Access catalog properties
The com.ibm.itim.accesscatalog.groupIntersectionJoin.enabled
enables
support for searching group access when requesting access in the Identity Manager Service Center when Intersection Join
directive
is used for the group attribute. The
com.ibm.itim.accesscatalog.customJoin.enabled
enables support for searching group
access when requesting access in the Identity Manager Service Center
when Custom Join directive
is used for the group attribute.
Access catalog properties
com.ibm.itim.accesscatalog.groupIntersectionJoin.enabled
-
Do not change this property value unless you are a qualified administrator.
Enables support for searching group access when requesting access in the Identity Manager Service Center in the case where
Intersection Join directive
is used for the group attribute.Values include:
true
false
The default is
false
.Example (default):
com.ibm.itim.accesscatalog.groupIntersectionJoin.enabled=false
com.ibm.itim.accesscatalog.customJoin.enabled
-
Do not change this property value unless you are a qualified administrator.
Enables support for searching group access when requesting access in the Identity Manager Service Center in the case where
Custom Join directive
is used for the group attribute.Values include:
true
false
The default is
false
.Example (default):
com.ibm.itim.accesscatalog.customJoin.enabled=false
enable.service.access
-
Do not change this property value unless you are a qualified administrator.
Specifies whether a service is defined as an access by default during creation.
Values include:true
false
If the value is not defined, the value defaults to false.
- For upgraded installations of IBM Verify Identity Governance, the default value is false.
- For new installations of IBM Verify Identity Governance, the default value is true.
Example (default)
enable.service.access=false
enable.group.access
-
Do not change this property value unless you are a qualified administrator.
Specifies whether groups are defined as access by default when a group is created or modified.
Values include:true
false
If the value is not defined, the value defaults to false.
- For upgraded installations of IBM Verify Identity Governance, the default value is false.
- For new installations of IBM Verify Identity Governance, the default value is true.
Example:
enable.group.access=false
enable.role.access
-
Do not change this property value unless you are a qualified administrator.
Values include:
true
false
If the value is not defined, the value defaults to false.
- For upgraded installations of IBM Verify Identity Governance, the default value is false.
- For new installations of IBM Verify Identity Governance, the default value is true.
Example:
enable.role.access=false
access.request.staging
-
Do not change this property value unless you are a qualified administrator.
Specifies whether to stage the authorized dynamic service and group entitlements for a person during the access request for a person. Staged dynamic entitlements are cleared after 30 minutes.
Values include:true
false
If the value is not defined, the value defaults to false.
- For upgraded installations of IBM Verify Identity Governance, the default value is false.
- For new installations of IBM Verify Identity Governance, the default value is true.
Example:
access.request.staging=true