Identity lifecycle processes in CzechIdM 7

Everyone knows that an identity manager automatically handles access rights of users in connected systems. But how does it do that? CzechIdM 7 comes with a set of default processes that do the job. What are they about you will find out in the article.

Standardized processes

CzechIdM contains standardized lifecycle processes management for identities.

Default processes which provide basic automatic management of identities are:

  • Enabled contract – enable identity when its contracted position starts,
  • End of contract – remove roles, disable identity if last contracted position ends,
  • Contract exclusion – disable identity if contract is disabled, e.g. user started maternity leave.

Scheduling a process

All processes are implemented as long running tasks and operated by workflows. Thus:

  • its start can be easily scheduled in LRT agenda,
  • its progress and status can be overseen,
  • its history is audited in workflow history agenda,
  • new processes can be implemented and deployed easily.

Processes and organization structure

Except processes mentioned before you should know that

  • assignment,
  • change and
  • removal

of identity to/from work position (organization structure) is also supported in CzechIdM. It is managed by automatic roles feature.

Implementation of standard processes can be enhanced as well as new processes can be added to CzechIdM.

Read more

More details about HR processes in CzechIdM are in a section Identity lifecycle processes of Administrator’s guide. If you have any questions or comment feel free to comment on redmine, github or email me on marcel.poul@bcvsolutions.eu. Also join our google group to keep in touch with CzechIdM news.

Leave a Reply