Chat now with support
Chat with Support

Identity Manager 8.1.5 - Web Portal User Guide

Getting started Security keys (WebAuthn) Requests Attestation Compliance Responsibilities
My responsibilities
Employees System entitlements Business roles System roles Departments Cost centers Locations Application roles Resources Assignment resources Multi-request resources Multi-requestable/unsubscribable resources Software Devices Adding tags for service items
Task delegation Ownerships Auditing Governance administration
Applications Calls Settings Discovering your statistics on the start page

Application role entitlements

Navigate to the Entitlements page through Responsibilities | My Responsibilities | One Identity Manager application roles | <application role> | Entitlements. For more information, see Displaying entitlements of application roles.

Employees can be assigned entitlements to different objects, such as, groups, accounts, role, or applications. Assigning employees to application roles avoids you having to assign entitlements separately to each employee. All entitlements of the application role are automatically assigned to all the members of the application role. For more information about application roles, see the One Identity Manager Authorization and Authentication Guide.

On the Entitlements page, you will see a list of entitlements that are assigned to an application role managed by you.

The following tables give you an overview of the different functions of the Entitlements page.

Table 66: Application role entitlements

Column

Description

Entitlement

Shows the entitlement's name.

Origin

Shows where the entitlement originated from.

Entitlement type

Show the type of entitlement (subscribed reports, account definitions, resources).

Related topics

Displaying entitlements of application roles

You can display entitlements of an application role at any time.

To show entitlements of an application role

  1. In the menu bar, click Responsibilities | My Responsibilities.

  2. On the My Responsibilities page, click the One Identity Manager application roles tile.

  3. On the One Identity Manager application role page, in the list, select an application role to show its entitlements.

  4. On the <application role name> (application role) page, click the Entitlements tile.

    This opens the Entitlements page. For more information, see Application role entitlements.

Related topics

Attesting application roles

Navigate to the Attestation page through Responsibilities | My Responsibilities | One Identity Manager application roles | <application role> | Attestation. For more information, see Displaying attestation cases of application roles.

Attestation helps you to ensure the correct balance between security and compliance within the company. Attestation policies define what and whom to attest. Attestation policies are run on a schedule, and generate attestation cases. For example, having a manager attest to the groups his employees belong to provides accountability if security breaches are found.

On the Attestation page, you can view and edit all the attestation cases that relate to application role.

The attestation cases are divided in to the different categories to provide a clearer overview:

  • Memberships: Shows all the attestation cases that relate to application role members.

  • Entitlements: Shows all the attestation cases that relate to entitlements of application role members.

  • Object attestation: Shows all the attestation cases that relate to the selected application role.

  • All attestation cases: Shows all the attestation cases.

The following tables give you an overview of the different functions on the Attestation page.

Table 67: Application role attestation

Column

Description

Display name

Show the name of the application role the attestation case relates to.

Attestation policy

Show that name of the attestation policy in use.

Status

Shows whether an approval decision has already been made for the attestation case.

New

Show you whether this is a new attestation case.

Due date

Show the date by which an approval decision must be made for the attestation case.

Risk index

Shows the importance of the attestation case.

Table 68: Controls

Control

Description

View approvers for pending cases

Use this button to view all employees that still have to make approval decisions about attestation cases. At this point, you can also send special reminder mails to these employees.

Send reminder

Use this button to send a reminder email to all the employee that still have to make approval decisions about attestation cases.

Approve

Use this button to open the Pending attestations: One Identity Manager application roles page. At this point, you make your approval decisions about the application roles' attestation cases.

Related topics

Displaying attestation cases of application roles

You can display application role attestation cases at any time.

To show application role attestation cases

  1. In the menu bar, click Responsibilities | My Responsibilities.

  2. On the My Responsibilities page, click the One Identity Manager application roles tile.

  3. On the One Identity Manager application roles page, in the list, select the application role whose attestation cases you want to show.

  4. On the <application role name> (Application role), click the Attestation tile.

    This opens the Attestation page. For more information, see Attesting application roles.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating