Importing roles
New roles can be imported in bulk using the synchronization service.
To import an existing list of roles or to import roles from an application, go to Provisioning -> Synchronization. Here, one can see a list of predefined synchronization options.
To import roles from a CSV file, search and select a CSV ROLE Example option as shown in figure below.
The details of the import process are handled by the Groovy scripted define in the Transformation rule filed.
This script defines the fields, including the field name. Hence, it is important that the CSV file structure aligns with structure defined in the script. The list of fields is described in the table below.
| Column name | Description |
|---|---|
| MANAGED_SYSTEM_NAME | Managed system name - Application that this entitlement belongs. |
| DESCRIPTION | User friendly description of this application or service |
| IS_MANUAL | Y - if a connector does not exist. N - if a connector does exist |
| IS_ACTIVE | Y - Configuration is available for use. N - configuration disabled and no tasks will be processed for this application. |
| IS_VISIBLE | Y - Application is visible in the catalog. N - application is not visible in the catalog. |
| PARTICIPATE_IN_ACCESS_CERTIFICATION | Y - Application is available for use in access certification. N - application is not available for use in access certification |
| CONNECTOR_NAME | Name of the OpenIAM connector which will be used with this configuration |
| URL | URL of the application, service or tenant. |
| PORT | Port this application is listening on. |
| CATEGORY_NAME | Category under which the application should be listed in the service catalog. |
| PERMISSIONS_LIST | Permissions which will be used with this application. Example: READ, WRITE, EXECUTE. These can be unique to this application |
| APPLICATION_OWNER_TYPE | Type of application owner: User or Group |
| APPLICATION_OWNER | Name of the application owner |
| APPLICATION_ADMIN_TYPE | Type of application admin : User or Group |
| APPLICATION_ADMIN | Name of the application admin |
| APPROVER1_TYPE | Type of first approver: Supervisor, application owner, application admin, entitlement owner, specific user or group |
| APPROVER1 | Name of the first approver (user name or group name ) |
| APPROVER2_TYPE | Type of second approver: Supervisor, application owner, application admin, entitlement owner, specific user or group |
| APPROVER2 | Name of the second approver (user name or group name ) |
| APPROVER3_TYPE | Type of third approver: Supervisor, application owner, application admin, entitlement owner, specified user or group |
| APPROVER3 | Name of the third approver (user name or group name ) |
After the file has been prepared, upload it to OpenIAM by clicking Browse as shown below.
After processing the file, the import will be completed and the roles will be visible in the Role manager.
Note. The CSV file structure must correspond to the indicated field structure. In case you need to adjust the structure, the corresponding script must be adjusted as well to process the added columns.