Skip to main content
Skip table of contents

Identity Lifecycle

Memority allows customers to manage different objects (Identities, Organizations, Resources, etc.) and create different types (e.g. Internal, External, Partner for Identities; Business Unit, Site, Subsidiary for Organizations; Application, Server, Supply for Resources.)

Lifecycle

Memority natively supports several identity states:

Memority Identity Lifecycle

  • Creation: The identity is duly created in the Memority directory. However it has yet to be activated and therefore cannot be granted accesses. This state may be useful to anticipate onboarding and create some basic rights (e.g. mailbox).

  • Activation: The identity is activated. Access rights can be granted or removed. This is the nominal state for all operating identities.

  • Suspension: The identity is temporarily disabled (e.g. following a malicious act). Accesses can be stripped away to limit risk and the user is no longer able to connect. Suspension is an emergency measure, not the first step to deletion.

  • Deactivation: The identity is deactivated. Accesses are stripped away and the identity enters the defined deletion process. Deactivation state is reversible: identities can be reactivated if necessary.

  • Soft Delete: The identity is archived on the tenant for 6 to 12 months (configurable). Some attributes (e.g. Manager, Site, etc.) can be cleaned. This is the final step before complete deletion. It is reversible.

  • Hard Delete: The identity is completely and irreversibly wiped from the Memority Directory.

Execution

The identity lifecycle can be managed either:

  • Manually through features configured in the Memority User Portal, or

  • Automatically through configured scheduled jobs based on start and end date attributes.

Scheduled Jobs are automatically triggered to execute desired business processes when these dates are reached (Activation, Deactivation, Soft Deletion, etc.).

Workflows

Workflows can also be configured for each process if customers need to implement human control and avoid accidental deactivation/deletion.

On the same principle, Memority allows to configure derogative processes based on flags or identity attributes to avoid an automated lifecycle execution.

Stages Details

Each of the pages below describes in more detail each step of the identity lifecycle :

Identity Creation & Activation (Joiner)
Identity Transfer (Mover)
Identity Suspension/Reactivation
Identity Deactivation (Leaver)
Identity Deletion
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close