On 2019-01-12 18:04, mJg2XW wrote: > > Hi > > Is there any way on creating "Resources" in UserApp/resource catalog > from a corresponding AD group automatically, and assign the Entitlement > Value? > > /Michael > > Hello,
We do it with custom policys on the publisher channel that call a workflow that in turn calls a integration activity that uses SOAP against the User Application to create the resources.
If you use a modern IDM version you could skip the workflow and create the resource directly from the policy builder.
-alekz
-- If you find this post helpful and are logged into the web interface, show your appreciation and click on the star below.
alekz <alekz@no-mx.forums.microfocus.com> wrote: > On 2019-01-12 18:04, mJg2XW wrote: >> >> Hi >> >> Is there any way on creating "Resources" in UserApp/resource catalog >> from a corresponding AD group automatically, and assign the Entitlement >> Value? >> >> /Michael >> >> > Hello, > > We do it with custom policys on the publisher channel that call a > workflow that in turn calls a integration activity that uses SOAP > against the User Application to create the resources. > > If you use a modern IDM version you could skip the workflow and create > the resource directly from the policy builder. >
We do similar (WF, integration activity), but move such logic to separate driver. keeping AD driver for just data transport as much as possible.
There are still some limitations on the tokens vs the soap calls. For resources IIRC you canâ€t specify a custom container.
Also, as I said. In theory you only need 1 resource with dynamic entitlements, but that might not suit your overall design.
alekz <alekz@no-mx.forums.microfocus.com> wrote: > On 2019-01-12 18:04, mJg2XW wrote: >> >> Hi >> >> Is there any way on creating "Resources" in UserApp/resource catalog >> from a corresponding AD group automatically, and assign the Entitlement >> Value? >> >> /Michael >> >> > Hello, > > We do it with custom policys on the publisher channel that call a > workflow that in turn calls a integration activity that uses SOAP > against the User Application to create the resources. > > If you use a modern IDM version you could skip the workflow and create > the resource directly from the policy builder. >
We do similar (WF, integration activity), but move such logic to separate driver. keeping AD driver for just data transport as much as possible.
There are still some limitations on the tokens vs the soap calls. For resources IIRC you canâ€t specify a custom container.
Also, as I said. In theory you only need 1 resource with dynamic entitlements, but that might not suit your overall design.
t specify a custom container.
Support
Documentation
Learning Services
Partner Programs