Managing processes

A visual tool and a wizard guide you through the definition and management of authorization processes.

In the Process tab, on the left, you can identify the processes registered in the system.

A process is characterized by a set of main attributes that are shown in the Details tab and are described in the next table:
Table 1. Process attributes
Attribute Description
Name The name of the process. If the process name is in italics, the process is not synchronized.
Code A numerical and unique code that is associated to the process for logging and reporting activities.
Context A context that identifies a set of homogeneous functions that are used to manage an authorization process.
Type Workflow A process composed of an appropriate combination of GEN, AUTH, and EXE activities.
Escalation A process composed by a sequence of AUTH activities (at least, only one AUTH activity).
Direct A process composed of a single EXE activity.
Status Off Line Off line icon (orange exclamation point) A process is Off Line during its initial planning stages, which include the design and configurations of activities, followed by the association of any activity with one or more IAM actors. From this state, the process can move only to the On Line state.
On Line On line icon (green check mark) A process is in this state when it is ready to be run. From this state, the process can move only to the Maintenance state.
Maintenance Maintenance icon (tools) A process is in this state when some modifications must be made to the starting structure of the process or to the configuration of one or more activities. From this state, the process can move only to the On Line state.

Some of these attributes, Name, Type, and Status, can be used for filtering processes.

The next table lists the activity types that you can define for building a process:
Table 2. Activity block-types
Icon Type Description
Generation icon (puzzle piece) Generation (GEN) A request generation function that is used to obtain something such as a VPN access, a role on a target system, or an account or different credentials.
Authorization icon Authorization (AUTH) A serial approval function for a previously entered request.
Execution icon Execution (EXE) A function that runs the requested operation.

It is not used for target systems that are automatically synchronized with the IAM system. It is necessary if the activity on the target is fulfilled manually. The execution step automatically produces an event for the operator who manually acts on the target. This event might be used to trigger external applications such as help desk applications.
Select Actions to do one of the following actions:
Note: Copy and Add are useful with the configuration of a process.

Remove

To remove a process, follow these steps:
  1. Select the process in Process.
  2. If the process status is On Line, change it to Off Line or Maintenance.
  3. Click Actions > Remove.

    A confirmation window is displayed. For workflows that support column customization in the request (Admin Access Change and User Access Change), you can also select to keep or delete the associated user preferences. If you select to keep the user preferences, they are not removed along with the process by the CleanupUserPreferencesJob of Task Planner.

  4. Click Ok to confirm the operation.
Note:

You cannot delete an On line icon (green check mark) On Line process.

Export

To export a process, follow these steps:
  1. Select the process in Process.
  2. Click Actions > Export.
  3. If the process is On Line or in Maintenance, the Assign - Process name window displays the roles that are assigned to the activities. Click Ok.
  4. A system-based window opens where you can save or open the .zip file that contains the XML file that describes the process.
  5. Click Ok in the window that shows the outcome of the operation.
Note: You cannot export and then import workflows between different versions of Identity Governance and Intelligence. The product versions must be the same.

Import

To import a process, follow these steps:
  1. Click Import.
  2. In the window Select file to be imported, click Browse and select the file to import.
  3. Click Ok in the window that shows the outcome of the operation.
CAUTION:
You can import only workflows that are exported from the same product version. Importing workflows from different versions is failed by rule validation.

Maintenance

To place a process in the Maintenance state, follow these steps:
  1. Select a process in Process.
  2. If the process is On line icon (green check mark) On Line, click Actions > Maintanance.
  3. The status icon of the process is updated to Maintenance icon (tools) Maintenance.

Online

To place a process in the On Line state, follow these steps:
  1. Select a process in Process.
  2. If the process is in Maintenance icon (tools) Maintenance, click Actions > On Line.
  3. The status icon of the process is updated to On line icon (green check mark) On Line.