Edit Application Page

IdentityIQ does not support applications names that start with a numeric value or that are longer than 31 characters

The name of the application. This is the named used to identify the application throughout IdentityIQ.

The owner of the application. The owner specified here is responsible for certifications and account group certifications requested on this application if no revoker is specified.

Application ownership can be assigned to an individual identity or a workgroup. If the application ownership is assigned to a workgroup, all members share certification responsibilities, are assigned certification request associated with the application and all can take action on those requests.

The application type, for example, LDAP or JDBC.
The Application Type drop-down list contains the types of application to which IdentityIQ can connect. This list will grow and change to meet the needs of IdentityIQ users.

A brief description of the application.

You must Save the description before changing languages to enter another description.

Use the language selector to enter description in multiple languages. The drop-down list displays any languages supported by your instance of IdentityIQ. The description displayed throughout the product is dependent on the language associated with the user’s browser. If only one description is entered, that is the description used by default.

If no user is specified in this field, all revocation requests are assigned to the to application owner by default.

The default IdentityIQ user or workgroup to be assigned revocation requests associated with entitlements on this application.

Optional: Specify an application to manage accounts and provide a connector and schema settings for this application.

A proxy application is an application that handles the processing (aggregation and provisioning) on behalf of your application. Here are three examples of proxy applications:

• Multiplex applications: In this case you define an application and, most often, a build map rule that sorts the data out in multiple sub-applications. In that case, the sub-applications have the main application as the proxy.

• Similar to the multiplex applications are the connectors for legacy identity management systems such as, BMC, Novell/NetIQ, IBM Tivoli, and Sun/Oracle Waveset.

• The Cloud Gateway connector tunnels all aggregation and provisioning requests to the gateway in another network. The gateway then acts on behalf of IdentityIQ. All applications that live in the remote network need to have the cloud gateway connector set as the proxy.

An optional class used to associate this application with a larger set of applications for role modeling purposes.

For example, you might set a profile class of XYZ on all of the applications where any user that has read account privileges should be assigned the role XYZ Account Reader. You can then create a single profile for that role instead of a separate profile for each instance of the applications. During the correlation process any user with read account privileges on any of the applications with the profile class XYZ is assigned the role XYZ Account Reader.

This field is only visible if scope is enabled.

The scope for this application.
If scope is assigned, only the owner of the application or users that control the designated scope can work with this application.

Objects associated with this application, for example entitlements in a certification request, are visible to a user with any or no controlled scope, but if a new object is being created, for example a certification schedule, this application does not appear on the select list unless the creator controls the scope assigned.

Depending on configuration settings, objects with no scope assigned might be visible to all users with the correct capabilities.

An authoritative application is a repository for employee information for your enterprise, for example a human resources application. These might not be at risk applications, but they are the data source from which the majority of the IdentityIQ Identity Cubes are built. Select if this application in an authoritative application. Note that your organization can have multiple authoritative applications.

Use to cause case insensitive comparisons of account attribute values when evaluating provisioning policy.

Select this option if this application should be included when IdentityIQ performs native change detection during aggregation.