Customizing the scope of user lists for tasks
You can customize the definition of a task to limit the list of users that are displayed in the task. The definition can limit the list to include only the users that are relevant for the current Identity Manager Service Center user.
Before you begin
Customizing Identity Manager Service Center files (Software stack )
Customizing Identity Manager Service Center files (Virtual appliance ) for specific details of where
these files are located. Contact your system administrator if you do not have the necessary
permissions.About this task
Virtual appliance Use
the following sections to work with the configuration files or the configuration properties from the
Identity Manager virtual appliance console:- To edit, download or upload, a custom file, see Managing custom files.
- To edit or upload a property file, see Managing the server properties.
The home page and page header menus of the Identity Manager Service Center display tasks that the user is allowed to perform. Some tasks, such as the Request Access task, involve the selection of one or more users from a list. For some organizations, this list of users can be large.
You can customize the definition of tasks so that the user list shows only the users that are relevant for the current Identity Manager Service Center user. For example, you might want the list of users to be restricted to only those users in the department that is managed by the current user.
"SVCENTER_REQUEST_ACCESS": {
"actionType": "CreateFlow",
"urlHash":"requestAccess",
"properties": {
"widgetPath":
"com/ibm/isim/ui/util/uiflow/requestaccess/RequestAccessFlow",
"widgetArgs": { "personFilterId": "" }
}
},The properties section contains a
widgetArgs field that defines a list of JavaScript variables that are passed to
the task when it is launched. The value of the personFilterId variable
specifies the filterId. The filterId is configured in the
custom/rest/searchfilter.json file. This filter is used by the task when it
looks for users that are relevant to the current Identity Manager Service Center user. The value can be customized to suit the
needs of your organization by modifying the attribute baseFilter for the
configured filterId in the custom/rest/searchfilter.json file.
For example, see Filter configuration for REST search services.
Procedure
- Software stack Create a custom copy of the
config/ActionDefinition.json file.
- Virtual appliance Download a copy of the
ActionDefinition.json file.
- Locate the section of this file that describes the launch information for the task to be customized, such as SVCENTER_REQUEST_ACCESS.
- Modify the value of the personFilterId variable of the
widgetArgs field in the properties section to specify the
filterIdfor the user list in the task. - Software stack Save and close the file.
- Virtual appliance Upload the modified file.
- Virtual appliance Restart the Identity Manager application to make the changes
effective.
Results
What to do next
You can verify the change immediately in a single-server WebSphere® Application Server environment. In a
managed-cluster environment, you must wait until after the configuration is synchronized to the
application servers in the cluster. For information about synchronizing the WebSphere
managed-cluster environments, see the WebSphere product documentation at https://www.ibm.com/support/knowledgecenter/SSAW57_8.5.5/as_ditamaps/was855_welcome_ndmp.html. Log in to the Identity Manager Service Center and
verify that the user scope reflects the customizations that you made.
In a managed-cluster environment, you must wait until after the
configuration is synchronized to the application servers in the cluster. For information about
synchronizing, see Synchronizing a member node with a primary node. Log in to the Identity Manager Service Center and verify that the
scope reflects the customizations that you made.