"macroMetadata":{"macroId":{"value":"5bb78be2-bc6b-4ff5-bea9-3e40f49e80af"},"schemaVersion":{"value":"1"},"title":"Excerpt Include"}},"localId":"12f08190-da50-4f08-8925-cf6e4711fc17"}}]},{"type":"extension","attrs":{"layout":"default","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"easy-html-macro","parameters":{"macroParams":{"theme":{"value":"{\"label\":\"solarized_dark\",\"value\":\"solarized_dark\"}"},"contentByMode":{"value":"{\"html\":\"\\r\\n\\r\\n\\r\\n\\r\\n\",\"javascript\":\"\",\"css\":\"\"}"},"__bodyContent":{"value":""}},"macroMetadata":{"macroId":{"value":"89e85366-8e6e-4c2a-8e70-e7bbd15a995e"},"schemaVersion":{"value":"1"},"placeholder":[{"type":"icon","data":{"url":"https://macrosuite-production.web.app/img/EasyHtml.svg"}}],"title":"Easy HTML (by MacroSuite)"}},"localId":"dc4d99d8-28d1-484f-a581-34463cb5b464"}}],"version":1}

Browser not supported