Category Archives: BCV

New release CzechIdM 7.7.0 – Garnet is out

Here comes a new stable version of CzechIdM called Garnet. Big milestone feature is new automatic roles by attribute.

Automatic role by attribute

The role can be linked with value in attribute (value can be stored in Identity, Identity extended attribute, Contract and Contract extended attribute). That role is assigned to and removed from a user based on the value in the specific attribute. Recalculating of this automatic roles is done after saving identity, identity extended attribute attributes, contract and contract extended attribute attributes. All necessary attributes that defined automatic role by attribute are defined by agenda “Automatic role by attribute”.

Continue reading

CzechIdM 7 – product description

CzechIdM 7 is the latest generation of the identity manager, which administers over 3 million user accounts in not only Czech companies. Our experience from managing identities of our existing customers has been used during its development. This version is the answer to requests of users, administrators, and developers.

Check out our online demo at and see our precious.

Continue reading

New release of CzechIdM 7.4 – Diamond

Main milestones:

Virtual systems are supported

A virtual system is a system, that can not be directly connected for online management. The reason may be for example the absence of a suitable system connector. The virtual system is basically only a registration mode, where for each system change is generated the implementation request (notification) that is assigned to the particular implementer. This implementer must ensure that the change is made to the target system.

Continue reading

Pozvánka na workshop „Identity Management a GDPR“

Zveme Vás na workshop zabývající se problematikou Identity Managementu (IDM) vzhledem ke směrnici GDPR.

Téma: Identity Management a GDPR
Kdy: 14.11.2017 v 9:00 hodin
Kde: BCV solutions s. r. o., 7. května 1168/70, 106 00 Praha 4 – Chodov, 149 00
Workshop je bezplatný, počet míst je omezen. Občerstvení je zajištěno. Pdf pozvánka.

Continue reading

Virtual systems

Imagine a situation when you need to manage accounts in systems, but it does not make sense to connect these systems to IdM for direct management. Then you have the function of “Virtual Systems”. How does it work?
To create, change (e.g. assign rights), or delete accounts on a virtually connected system CzechIdM will instruct the administrator via email to do that . The administrator of the virtual system will make the changes and then confirm it in the CzechIdM.

Continue reading

CzechIdM 7 – popis produktu

CzechIdM 7 je nejnovější generací identity manageru, který v českých společnostech spravuje přes 3 milióny účtů osob. Při vývoji byly využity zkušenosti z praxe při správě identit u našich stávajících zákazníků. Do této verze byly promítnuty požadavky uživatelů, administrátorů i vývojářů.

Podívejte se na online demo na adrese a posuďte, jak moc se nám to povedlo.

Continue reading

Release 7.3 is a third public version of CzechIdM code-named Citrine.

Release 7.3 is one of the major milestones with many important features.

Main millstones:

  • User-configurable data permissions (Identity and Role).
    • Authorization policies could be assigned to standard roles. Policy evaluates permissions, what currently logged user can do with domain objects.
  • Remote connector server is supported now.
    • From now, we support an external server connector. Therefore, you are not only bound to the connectors that are supplied with the basic product. So you can use outside the base table, csv and LDAP connector for example, Active Directory, or Google Apps. You can also use secured login and password to connect to the server.
  • New version of synchronization (Identity, Role, Trees).
    • Now, we are able to synchronize new objects to/from CzechIdM – Roles and Tree structures. Thus we are e.g. able to automatically synchronize groups from MS Active Directory to CzechIdM as well as define those object in CzechIdM and provide the data to MS AD. Synchronizing trees effectively allows CzechIdM to fetch company structure, store it in CzechIdM and provide the data to the end system like LDAP.
  • Automatic roles on organization tree.
    • Identity gets role automatically by their work position. Automatic roles can be propagated recursively through the tree structures (up, down).
  • Bulk change of identity permissions in one request.
    • Now the user can ask to change their permissions in one package (request). This package goes on as a whole through the approval process and as a whole is also applied. This approach allows for greater integrity of accounts between CzechIdM and end systems.
  • Password policy management.
    • Password Policies allow us to set up a set of rules to improve security by users who may be forced to set up strong passwords and use them correctly. We distinguish the use of small, large characters, figures and special characters. We also support the minimum and maximum character limit settings. We also added enhanced password control, for example similarity with user attributes.
  • Flyway scripts integrated.
    • After enabling Flyway scripts, database migration is easy. Your database will be setup for first time exactly as it needs a system CzechIdMng. Moving to a newer version will be very easy with scripts.
  • Registrable filters
    • Custom module can register new filters on core endpoins for roles and identities. Identity can be found be by newly added criteria.
  • Forest index integrated.


Download snapshot (from Nexus): idm-app.war

Citrine: (Citrine is a variety of quartz whose color ranges from a pale yellow to brown due to ferricimpurities.) Foto


Released CzechIDM 7.0 Beryl – Second public version of new CzechIdM devstack

Main milestones:

  • Frontend and backend modularity.
  • Spring event model implemented.
  • New version of account management.
  • New version of provisioning.
  • EAV froms implemented for every identity and connector configuration.
  • Secured Groovy script implemented.
  • Confidential storage api.


Enjoy. :-)