Customizing account status and compliance information in the View Access wizard

You can customize the account status and compliance information that is displayed on the access cards in the View Access wizard.

Before you begin

  • Depending on your system customization, you might not have access to this task. Contact your system administrator to obtain access to this task, or to have someone complete it for you. See Location of Identity Manager Service Center customizable files and Customizing Identity Manager Service Center files (Software stack ) for specific details about where these files are located.
  • By default, the account status and compliance information is displayed on the access cards. Account status is displayed for the suspended and disallowed accounts. The compliance information is displayed for the accounts that are non-compliant. You might see the following compliance messages on the access cards:
    Compliance evaluation is pending
    Indicates that the access was returned from a reconciliation, which means it was not checked against the existing policies.
    Access is not compliant with the policy
    Indicates that the access can exist for the user, but that one or more of the underlying account attributes do not comply with the existing provisioning policies.
    Access is not allowed by the policy
    Indicates either that the access is not supposed to exist because the user is not allowed to have access to the specified resource, or that a provisioning policy is not defined for the resource.
    No message
    Indicates that the access is compliant.

About this task

The file config/Access.json contains the access attributes that are customizable. The access attributes can be in the following categories:
  • Standard attributes that are in the primary, secondary, tertiary, or image areas of the access cards. For more information about customizing the standard attributes, see Customizing an access card in the Request Access wizard.
  • Attributes that are customized for the user-specific views. For example, account status and compliance information.

Procedure

  1. Optional: Customize the account status that is displayed on the access cards.
    1. Make a custom copy of the config/Access.json file.
    2. Open the file with a text editor.
      The contents of this file are maintained in JavaScript Object Notation (JSON) format, which is way of representing structured data.
      For example:
      "userAccessView": {
      			"userId": {
      				"attribute": "account.eruid",
      				"display": true,
      				"sort": {
      					"enabled": true,
      					"labelKey": "userId"
      				}
      			},
      			"showCompliance": true,
                  "showAccountStatus": true
      		}	
    3. If you do not want to display the account status on the access cards, set the value for showAccountStatus to false.
      For example, "showAccountStatus": false.
  2. Optional: Customize the compliance information that is displayed on the access cards.
    1. Make a custom copy of the config/Access.json file.
    2. Open the file with a text editor.
      The contents of this file are maintained in JavaScript Object Notation (JSON) format, which is way of representing structured data.
      For example:
      "userAccessView": {
      			"userId": {
      				"attribute": "account.eruid",
      				"display": true,
      				"sort": {
      					"enabled": true,
      					"labelKey": "userId"
      				}
      			},
      			"showCompliance": true,
                  "showAccountStatus": true
      		}	
    3. If you do not want to display the compliance information on the access cards, set the value for showCompliance to false.
      For example, "showCompliance": false.

Results

The account status and compliance information that are displayed on access cards are changed to reflect the customization that you made in the config/Access.json file.