Access catalog properties

The com.ibm.itim.accesscatalog.groupIntersectionJoin.enabled enables support for searching group access when requesting access in the Identity Manager Service Center when Intersection Join directive is used for the group attribute. The com.ibm.itim.accesscatalog.customJoin.enabled enables support for searching group access when requesting access in the Identity Manager Service Center when Custom Join directive is used for the group attribute.

Access catalog properties

com.ibm.itim.accesscatalog.groupIntersectionJoin.enabled

Do not change this property value unless you are a qualified administrator.

Enables support for searching group access when requesting access in the Identity Manager Service Center in the case where Intersection Join directive is used for the group attribute.

Values include:

  • true
  • false

The default is false.

Example (default):

com.ibm.itim.accesscatalog.groupIntersectionJoin.enabled=false
com.ibm.itim.accesscatalog.customJoin.enabled

Do not change this property value unless you are a qualified administrator.

Enables support for searching group access when requesting access in the Identity Manager Service Center in the case where Custom Join directive is used for the group attribute.

Values include:

  • true
  • false

The default is false.

Example (default):

com.ibm.itim.accesscatalog.customJoin.enabled=false
enable.service.access

Do not change this property value unless you are a qualified administrator.

Specifies whether a service is defined as an access by default during creation.

Values include:
  • true
  • false

If the value is not defined, the value defaults to false.

  • For upgraded installations of IBM Verify Identity Governance, the default value is false.
  • For new installations of IBM Verify Identity Governance, the default value is true.

Example (default)

enable.service.access=false
enable.group.access

Do not change this property value unless you are a qualified administrator.

Specifies whether groups are defined as access by default when a group is created or modified.

Values include:
  • true
  • false

If the value is not defined, the value defaults to false.

  • For upgraded installations of IBM Verify Identity Governance, the default value is false.
  • For new installations of IBM Verify Identity Governance, the default value is true.

Example:

enable.group.access=false
enable.role.access

Do not change this property value unless you are a qualified administrator.

Values include:

  • true
  • false

If the value is not defined, the value defaults to false.

  • For upgraded installations of IBM Verify Identity Governance, the default value is false.
  • For new installations of IBM Verify Identity Governance, the default value is true.

Example:

enable.role.access=false
access.request.staging

Do not change this property value unless you are a qualified administrator.

Specifies whether to stage the authorized dynamic service and group entitlements for a person during the access request for a person. Staged dynamic entitlements are cleared after 30 minutes.

Values include:
  • true
  • false

If the value is not defined, the value defaults to false.

  • For upgraded installations of IBM Verify Identity Governance, the default value is false.
  • For new installations of IBM Verify Identity Governance, the default value is true.

Example:

access.request.staging=true