Table of Contents
- List of Figures
- List of Tables
- Title and Copyright Information
- Preface
- What's New In This Guide
-
1
Understanding the Oracle Identity Self Service Interface
- 1.1 About Oracle Identity Self Service Interface
- 1.2 Top Panel of Oracle Identity Self Service Interface
- 1.3 About Help Link
- 1.4 Self Service Home page in Oracle Identity Self Service Interface
- 1.5 Compliance Home Page in Oracle Identity Self Service Interface
- 1.6 Manage Home page in Oracle Identity Self Service Interface
- Part I Getting Started
-
Part II Working with Self Service
- 4 Managing Profile Information
- 5 Managing Access for Self
-
6
Requesting Access
- 6.1 Requesting New Access
- 6.2 Viewing Hierarchical Attributes of Entitlements
- 6.3 Adding and Removing Catalog Items to and from the Cart
- 6.4 Adding and Removing Grant Duration
- 6.5 Managing Request Profiles
- 6.6 Tracking a Request
- 6.7 Deleting a Request
- 6.8 Withdrawing a Request
- 6.9 Closing a Request
- 6.10 Requesting Access With Policy Violations
- 7 Using the Unified Inbox
- 8 Managing Pending Approvals
-
9
Managing Provisioning Tasks
- 9.1 About Provisioning Tasks
-
9.2
Managing Pending Provisioning Tasks
- 9.2.1 Searching Provisioning Tasks
- 9.2.2 Viewing Provisioning Task Details
- 9.2.3 Setting Response for a Task
- 9.2.4 Adding Notes to a Task
- 9.2.5 Reassigning a Task
- 9.2.6 Viewing Task Assignment History
- 9.2.7 Viewing Form Details
- 9.2.8 Modifying Form Details
- 9.2.9 Retrying a Task
- 9.2.10 Manually Completing a Task
- 9.3 Managing Manual Fulfillment Tasks
-
10
Managing Certification Review Tasks
- 10.1 Searching and Viewing Certifications
- 10.2 Completing Certifications
- 10.3 Claiming and Releasing Group Certifier Assignments
- 11 Managing Pending Violations
-
Part III Working with Compliance
-
12
Using Identity Certification
- 12.1 Identity Certification Overview
- 12.2 Certification UI
- 12.3 Certification Name Formats
- 12.4 Searching and Viewing Certifications
- 12.5 Completing User Certifications in Offline Mode
- 12.6 Generating Certification Reports
-
13
Managing Identity Certification
-
13.1
Certification Concepts
- 13.1.1 Line of Business and Line Item
- 13.1.2 Certification Task
- 13.1.3 Certification Object
- 13.1.4 Certification Definition
- 13.1.5 Certification Jobs
- 13.1.6 Closed-Loop Remediation
- 13.1.7 Remediation Tracking
- 13.1.8 Event Listener
- 13.1.9 Certification Authorization
- 13.1.10 Custom Reviewer for User Certifications
-
13.2
Configuring Certifications
-
13.2.1
Prerequisites for Configuring Certifications
- 13.2.1.1 Marking a Catalog Item as Certifiable
- 13.2.1.2 Setting the Certifier in the Request Catalog
- 13.2.1.3 Setting User Manager and Organization Certifier
- 13.2.1.4 Setting User Attributes for Certification Snapshot
- 13.2.1.5 Setting Risk Levels for Individual Entities
- 13.2.1.6 Tagging Attributes
- 13.2.1.7 Configuring the Availability of Identity Certification
- 13.2.1.8 Configuring Reminders, Notifications, Escalations, and Expiry for Certifications (Optional)
- 13.2.2 Configuring Certification Options
-
13.2.1
Prerequisites for Configuring Certifications
- 13.3 Managing Certification Definitions
- 13.4 Scheduling Certifications
- 13.5 About How Risk Summaries are Calculated
- 13.6 About Closed-Loop Remediation and Remediation Tracking
- 13.7 Configuring Challenge Workflows
- 13.8 About Event Listeners
- 13.9 Configuring Event Listeners and Certification Event Trigger Jobs
- 13.10 Configuring Certification Reports
- 13.11 Understanding Multi-Phased Review in User Certification
- 13.12 About Pre-populate Certification Comments
- 13.13 About Certification UI New Features
- 13.14 About Certification Oversight
- 13.15 Troubleshooting Identity Certification
-
13.1
Certification Concepts
-
14
Managing Identity Audit
- 14.1 About Identity Audit
-
14.2
Understanding Identity Audit Concepts
- 14.2.1 About Modes of Detection
- 14.2.2 About Identity Audit Rules
- 14.2.3 About Rule Condition
- 14.2.4 About Identity Audit Policies
- 14.2.5 About Scan Definitions
- 14.2.6 About Scan Jobs
- 14.2.7 About Policy Violations
- 14.2.8 About Remediators
- 14.2.9 Understanding Policy Violation Remediation
- 14.2.10 About Policy Violation Reports
- 14.3 Enabling Identity Audit
- 14.4 Configuring Identity Audit
- 14.5 Managing Identity Audit Rules
- 14.6 Managing Identity Audit Policies
- 14.7 Managing Scan Definitions
-
14.8
Managing Policy Violations
- 14.8.1 Introducing Identity Audit Policy Violation Page in Identity Self Service
- 14.8.2 Searching Policy Violations
- 14.8.3 Opening Policy Violation Details
- 14.8.4 Completing Policy Violations
- 14.8.5 Closing Policy Violations
- 14.8.6 Remediating or Closing Policy Violations Causes
- 14.8.7 Generating Identity Audit Policy Violation Reports
-
12
Using Identity Certification
-
Part IV Working with Identity Administration
-
15
Managing Users
- 15.1 Searching Users
- 15.2 Creating a User
- 15.3 Viewing User Details
-
15.4
Modifying Users
- 15.4.1 Editing User Attributes
- 15.4.2 Requesting, Removing, and Modifying Roles
- 15.4.3 Requesting and Removing Entitlements
-
15.4.4
Requesting, Removing, and Modifying Accounts
- 15.4.4.1 Understanding Requesting for an Account
- 15.4.4.2 Modifying an Account
- 15.4.4.3 Removing an Account
- 15.4.4.4 About Multiple Accounts in Single Application Instance
- 15.4.4.5 Marking an Account as Primary
- 15.4.4.6 Disabling an Account
- 15.4.4.7 Enabling an Account
- 15.4.4.8 Modifying Account Grant Duration
- 15.4.5 Modifying Details of Direct Reports
- 15.4.6 Managing Proxies
- 15.5 Disabling a User
- 15.6 Enabling a User
- 15.7 Deleting a User
- 15.8 Locking a User Account
- 15.9 Unlocking a User Account
- 15.10 Resetting the User Password
-
16
Managing Roles
- 16.1 About Roles
- 16.2 Role Membership Inheritance
- 16.3 Default Roles
- 16.4 Creating Roles
-
16.5
Managing Roles
- 16.5.1 Searching for Roles
- 16.5.2 Viewing and Administering Roles
- 16.5.3 Displaying Role Analytics
- 16.5.4 Deleting Roles
-
17
Managing Access Policies
- 17.1 Terminologies Used in Access Policies
-
17.2
Features of Access Policies
- 17.2.1 Direct Provisioning
- 17.2.2 Revoking or Disabling the Policy
- 17.2.3 Role Hierarchy
- 17.2.4 Denying a Resource
- 17.2.5 Evaluating Policies
- 17.2.6 Evaluating Policies for Reconciled and Bulk Load-Created Accounts
- 17.2.7 Evaluating Policies for Direct Provisioned and Request Created Accounts
- 17.2.8 Access Policy Priority
- 17.2.9 Access Policy Data
- 17.2.10 Provisioning Multiple Instances of the Same Resource via Access Policy by Using Account Discriminator
- 17.2.11 Access Policy Authorization
- 17.3 Creating Access Policies
- 17.4 Managing Access Policies
- 17.5 Deleting Access Policies
-
17.6
Provisioning Multiple Instances of the Same Resource via Access Policy
- 17.6.1 Enabling Multiple Account Provisioning
- 17.6.2 Creating Separate Accounts for the Same User and Same Resource on a Single Target System
- 17.6.3 Provisioning Multiple Instances of a Resource to Multiple Target Systems
- 17.6.4 Limitation of Provisioning Multiple Instances of a Resource via Access Policy
- 17.7 Troubleshooting Issues with Evaluate User Policy Scheduled Job
-
18
Managing Organizations
- 18.1 About Organization Entity
- 18.2 Searching Organizations
- 18.3 Creating an Organization
-
18.4
Viewing and Modifying Organizations
- 18.4.1 Opening Organization Details
- 18.4.2 Modifying Organization Attributes
- 18.4.3 Managing Child Organizations
- 18.4.4 Viewing Organization Membership
- 18.4.5 Managing Dynamic Organization Membership
- 18.4.6 Managing Admin Roles
- 18.4.7 Viewing Available Accounts
- 18.4.8 Viewing Provisioned Accounts
- 18.4.9 Viewing Available Entitlements
- 18.5 Creating a User Member
- 18.6 Creating a Sub-Organization
- 18.7 Disabling and Enabling Organizations
- 18.8 Deleting an Organization
- 19 Managing Administration Roles
- 20 Managing Password Policies
-
21
Managing Application Onboarding
-
21.1
About Application Onboarding
- 21.1.1 What Is Application Onboarding?
-
21.1.2
Application Onboarding Concepts
- 21.1.2.1 Application Authorization
- 21.1.2.2 Application Types
- 21.1.2.3 Application Templates
- 21.1.2.4 Disconnected Applications
- 21.1.2.5 Instance Creation
- 21.1.2.6 Cloning Applications
- 21.1.2.7 Validation and Transformation of Provisioning and Reconciliation Attributes
- 21.1.2.8 Important Elements in the Application Template XML
- 21.2 Searching Applications
-
21.3
Creating Applications
-
21.3.1
Creating a Target Application
- 21.3.1.1 Providing Basic Information for Target Application
- 21.3.1.2 Providing Schema Information for Target Application
- 21.3.1.3 Providing Settings Information for Target Application
- 21.3.1.4 Verifying the Target Application Details
-
21.3.2
Creating an Authoritative Application
- 21.3.2.1 Providing Basic Information for Authoritative Applications
- 21.3.2.2 Providing Schema Information for Authoritative Application
- 21.3.2.3 Providing Settings Information for Authoritative Application
- 21.3.2.4 Verifying the Authoritative Application Details
-
21.3.1
Creating a Target Application
- 21.4 Creating Templates
- 21.5 Modifying Applications
- 21.6 Cloning Applications
- 21.7 Creating Instance Applications
- 21.8 Creating Applications in Bulk
- 21.9 Configuring Flat Files
- 21.10 Managing Flat File Configurations
- 21.11 Managing Jobs
- 21.12 Upgrading Connector Applications
- 21.13 Deleting Applications
- 21.14 About Customizing Groovy Scripts
- 21.15 Troubleshooting Application Onboarding
-
21.1
About Application Onboarding
- 22 Managing the Scheduler
- 23 Managing System Properties
-
24
Managing Notifications Template Services
- 24.1 About Notification Providers
- 24.2 Default Notification Template
- 24.3 Managing Notification Templates
-
15
Managing Users
- Part V Reporting
- Part VI Appendix
- A Personalizing Self Service
- B Functional Capabilities
- C Sample Application Template XML