Chat now with support
Chat with Support

Identity Manager 8.0 - Administration Guide for Connecting to Cloud Applications

Synchronizing Cloud Applications through the Universal Cloud Interface Setting up Synchronization with a Cloud Application Base Data for Managing Cloud Applications Cloud Applications Container Structures in a Cloud Application User Accounts in a Cloud Application Groups in a Cloud Application Permissions Controls in a Cloud Application Provisioning Object Changes Managing Provisioning Processes in the Web Portal Additional Information for Experts Appendix: Default Project Template for Cloud Applications

Administrators

Administrators

In One Identity Manager, you can assign employees to any cloud application, who can configure synchronization of the cloud application with One Identity Manager. There is a default application role for administrators in One Identity Manager. Assign the employees to this application role, who are authorized to configure synchronization and run manual provisioning. Create more application roles if required.

Table 13: Default Application Role for Administrators
User Task

Administrators

Administrators must be assigned to the application Universal Cloud Interface | Administrators or a sub application role.

Users with this application role:

  • Manage application roles for the Universal Cloud Interface.
  • Set up other application roles as required.
  • Configure synchronization in the Synchronization EditorClosed and define the mapping for comparing tcloud applications and One Identity Manager.
  • Edit cloud application in the Manager.
  • Edit pending, manual provisioning processes in the Web Portal and obtain statistics.
  • Obtain information about the cloud objects in the Web Portal and the Manager.

To initially specify an employee as administrator

  1. Log in to the Manager as One Identity Manager administrator (application role Base role | Administrators)
  2. Select the category One Identity Manager Administration | Universal Cloud Interface | Administrators.
  3. Select Assign employees in the task view.
  4. Assign the employee you want and save the changes.

To edit administrators

  1. Select the category Universal Cloud Interface | Basic configuration data | Universal Cloud Interface managers | Administrators.
  2. Select Change master data in the task view.

    - OR -

    Select an application role in the result list. Select Change master data in the task view.

    - OR -

    Click in the result list toolbar.

  3. Edit the application role's master data.
    • Enter the application role name and assign the parent application role Universal Cloud Interface | Administrators or a child application role.
  4. Save the changes.
  5. Select the task Assign employees, to assign members to the application role.
  6. Assign employees in Add assignments.

    - OR -

    Remove employees from Remove assignments.

  7. Save the changes.

For more detailed information about setting up application roles, see the One Identity Manager Application Roles Administration Guide.

Related Topics

Operators

Operators

In One Identity Manager, you can assign employees to any cloud application, who can execute manual provisioning. There is a default application role for operators in One Identity Manager. Create more application roles if required.

Table 14: Default Application Role for Operators
User Task

Operators

Operators must be assigned to the application role Universal Cloud Interface | Operators or a sub application role.

Users with this application role:

  • Edit pending, manual provisioning processes in the Web Portal and obtain statistics.

TIP: If you want to limit access permissions for operators to individual cloud application, define child application roles for each cloud application.

To specify operators

  1. Login to the Manager with the application role Universal Cloud Interface | Administrators.
  2. Select the category Universal Cloud Interface | Basic configuration data | Cloud applicationClosed.
  3. Select the cloud application in the result list.
  4. Select Change master data in the task view.
  5. Select the application in Operators on the General tab.

    - OR -

    Click next to Operators to create a new application role.

    • Enter the application role name and assign the parent application role Universal Cloud Interface | Operators.
    • Click OK to add the new application role.
  6. Save the changes.
  7. Assign employees to this application role who are permitted to edit the cloud application in One Identity Manager.

NOTE: You can also specify operators for individual containers Operators of a container are authorized to edit manual provisioning processes. Specify operators for containers in the category Universal Cloud Interface | <cloud application> | Container structure

To add employees to an application role

  1. Login to the Manager with the application role Universal Cloud Interface | Administrators.
  2. Select Assign employees in the task view.
  3. Assign the employees you want and save the changes.
Related Topics

For more detailed information about editing application roles, see the One Identity Manager Application Roles Administration Guide.

Auditors

Auditors

In One Identity Manager, you can assign employees to any cloud application, who can audit provisioning processes in the Web Portal. There is a default application role for auditors in One Identity Manager. Create more application roles if required.

Table 15: Default Application Role for Auditors
User Task

Auditors

Auditors must be assigned to the application role Universal Cloud Interface | Auditors or a sub application role.

Users with this application role:

  • Can view manual provisioning processes in the Web Portal and obtain statistics.

To specify auditors

  1. Login to the Manager with the application role Universal Cloud Interface | Administrators.
  2. Select the category Universal Cloud Interface | Basic configuration data | Universal Cloud Interface managers | Auditors.
  3. Select Change master data in the task view.

    - OR -

    Select an application role in the result list. Select Change master data in the task view.

    - OR -

    Click in the result list toolbar.

  4. Edit the application role's master data.
    • Enter the application role name and assign the parent application role Universal Cloud Interface | Auditors or a child application role.
  5. Save the changes.
  6. Select the task Assign employees, to assign members to the application role.
  7. Assign employees in Add assignments.

    - OR -

    Remove employees from Remove assignments.

  8. Save the changes.
Related Topics

Editing a Server

Editing a Server

In order to handle cloud specific processes in One Identity Manager, the synchronization server and its server functionality must be declared. You have several options for defining a server's functionality:

  • Create an entry for the Job serverClosed in the category Base Data | Installation | Job server in the Designer. For detailed information, see the One Identity Manager Configuration Guide.

  • Select an entry for the Job server in the category Universal Cloud Interface | Basic configuration data | Server in the Manager and edit the Job server master data.

    Use this task if the Job server has already been declared in One Identity Manager and you want to configure special functions for the Job server.

NOTE: One Identity Manager Service must be installed, configured and started in order for a server to execute its function in the One Identity Manager network. Proceed as follows in the One Identity Manager Installation Guide.

To edit a Job server and its functions

  1. Select the category Universal Cloud Interface | Basic configuration data | Server in the Manager.
  2. Select the Job server entry in the result list.
  3. Select Change master data in the task view.
  4. Edit the Job server's master data.
  5. Select Assign server functions in the task view and specify server functionality.
  6. Save the changes.
Detailed information about this topic
Related Topics
Related Documents