On-Site EmpowerID Admin Training Sessions

EmpowerID Critical Concepts

• Core Identity/Person/Account

• Authentication

• Security/RBAC

• Platform Architecture

• External Systems/Account Stores

EmpowerID System Architecture

• EmpowerID Platform Architecture Overview

• EmpowerID Servers

• EmpowerID Database

• Server Roles

• Jobs and Services

• Permanent Workflows

Using the EmpowerID Web User Interface

• Logging into EmpowerID

• Persona Switching

• Navigating the Web UI

• Dashboard

 Managing IT Resources in EmpowerID

• ViewOne page

• EditOne page

• Person

• Account

• Group

Session Two – EmpowerID Concepts

Connecting to External Systems

• Connector overview - OOB versus Custom Connectors

• Account Stores and Resource Systems Overview

• Connecting to AD

• Creating a Universal Flat File connector

Identity Lifecycle Processing

• Account inbox processing

• External Roles and Locations

• Dynamic Hierarchy for Roles/Locations

• Role and Location Mapping

• Provisioning Policies (RET)

• Attribute Flow Rules

• Default Attribute Policies

• Joiner Processing

• Mover Processing

• Leaver Processing

EmpowerID Security Model

• Traditional RBAC versus EmpowerID RBAC Model

• RBAC/TRBAC Overview

• Security Components (management roles, Access Levels, Operations)

• Creating and using Query Based Collections

• Configuring Access Management in EmpowerID (RBAC Pyramid)

• Approval Flow Policies

• Access Request Policies

 Visibility Filtering

• Visibility Restriction Policies

• Data Filters

Practical RBAC Configuration

• RBAC Assignment/Scope Types – BRL, Group, QBC, MR, Location

• Creating/Managing Management roles and assignments

• RBAC Strategy, Building a coherent RBAC architecture

• EmpowerID Business Roles and Locations

• When to use Business Roles versus Management roles

• Practical Persona Example

 Password Management

• Password Policies

• Password Self Service workflows and processes

EmpowerID Security Model

• Approval Flow Policies

• Access Request Policies

• Creating and using Query Based Collections

 Visibility Filtering

• Visibility Restriction Policies

• Data Filters

Password Management

• Password Policies

• Password Self Service workflows and processes

Session 1 – Approval and Access Request Policies

Session 2 – Data Filters, Query-Based Collections, and Password Policies

Self-Service / IAM Shop

• IAM Shop Overview

• Requesting Resources

• My Resources

• Managing Resources through IAM Shop

 Birthright Access Configuration

• Process Flow

• Provisioning Policies – Account provisioning

• Role/Location assignments

• Management Role assignments

• Group access Assignments

• Dynamic Hierarchy for groups and management roles

• Processing jobs

 Miscellaneous system configuration

• Localized text, emails, and email configuration

• Workflow Parameters

• Noun Verb UI Actions

• Global system settings

• Audit Logs and Troubleshooting

Session 1 – Birthright Access Configuration and Miscellaneous Configuration

Session 2 – Eligibility, Notifications, Localization, Nouns, Verbs and UI Actions, Audit Logging