You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.
Skip to end of banner
Go to start of banner

Group Membership Type Recertification Policy

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Recertification policies are policies that you add to audits to generate recertification review tasks for the access assignments given to people, roles, groups, and Query-Based collections. The group membership recertification policy is used to certify group membership, including user and nested groups. Possible decisions are: certify, revoke or convert to just-in-time membership(pre-approved). In this post, we will create a group membership type recertification policy and add a target to it.

Create a Group Membership Type Recertification Policy

  1. Log in to the EmpowerID web application as an auditor or other person with the ability to configure audits.

  2. On the navbar, expand Compliance and select Recertification.

  3. On the Recertification page, select the Recertification Policies tab.

  4. Then click + icon to create a new Recertification Policy

  5. The policy details page opens up.

  6. Select policy type as ‘Group Membership.’ Enter any name, display name, and description.

  7. Click on Save.


    Add the target type “Location” to the policy created

  8. Click on the '+' icon at the bottom of the policy details page to add the target.

  9. The attestation policy target section opens up.

  10. Under the type dropdown, select ‘Location.’

  11. Under the select a location dropdown, search for a location and select it.

  12. Click on Save.


    Add the target type “Group” to the policy created

  13. Click on the '+' icon at the bottom of the policy details page to add the target

  14. The attestation policy target section opens up.

  15. Under the type dropdown, select ‘Group.’

  16. Under the enter, a group name to search dropdown, search for a group, and select it.

  17. Click on Save.


    Add the target type “Management Role” to the policy created

  18. Click on the '+' icon at the bottom of the policy details page to add the target

  19. The attestation policy target section opens up.

  20. Under the type dropdown, select ‘Management Role.’

  21. Under the enter a management role name dropdown, please search for a management role and select it.

  22. Click on Save.


    Add the target type “Set Group” to the policy created

  23. Click on the '+' icon at the bottom of the policy details page to add the target

  24. The attestation policy target section opens up.

  25. Under the type dropdown, select ‘Set Group.’

  26. Under the enter a query-based collection name to search dropdown, please search for a query and select it.

  27. Click on Save.

  28. The group membership recertification policy type with various target types is created as below.

Next Steps

  • No labels