Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Identity Manager 8.2.1 - Web Designer Web Portal User Guide

General tips and getting started Security keys (WebAuthn) Requests
Requesting products Saved for Later list Request templates Pending requests Displaying request history Resubmitting requests Canceling requests Renewing products with limit validity periods Unsubscribing products Displaying approvals Undoing approvals Request inquiries Auditing requests Escalated requests
Attestation
Managing attestations Attestors for attestation cases Sending attestation reminders My attestation cases Pending attestations Displaying attestation history Attestation inquiries Auditing attestations Escalation
Compliance Responsibilities
My responsibilities
Specifying keywords for requestable products Managing my departments Managing my application roles Managing my devices Managing my business roles Managing my identities Managing my cost centers Managing my multi-request resources Managing my multi requestable/unsubscribable resources Managing my resources Managing my software applications Managing my locations Managing my system entitlements Managing my system roles Managing my assignment resources
Delegating tasks Ownerships Auditing
Auditing departments Auditing application roles Auditing devices Auditing business roles Auditing identities Auditing cost centers Auditing multi-request resources Auditing multi requestable/unsubscribable resources Auditing resources Auditing software Auditing locations Auditing system roles Auditing system entitlements Auditing assignment resources
Governance administration
Managing departments Managing business roles Managing identities Managing cost centers Managing multi-request resources Managing multi requestable/unsubscribable resources Managing resources Managing locations System entitlements Managing system roles Managing assignment resources
Applications Calls Discovering your statistics on the home page Appendix: Attestation conditions and approval policies from attestation procedures Appendix: Page and menu descriptions
Information (Menu description) My requests (Menu description) Profile (Menu description) Help (Menu description) Request (Menu description) Attestation (Menu description)
My attestation status (page description) My actions (page description)
Pending attestations (page description)
Pending attestations – Attestation policies (page description) Pending attestations: One Identity Manager application roles (page description) Pending attestations: Departments (page description) Pending attestations: System roles (page description) Pending attestations: Locations (page description) Pending attestations: Business roles (page description) Pending attestations: PAM assets (page description) Pending attestations: PAM user accounts (page description) Pending attestations: Employees (page description) Pending attestations: Cost centers (page description) Pending attestations: User accounts (page description) Pending attestations: System entitlements (page description) Pending attestations: Resources (page description) Pending attestations: Assignment resources (page description) Pending attestation: Multi-request resources (page description) Pending attestations: Software (page description) Pending attestations: Multi requestable/unsubscribable resources (page description) Pending attestations: Devices (page description) Pending attestations – approvals (page description)
Attestation history (page description) Attestation inquiries (page description)
Auditing (page description) Governance administration (page description) Attestation escalation approval (page description)
Compliance (Menu description) Responsibilities (Menu description)
My responsibilities (page description)
Identities (page description) System entitlements (page description) Business roles (page description) System roles (page description) Departments (page description) Cost centers (page description) Locations (page description) Application roles (page description) Resources (page description) Assignment resources (page description) Multi-request resources (page description) Software (page description) Multi requestable/unsubscribable resources (page description) Devices (page description)
Delegating tasks (page description) Ownerships (page description) Auditing (page description)
Auditing – Departments (page description) Auditing – Application roles (page description) Auditing – Device (page description) Auditing – Business roles (page description) Auditing – Identity details (page description) Auditing – Cost center (page description) Auditing – Multi-request resources (page description) Auditing – Multi requestable/unsubscribable resources (page description) Auditing - Resources (page description) Auditing – Software (page description) Auditing – Locations (page description) Auditing – System roles (page description) Auditing - Assignment resource (page description) Auditing – Active Directory (page description) Auditing – Azure Active Directory (page description) Auditing – Custom target system group (page description) Auditing – Google Workspace (page description) Auditing – Domino (page description) Auditing – LDAP (page description) Auditing – Oracle E-Business Suite (page description) Auditing – Privileged Account Management (page description) Auditing – SAP R/3 (page description) Auditing – Unix (page description)
Governance administration (page description)
Business roles (page description) Identities (page description) Multi-request resources (page description) Multi requestable/unsubscribable resources (page description) Organization (page description) Resources (page description) System entitlements (page description) System roles (page description) Assignment resources (page description)
Calls (Menu description)

Requesting from templates

You can use your own request templates or system templates for making requests. This helps simplify proper provisioning for a particular job or function. For example, a template may contain all the products a new identity needs to get started. If you use a template for a request, you are not obliged to request all the products in the template. You only have to select the products you want from the template. For more information, see Request templates.

TIP: To find out how you can request the same products as another identity, see Requesting products through reference users.

To request products using a template

  1. In the menu bar, click Request > My Requests.

  2. On the My requests page, click Start a new request.

  3. On the Request page, on the bottom right, click Actions > Select a request template.

  4. In the Choose a template dialog, next to the required request template, click Add to cart.

    TIP: If you want to display all of the content of the request templates, click next to the request template.

  5. On the My Shopping Cart page, click Submit.

    TIP: You can also add more products to your shopping cart and configure various settings. For more information, see Managing products in the shopping cart.

Related topics

Requesting privileged access

You can use the Privileged access requests service category to request privileged access to high-security systems (Privileged Account Management systems).

TIP: For more information on the topic of Privileged Account Management, see the One Identity Manager Administration Guide for Privileged Account Governance.

To request privileged access

  1. In the menu bar, click Request > My Requests.

  2. On the My requests page, click Start a new request.

  3. On the Request page, click Privileged access requests.

  4. On the Request page, select how you want to access the system by selecting the check box in front of the corresponding option:

    • Password release request: Request a temporary password.

    • Remote desktop session request: Request temporary access through a remote desktop connection.

    • SSH key request: Request temporarily valid SSH key.

    • SSH session request: Request temporary access through an SSH session.

    • Telnet session requests: Request temporary access using a Telnet session.

  5. Click Add to cart.

  6. In the new dialog, next to PAM user account, click Assign/Change.

  7. In the PAM user account dialog, select the PAM user account that you want to use for PAM access.

  8. Depending on the type of access you have selected, perform one of the following actions:

    • Password request:

      1. Next to System to access, click Assign.

      2. In the System to access dialog, select whether you want to request access for a PAM asset or a PAM directory.

      3. Click the corresponding PAM directory or PAM asset.

    • Telnet session request, remote desktop session request, SSH key request, or SSH session request:

      1. Next to Asset, click Assign.

      2. In the Asset dialog, click the corresponding PAM asset.

  9. Perform the following actions:

    1. Next to Account to access, click Assign.

    2. In the Account to access dialog, select which access you want to request, either PAM directory account or a PAM Asset account.

    3. Click the PAM asset account or PAM directory account you want to access.

  10. (Optional) In the Comment field, enter a comment, for example, to justify why you are requesting this access.

  11. In the Valid from field, specify the time from which you want the access to be valid or clear the check box so that access is valid from the time of this request.

    TIP: Use the icons next to the date field to select the date and time from the calendar or a list.

  12. In Checkout duration, enter the number of minutes for which the access is valid.

    NOTE: This duration refers to your entry in the Valid from field. For example, if you have specified that the access is valid from 12 noon tomorrow and should be valid for 60 minutes, then the validity period will expire at 1 pm tomorrow.

  13. Click Save.

  14. (Optional) Repeat the steps for all other users and access types.

  15. On the My Shopping CartShopping Cart page, click .

    TIP: You can also add more products to your shopping cart and configure various settings. For more information, see Managing products in the shopping cart.

    Once the request has been approved, a button will appear in the request details pane of the request history (see Displaying request history) that you can use to log in to the Privileged Account Management system to obtain the login credentials.

Related topics

Requesting Starling 2FA tokens

The Starling Two-Factor Authentication is a multi-factor authentication and can be used when requesting products or approving attestations in the Web Portal. This reduces the risk of unauthorized persons requesting critical products or approving attestations in your name.

To use multi-factor authentication, you must have a Starling 2FA token. You can request this product in the Web Portal. The following data is required to request a Starling 2FA token:

  • Your mobile phone number
  • Your country of residence
  • Your default email address

You can enter this information under My profile > Contact data. For more information, see Editing your profile information.

To request a Starling 2FA token

NOTE: Each identity can request only one new Starling 2FA token. If your mobile phone number changes, you must unsubscribe your Starling 2FA token (see Unsubscribing products) and request it again.

  1. In the menu bar, click Request > My Requests.

  2. On the My requests page, click Start a new request.

  3. Click Access Lifecycle on the Request page.

  4. Click Add to the cart next to the product New Starling 2FA token.

  5. In the New Starling 2FA token dialog, check the mobile phone number and country code. If you have not saved a mobile phone number or the country in your profile, enter your mobile number in the Mobile phone field. Next to Country, click Assign and select a country.

  6. Click OK.

  7. On the My Shopping Cart page, click Submit.

    TIP: You can also add more products to your shopping cart and configure various settings. For more information, see Managing products in the shopping cart.

    The request is forwarded to your manager for approval. Once your manager has granted approval, you will receive a text message on your mobile phone with a link to a multi-factor authentication app.

  8. Install the app on your smartphone:

    1. Open the text message and click the link.

    2. Download the multi-factor authentication app to your smartphone.

    3. Open the app and enter your country code and the mobile phone number.

    4. Confirm the given data and enter your email address.

    5. Reconfirm and select whether to use telephone or text message contact.

      After successful installation, you will receive a registration code.

    You can now use the app for generating a security code.

Related topics

Requesting products that require multi-factor authentication

Multi-factor authentication can be used for specific security-critical requests. Depending on the configuration, either the requester, the order recipient, or the approver must authenticate themselves using an additional security code. Define which products require this authentication in your service items.

To use multi-factor authentication, you must have a Starling 2FA token. For more information, see Requesting Starling 2FA tokens.

To request a product that requires multi-factor authentication

  1. In the menu bar, click Request > My Requests.

  2. On the My requests page, click Start a new request.

  3. On the Request page, click a service category containing products that require multi-factor authentication.

  4. Place the products you want in the shopping cart (see Adding products to the shopping cart) and, if necessary, make further settings in the shopping cart (see Managing products in the shopping cart).

  5. On the My Shopping Cart page, click Submit.

  6. On the Terms of use page, enable the I have read and understood the terms of use option and click Accept.

    A few minutes may pass before you are prompted to enter a security code.

  7. Perform one of the following actions:

    • Click Authenticate with Starling 2FA app.

    • Click Send SMS or Phone call, enter the security code, and click Next.

    Related topics
Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation