Managing EIM associations

EIM allows you to create and manage two kinds of associations, which define direct or indirect relationships between user identities: identifier associations and policy associations. EIM allows you to create and manage identifier associations between EIM identifiers and their user identities, which allow you to define indirect, but specific, individual relationships between user identities.

EIM also allows you to create policy associations to describe a relationship between multiple user identities in one or more registries and an individual target user identity in another registry. Policy associations use EIM mapping policy support to create many-to-one mappings between user identities without involving an EIM identifier. Because both types of associations define relationships between user identities in an enterprise, managing associations is an important element in managing EIM.

Maintaining the associations within a domain is key to simplifying the administrative tasks required to keep track of which users have accounts on the various systems in the network. You need to keep identifier associations and policy associations current when you implement a secure single sign-on network.

You can perform the following management tasks for associations: