Displaying assignment resource overviews
Use this task to obtain an overview of the most important information about an assignment resource. For this, you need to take into account the affiliation of the assignment resource to IT Shop structures.
To obtain an overview of a service item
-
In the Manager, select the Entitlements > Assignment resources for IT Shop category.
-
Select the assignment resource in the result list.
-
Select the Assignment resource overview task.
Adding assignment resources to the IT Shop
An assignment resource can be requested by shop customers when it is assigned to an IT Shop shelf.
To add a resource assignment to the IT Shop
-
In the Manager, select the Entitlements > Assignment resources for IT Shop category.
-
Select the assignment resource in the result list.
-
Select the Add to IT Shop task.
-
To assign the assignment resource to shelves, select the IT Shop shelves tab and, in the Add assignments section, select the shelves with a double-click.
-
To assign the assignment resource to IT Shop templates, select the IT Shop templates tab and, in the Add assignments section, select the template with a double-click.
- Save the changes.
Removing assignment resources from the IT Shop
To remove an assignment resource from all IT Shop shelves.
-
In the Manager, select the Entitlements > Assignment resources for IT Shop category.
-
Select the assignment resource in the result list.
-
Select the Add to IT Shop task.
-
To remove the assignment resource from the shelves, select the IT Shop shelves tab and, in the Remove assignments section, double-click the shelves.
-
To remove the assignment resource from the IT Shop templates, select the IT Shop templates tab and, in the Remove assignments section, double-click the shelves.
- Save the changes.
To remove an assignment resource from all IT Shop shelves.
-
In the Manager, select the Entitlements > Assignment resources for IT Shop category.
-
Select the assignment resource in the result list.
-
Select the Remove from all shelves (IT Shop) task.
- Confirm the security prompt with Yes.
-
Click OK.
The One Identity Manager Service removes the assignment resource from all shelves. All assignment requests with this assignment resource are canceled in the process.
Delegations
Role assignment and responsibilities can be temporarily delegated to others. Thereby, a distinction is made between single delegations and deputizing.
-
Deputize: Delegate all your responsibilities for a defined area to a deputy. The following areas can be selected:
-
Approval authorization for requests
Once an identity is determined as the approver for requests, their deputy is added as an additional approver.
-
Exception approval requests violate the rules
Once an identity is determined as the exception approver for requests, their deputy is added as an additional exception approver.
-
Approval authorization in attestation cases
Once an identity is determined as the attestor, their deputy is added as an additional attestor.
-
Manager of identities
The deputy of an identity's manager can also approve managerial tasks. For example, a deputy can initiate requests for employees.
-
Manager of all roles of a role class
The deputy of a hierarchical roles manager can also approve all managerial tasks. For example, a deputy can initiate assignment requests for a business role.
You can delegate responsibility for the following role classes:
Example: During their vacation, user A delegates any responsibilities as manager of business roles with the "Projects 2222" role class and approval authorization for requests to their deputy, user B.
-
A deputization, unlike single delegation, cannot be delegated further.
-
A single responsibility that was acquired via deputization can be delegated further by single delegation. (Example: User B delegates their responsibility for the "Projects 2222: Role B" business role to User E.)
-
An identity that is connected as a main or sub-identity cannot become a delegate nor can deactivated identities.
-
Single delegation: Delegate your responsibility for a specific role or your memberships in a specific business or application role to any given identity.
Example: User C delegates their membership in the "Project 2222: Role A" business role to user D.
Delegations are automatically approved after a compliance check. They can be canceled and deleted. For more information about delegating tasks, see the One Identity Manager Web Portal User Guide.
Delegations are revoked when the valid-until date is exceeded, the delegate is deleted from the customer node, or the deputy is deactivated.
Detailed information about this topic