Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Introduction

A recertification is a process that aims to periodically check a given entity and its relations for various factors such as accuracy, relevancy or up-to-dateness. Which entities are being recertified and in which periodicity depends on your business needs. This article describes which entities can be recertified and how this is usually done.

Certification Object Type

Core Identity

A Core Identity is probably the most central entity. The Core Identity holds relations such as employments, assigned roles and resources and data about itself. Common uses cases are to periodically check the communication data of a Core Identity or that all delegated permissions of the given Core Identity are still needed.

Organizational Units

An Organizational Unit is an entity that holds relations such as employments, assigned roles and resources and data about the organizational unit itself. Common use cases are to periodically check the data about the organizational unit is still accurate and that all delegated permissions of the given organizational units are still needed.

Recertification Task

A recertification task is the job that runs in the background and checks the last recertification date of an entity against the certification storage. So each time an entity has been recertified successfully, an appropriate certification entry will be stored in the certification storage. By defining a new recertification task, you can select all entities based on their the Certification Object Type and a time range. For example, check all Core Identities that have not performed a certification within the last 365 days.

Properties

When specifying a recertification task, you can set the following properties:

Property

Data Type

Mandatory

Example

Description

CertificationInterval

TimeSpan

(tick)

P365D

A yearly certification

CertificationObjectTypeId

Uint

(tick)

1

Choose one of the available:

  1. Organizational Unit

  2. Core Identity

TargetTypeIds

Uint

(tick)

1

You can further enclose your object type by its type. For example a Core Identity has a Core Identity Type, or an organizational unit has an organizational unit type.

WorkflowDefinitionId

GUID

(tick)

8fde167bd16f46328c360ac8b1187a0d

The workflow definition to be executed for each entity that needs a recertification.

Recertification Workflow

As seen in the properties list, the actual logic of the recertification is contained in a workflow definition. So you can define what should happen if an entity has to recertified.

Workflow Activities

CreateCertificationEntryActivity

Whenever a recertification has been completed, you should mark the appropriate certification entry as successful using the CreateCertificationEntryActivity activity.

SetCertificationStateActivity

Whenever a recertification has been completed or expired, you should set appropriate certification to either Certified or NotCertified by using the SetCertificationStateActivity activity

Signals

COS_I_AbortCertification

Whenever a recertification will be aborted, your workflow will be informed about this by the signal COS_I_AbortCertification. So please make sure you account for that in the workflow.

  • No labels

© ITSENSE AG. Alle Rechte vorbehalten. ITSENSE und CoreOne sind eingetragene Marken der ITSENSE AG.