Skip to main content
Skip table of contents

Feature flags

Experimental flags are enabled per tenant and offer services that are not yet available to everyone.

Role approval insights

Flag: role-request-approval-insights

This feature flag enables the use of a Memority machine learning service to provide insights during a role assignment workflow.

The service has trained anomaly detection models that can detect suspicious role assignments.

How to enable

To enable this flag add the following configuration to the TenantConfiguration:

XML 
<featureFlagActivations>
  <featureFlagActivation>
    <service>citadel-bum</service>
    <label>role-request-approval-insights</label>
    <state>ENABLED</state>
  </featureFlagActivation>
</featureFlagActivations>

It is also necessary to set in UserTaskUI of the workflow screen the property:

XML 
<uiLayout>INSIGHTS</uiLayout>

This enables the new ui which contains the AI display component (the default value of uiLayout is “CLASSIC” if you need to revert).

Groovy API

Once enabled, it is also possible to obtain the insight during a role assignment workflow in a script task using the dedicated Groovy API (the API will not work in other contexts).

GROOVY 
// Obtain the insight for the identity and role of the concerned role assignment
// workflow. The feature flag must be enabled for this API to work.
def insight = API_AI_INSIGHTS.roleApproval()

// Obtain the global score (between 0 and 100).
// The global score takes into account the similarity of this identity
// with other identities.
// Lower values indicate that the role assignment is more suspicious.
// Higher values indicates that the role assignment seems normal.
int globalScore = insight.globalScore

def threshold = 50

if (globalScore >= threshold) {
    println "Seems normal"
} else {
    println "Seems abnormal"
}

// Obtain detailed scores for each attribute involved in the anomaly detection.
// This property serves to explain the result of the global score.
// Each entry contains a normalized SHAP value between -1 and 1.
// Higher values mean the attribute increases the global score,
// lower (negative) values mean it decreases the global score.
// In other words, the lower the value, the more this attribute
// lower the global score, indicating that the role assignment is abnormal.
Map<String, Double> scoreDetails = insight.scoreDetails

// Obtain the global reliability score (between 0 and 100).
// Higher values indicate higher confidence in the insight.
// The confidence might be low if there is not enough data.
// Note: in the UI this confidence is materialized by a ranking
// system of 5 stars.
int globalReliabilityScore = insight.globalReliabilityScore

// Obtain the date and time of this request.
Instant requestedAt = insight.requestedAt

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close