At a high level, a policy is the set of rules that enables you to manage the way Identity Manager sends and receives updates. The driver sends changes from the connected system to the Identity Vault, where policies are used to manipulate the data to achieve the desired results.
As part of understanding how policies work, it is important to understand the components of policies.
Policies are made up of rules.
A rule is a set of conditions, see Conditions
that must be met before a defined action, see Actions
occurs.
Actions can have dynamic arguments that derive from tokens that are expanded at run time.
Tokens are broken up into two classifications: nouns and verbs.
Noun tokens, see Noun Tokens
expand to values that are derived from the current operation, the source or destination data stores, or some external source.
Verb tokens, see Verb Tokens
modify the concatenated results of other tokens that are subordinate to them.
Regular expressions (see Regular Expressions) and XPath 1.0 expressions (see XPath 1.0 Expressions) are commonly used in the rules to create the desired results for the policies.
A policy operates on an XDS document and its primary purpose is to examine and modify that document.
An operation is any element in the XDS document that is a child of the input element and the output element. The elements are part of the NetIQ nds.dtd; for more information, see Identity Manager DTD Reference Documentation.
An operation usually represents an event, a command, or a status.
The policy is applied separately to each operation. As the policy is applied to each operation in turn, that operation becomes the current operation. Each rule is applied sequentially to the current operation. All of the rules are applied to the current operation unless an action is executed by a prior rule that causes subsequent rules to no longer be applied.
A policy can also get additional context from outside of the document and cause side effects that are not reflected in the result document.
For detailed information, see the following sections in this guide: