6.1 Publishing Identity Sources

Identity Governance publishes all identity sources concurrently to ensure that each unified identity receives the latest merged information. Identity sources always get published before application sources.

6.1.1 Understanding Publication Behavior

The catalog contains data collected from multiple data sources. To create a unified identity for each person, you need to merge, or unify, the different sets of collected information. Merging occurs during the publication process. For each identity source, you can specify one of the following publication options:

Publish and merge

Use this option when you collect data for the same identity from different data sources. For example, both Active Directory and Salesforce.com have the same first_name and last_name attributes for Jane Smith. This option allows you to combine the duplicate attributes from the sources into one identity for Jane in the Identity Governance catalog.

You must specify the rules for merging. Only one of your data sources can be an authoritative source for each identity attribute. To help you specify the attribute authority, Identity Governance numbers the data sources within each collection. The first source listed becomes the default authoritative source for all attributes in the collection. However, you can reorder the priority of the data sources or override the default setting for specific attributes. For more information, see Section 6.1.2, Setting the Merge Rules for Publication.

Publish without merging

Use this option if you have only one identity source or your data sources do not contain the same identities. Since Identity Governance does not perform any merging activities during publication, you might observe faster performance. However, if your sources do contain the same identity, Identity Governance will treat those identities as separate people.

Do not publish

Use this option when you are configuring the identity source. For example, you might not want to publish any collected data when you are testing the process.

6.1.2 Setting the Merge Rules for Publication

You might want to customize the rules for unifying the information collected from multiple identity sources for the same identity. Merging rules allow you to control which values will be stored when multiple identity sources provide information for the same fields. For example, if two sources provide an email address, data from the selected source will be saved as the primary value. If you don't select priorities using merging rules, Identity Governance uses the first collected value.

IMPORTANT:When collecting identities using the publish and merge setting, matching attributes become mandatory attributes to have Identity Governance include the user when publishing. If a secondary identity source has users that do not have the matching attribute defined in the collector, they will be collected, but they will not be published.

  1. Log in to Identity Governance as a Data Administrator.

  2. Select Data Sources > Identities.

  3. (Optional) Arrange the order of the identity sources to set their priority for merging the published attributes.

  4. (Optional) To use a specific identity source as the attribute authority, complete the following steps:

    1. Under Publish and merge, expand Set merging rules.

    2. For the attribute that you want to modify, specify the identity source.

      The None (go by order) option instructs Identity Governance to use the first identity source as the attribute authority.

  5. Select the Save icon.

  6. (Optional) Publish your pending changes.

  7. (Optional) Verify the changes that you published to the catalog.

6.1.3 Publishing the Identity Sources

If you have a scheduled collection, the scheduled run publishes the collected identities at the end of the run. You can also manually publish the identity sources.

Identity Governance uses a red diamond icon to indicate that an identity source has been collected but not published. Identity Governance shows any collection errors or warnings on the Identities and Applications data source pages.

  1. Log in to Identity Governance as a Data Administrator.

  2. Select Data Sources > Identities.

  3. Select the Publish identities now icon.