Manual Provisioning
This page allows you to configure emails sent to support groups to handle all access requests resulting from automated processing performed by the business logic. It also allows you to configure Groovy scripts that can be used in a manual provisioning context.
The structure and content of emails are personalized using the MVFLEX Expression Language (MVEL) which allows you to include dynamic data from the repository.
The strategies defined here can be assigned to assets that are not integrated by bidirectional connectors.
To configure a manual provisioning strategy
In the menu bar, click CONFIGURATION> Manual Provisioning.
At the top right of the page, click the
button.Under Details, in the Name text box, enter the name of this new strategy. The name must be distinctive as it will appear in a list of strategies.
In the Description text box, enter a description of this strategy.
In the Details section, fill in the following parameters:
Parameter Description Provisioning Type Allows you to choose the execution mode of the manual provisioning process. Two options are available:
- Email : the system sends an email generated from an MVEL script.
- Script : allows you to define a Groovy script to execute.Recipient Defines the type of recipient of the manual provisioning email:
- Email : one or more recipients defined by email address. Ex: IT support group responsible for managing access to target applications and systems.
- Asset Manager : the email is sent to the manager associated with the target asset and their delegates.Email Destination address input field. Example: lblais@wcd8w.onmicrosoft.com.Content Language Selects the language of the message (English or French). The interface allows you to define separate MVEL scripts for each language. MVEL Script for Subject Text field in which the MVEL script generating the email subject dynamically is defined.
Example:Manual Requests - @{target.?fullName or "Not Available"}
This script automatically inserts the target's full name or the mention Not Available if the information is missing.MVEL Script for Body Text area containing the MVEL script that generates the message body. The content can include HTML code and dynamic MVEL expressions.
Illustrated example:html<br><!DOCTYPE html><br><html><head><meta charset="utf-8"><style>body {font-family: 'Open Sans'; font-size:12px; color:#5e5e5e;}</style></head><body>...</body></html><br>Request for Preview Allows you to select an existing workflow request in the RAC/M Identity data repository to simulate a real context and test the email rendering. Template for Preview Alternative option to select a predefined template used as the basis for the test message. The Subject / Body Preview area displays the result of the dynamic generation of the email subject and body according to the script.
Best Practices
- Use the preview to validate the message rendering before activation.
- Include MVEL variables to personalize messages (target name, system, requester, etc.).
- Prefer sending to configured notification groups rather than fixed addresses, to simplify maintenance.
- When the password is communicated, ensure it is sent via a separate email in accordance with security policies.
- Document each MVEL script and keep a validated version in your configuration repository.
Available Manual Provisioning Targets
The following manual provisioning targets are available in RAC/M Identity:
| Target | Notes |
|---|---|
| ServiceNow |