Additional provisioning policy actions and nouns

Idea ID 2783757

Additional provisioning policy actions and nouns

In addition to the current policy actions in IDM 4.7 to request and revoke roles and resources and to the upcoming new actions in 4.8 it would be great to also be able to read assigned roles and resources.

For example on user termination we would like to be able to automatically read all roles and resources assigned explicitly to the user and revoke them. And I guess it would also make sense to be able to read all running requests for a user so that they can be denied.

So maybe something like the following argument builder nouns "Assigned Roles", "Assigned Resources" and "Running Requests" and an action "deny request"?
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.