Application On-boarding

Application on-boarding is refers to the steps/process of adding an application to OpenIAM such that the application can participate in joiner,mover, leaver (JML) processes as well as request/approval workflows. There are essentially two types of applications. Those which can be:

  • Integrated with connectors - referred to as automated applications in OpenIAM
  • Integrated without connectors - referred to as manual applications in OpenIAM

This section describes how you can on-board both types of applications.

Automated applications

Automated applications integrate with the target application using connectors which enable near real time updates of identity information resulting from JML processes. In addition to the automation, organizations also benefit for the audit logs resulting from these operations and help to improve security. To integrate applications using connectors, follow the steps described below:

  • Deploy and register the connector
  • Import existing entitlements
  • Import existing users + entitlements
  • Configure provisioning / deprovisioning rules.

Manual applications

Unlike automated applications, where a connector enables near real time integration with the business application to support JML processes, the integration with manual applications is limited to importing data that has been exported from the application. The primary benefits of this level of integration are to be able to:

  • Have a complete few of a user's access across applications
  • Support governance activities such as access certifications
  • Support request/approval workflows
noteNote: As of release 4.2.2, the enterprise version contains a Robotic Process Automation (RPA) connector to allow deeper integration with applications which have not been easy to integrate with.

The sections below describe how to onboard applications which lack connectors.

  • Register application in OpenIAM
  • Load application entitlements
  • Load existing users and their entitlements