Identity Manager centralizes access administration and ensures that every user has one identity—from your physical and virtual networks to the cloud. Also, users often require access to resources based upon their roles in the organization. For example, a law firm’s attorneys might require access to a different set of resources than the firm’s paralegals.
Identity Manager lets you provision users based on their roles in the organization. You define the roles and make the assignments according to your organizational needs. When a user is assigned to a role, Identity Manager provisions the user with access to the resources associated with the role. Users that have multiple roles receive access to the resources associated with all of the roles.
You can have users automatically added to roles as a result of events that occur in your organization. For example, you might add to your SAP HR database a new user with the job title of Attorney. If approval is required for adding a user to a role, you can establish workflows to route role requests to the appropriate approvers. You can also manually assign users to roles.
In some cases, certain roles should not be assigned to the same person because the roles conflict. Identity Manager provides Separation of Duties functionality that lets you prevent users from being assigned to conflicting roles unless someone in your organization makes an exception for the conflict.
The Identity Manager solution provides the following components for provisioning users:
Identity Manager Dashboard
Catalog Administrator
User Application
The Dashboard provides a single access point for all Identity Manager users and administrators. It allows access to all existing Catlog Administrator and User Application functionality. As of Identity Manager v4.6, the Dashboard replaces Identity Manager Home and Provisioning Dashboard.