The second step in the Request Access wizard is
used to select the accesses that are requested for a user. The set
of access items to choose from is displayed as a collection of access
cards that are arranged in a grid. You can customize the information
that is displayed in these access cards.
About this task
An access card is like a brochure for the
access items in your organization. The information that is displayed
on an access card is arranged into several areas. You can customize
which access attributes to display in each of these areas to meet
your needs.
The following access attributes are available to
be displayed on the access card:
accessName
description
additionalInformation
tags
Note: The tags
attribute refers to the Search
terms
that are defined for the access item.
The primary
area
of the access card displays the most important access attribute, such
as the access name. The information in this area is displayed at the
top of the card and in the largest font. Only one access attribute
can be assigned to the primary
area.
The secondary
area
of the access card displays the next most important access attribute,
such as the access description. The information in this area is displayed
just under the primary
area and in a smaller font
than the primary
area. Only one access attribute
can be assigned to the secondary
area.
The tertiary
area
of the access card displays extra information about the access item,
such as the additional information. The information in this area is
displayed just under the secondary
area and in a
smaller font than the secondary
area. The tertiary
area
of the access cards displays the additional information about the
attributes.
The image
area of the access card
displays an icon that is associated with the access item.
Procedure
- Optional: Customize the access attributes that
are displayed in the different areas of access cards. Make a custom
copy of the config/Access.json file and open
the file with a text editor.
The contents of this file
are maintained in
JavaScript Object
Notation (JSON) format, which is way of representing structured
data.
The
primary
field specifies the name of
the access attribute to display in the
primary
area
of the access card. For example:
"primary" :"accessName",
You
can specify a different attribute to display in the
primary
area
to meet your needs.
The
secondary
field specifies
the name of the access attribute to display in the
secondary
area
of the access card. For example:
"secondary": "description",
You
can specify a different attribute to display in the
secondary
area
to meet your needs.
The
tertiary
field specifies
the access attribute to display in the
tertiary
area
of the access card. For example:
"tertiary": [ "additionalInformation" ],
You
can choose a different set of access attributes to display in the
tertiary area to meet your needs. The attributes to be displayed are
separated by commas and enclosed in square brackets.
- Optional: Customize the labels that are displayed
with the access attributes in the
tertiary
area of
the user card. Make a custom copy of the nls/Picker.properties file
and open the file with a text editor. The properties
in this file define the text that is displayed in various parts of
the access selection step of the
Request Access wizard.
Access
attributes assigned to the
tertiary
area of the access
card are displayed with a label to help the user understand what information
is displayed. For example, the
config/Access.json file
contains the following definition for the
tertiary
section:
"tertiary": [ "additionalInformation" ],
To
customize the label for an access attribute in the tertiary
area
of the access card, search for a property in the nls/Picker.properties file.
The property must match the uppercase form of the access attribute
name that is specified in the tertiary
section of
the config/Access.json file. For example, additionalInformation
.
If this property does not exist in the file, then add a property with
this name. Customize this property value to specify the string that
you want to display as the label of the access attribute in the tertiary
area
of the card.
- Customize the text that is displayed in the sort option
list for the
primary
, secondary
,
or tertiary
areas of the access card. Make a custom
copy of the nls/Picker.properties file and open
the file with a text editor. The properties in this
file define the text that is displayed in various parts of the access
selection step of the
Request Access wizard.
Sorting
of access cards is only supported for the
accessName
,
description
,
and
additionalInformation
attributes. If the attribute
in the
primary
area is supported for sorting, then
it is displayed as the first choice in the sort option list. If the
attribute in the
secondary
area is supported for
sorting, then it is displayed as the next choice in the sort option
list. If any of the attributes in the
tertiary
area
are supported for sorting, then they are displayed next in the sort
option list. The support is only up to a maximum of three sort options.
For example, the
config/Access.json file contains
the following definition:
"primary": "accessName",
"secondary": "description",
"tertiary": ["additionalInformation"],
Then, sorting on
the access name, description, and additional information attributes
is supported. The set of access cards has sort control at the top
that is represented as follows:
Sort By: Name, Description, Additional Information
To
customize the text that is displayed in the list of sort options,
search for a property in the nls/Picker.properties file.
This property must match the uppercase form of the corresponding attribute
name. For example, accessName
, description
,
or additionalInformation
. If this property does not
exist in the file, add a property with this name. Customize this property
value to specify the string that you want to display in the list of
sort options.
- Customize the image area of the access card to display
an icon for the associated access item. Make a custom copy of the config/Access.json file
and open the file with a text editor.
The contents of
this file are maintained in
JavaScript Object
Notation (JSON) format, which is a way of representing structured
data.
The
image
field specifies whether an image
is to be displayed with each access item. For example:
"image": "icon"
This
condition specifies that access icons must be displayed on access
cards, when the appropriate image file can be found. If you do not
want to display images on access cards, remove the
"image":
"icon"
from the
config/Access.json file.
Images
for access items can be defined for each individual access item, or
for access categories. When you configure an access category image,
then it displays for any access items in the category that do not
have their own image explicitly defined. IBM Verify Identity Governance includes
default images for the predefined access categories, but you can provide
custom images for these access categories, and custom images for individual
access items. By convention, images for access items are maintained
in the images/access folder
of your customizable files. For example, the image for the Application
access
category is images/access/iconApplicationAccess.gif.
- To define a custom image for one of the predefined access category
images, create the image in GIF format by using the naming convention
icon<access-Category>Access.gif
. <access-Category> is
the access category to which the image is applicable. For example, iconApplicationAccess.gif.
Place the custom image in the images/access folder
of your customizable files.
- To define a custom image for a customer-defined access category,
create the image in GIF format by using the naming convention
icon<access~category~hierarchy>Access.gif
.
Place the custom image in the images/access folder
of your customizable files. If your site administrator defined access
categories in a hierarchy, then the GIF name must reflect that hierarchy
by using “~
” characters. For example,
if a Finance
category is defined as a child of the Application
category,
then the image file must be called iconApplication~FinanceAccess.gif
.
- To define a custom image for a specific access item, create the
new image file in any image format. Use any file name that you choose
for the image file. Place the image file in the images/access folder
of your customizable files. Your site administrator can then specify
this image file location in the Access Information page
of the service that is associated with the access item. For example,
if you create an image that is called iconMyApplicationAccess.jpg,
the image location is specified in the field
as:
Results
The appearance of the access cards on the access selection
step of the Request Access wizard is changed
to reflect the customization that you made.
What to do next
You can verify the change immediately
in a single-server WebSphere® Application
Server environment. In a managed-cluster environment, you must wait
until after the configuration is synchronized to the application servers
in the cluster. For information about synchronizing the WebSphere
managed-cluster environments, see the WebSphere Application Server section
of the IBM Knowledge Center. Log in to the Identity Manager Service Center. Start
the Request Access wizard, and verify that the
appearance of the access cards reflects the customization that you
made.