Creating identity feed integration

Edit online

The admin user can create a new identity feed integration to manage employee identities through a HR management system.

Before you begin

Note: Identity feed is a requestable feature, VDEV-1620. To request this feature, contact your IBM Sales representative or IBM contact and indicate your interest in enabling this capability. You can also create a support ticket if you have the permission. IBM® Verify trial subscriptions cannot create support tickets.
  • You must have administrative permission to complete this task.
  • Log in to the IBM Verify administration console as an Administrator. For more information, see Accessing IBM Verify.

Procedure

  1. Log in as an administrator on IBM Verify. Navigate to the profile icon and click Switch to admin.
  2. Select Directory > Identity feed.
  3. Click the Create identity feed button to create a new configuration.
  4. The Create identity feed wizard opens. In the Feed type sequential step, select the HR management system that needs to be configured with IBM Verify and click Next.
  5. In General setup, enter the following details:
    • Enter a relevant Name for the identity feed.
    • Add details for description
    • Checkmark the Enabled checkbox to enable the created identity feed. By default, the checkbox remains selected.
    • Select the Theme to be applied for the identity feed from the dropdown. The format of the emails that are triggered for various user operations is as defined in the selected theme. Follow the mentioned steps to create a new theme:
      • Select User experience > Branding.
      • Navigate to the notifications > profile folder under Template files in the specific theme to manage the email template for user account activities. For more information, see Managing branding.
    • Checkmark the Send email notification checkbox, so the user is notified of any activity (created, modified, or deleted) related to their account.
    • From the Delete user action dropdown, select the action to be performed on the IBM Verify user when the user is deleted from the identity system.
    • Set the Grace period (in days) after which the IBM Verify user is deleted.
      Note: The field remains disabled for Suspend user action.
  6. In Identity system details, enter the API authentication information about the endpoint in the respective fields. Click Test connection button to test the connection to the HR identity system. The connection needs to be successful to get the identity records from the HR application.
  7. In Attribute mapping, most of the standard attributes are listed in Identity feed attributes. Provide the details of custom defined attributes in the Additional attributes textbox. Map the identity feed attributes to the IBM Verify attributes as needed. Only mapped attributes data gets synced in IBM Verify user records.
  8. In User data sync, define the matching rules to look for existing user records in IBM Verify system. If the rule matches any records, then the IBM Verify user data gets updated with the data imported from target HR system.
    Specify the sync settings
    • If None is selected, then you must manually sync the user data each time.
    • If Continuous is selected, then the data is synced according to the timestamp setup in the User data sync screen.
    Note: If the first data sync includes enormous user population, it is suggested to use Upload csv and then use Continuous sync. To upload CSV, see Exporting Workday users to CSV for IBM Verify Upload for more details.
  9. Click Save. You can click Save and exit to save the identity feed configuration in draft mode.
    The created identity feed record gets displayed in the Identity feed screen.