Skip to main content
Skip table of contents

SOD Policies - DRAFT

Definition

A SOD Policy allows to define what kinds of conflicts you can create and what attributes the system will use to detect them.

Configuration

You can access the SOD Policy configuration :

  • by clicking on "Portal" → “SOD Policy

  • by clicking on "System" → "Configurations" → "Data Model" and perform an import/export.

Properties

Properties name

Type

Mandatory

Description

Modifiable after creation

id

String

YES

The id is the unique identifier of the SOD Policy. 

It is case sensitive and no special characters (except - or _) are allowed.

NO

name

String

YES

The SOD Policy name.

The name may be different from the identifier.Must be at least 4 characters long.

YES

active

Boolean

NO

Allows to define if the Password Policy is activated or not.

ON, OFF

description

String

NO

Allows to describe the SOD Policy.

YES

sodRuleTypeId

String

NO

Used to indicate the id of the SOD Rule Type which refers to the Policy.

YES

type

Enum

YES

Used to indicate the SOD Policy Type.

YES

APPLICATION_TO_APPLICATION,

SOD Type Properties

Application to Application type

This type will be used when the incompatibility is determined based on the values of the Role Attributes (flagged as resource).

Property name

Type

Mandatory

Description

application1SodAttribute

String

YES

Indicates the id of the Attribute that will hold the first incompatible Application.

Must be a mono-valued RESOURCE_REFERENCE attribute bound to the configured SOD Rule Object Type

application2SodAttribute

String

YES

Indicates the id of the Attribute that will hold the second incompatible Application.

Must be a mono-valued RESOURCE_REFERENCE attribute bound to the configured SOD Rule Object Type

Examples

SOD Policy - Application to Application
CODE 
   <ctdidm:SodPolicy id="sodApplicationPolicy">
      <name>sodApplicationPolicy</name>
      <description>SOD Application Policy - Application to Application</description>
      <active>true</active>
      <sodRuleTypeId>sodRuleApplication</sodRuleTypeId>
      <strategy xsi:type="ctdidm:ApplicationToApplicationSodStrategyType">
         <application1SodAttribute>sodApplication1</application1SodAttribute>
         <application2SodAttribute>sodApplication2</application2SodAttribute>
      </strategy>
   </ctdidm:SodPolicy>

Read Next

Business Policies — A Business Policy allows to configure how to trigger actions on Object Types through a Feature with an optional configured Workflow.
Object Policies — An Object Policy is an Identity Management Service Policy allowing to execute arbitrary actions on Managed Objects, either on a scheduled basis, or in reaction to an Object Operation.
Deduplication Policies — A Deduplication Policy describes how duplicates should be searched for when creating a managed object.
Feature Access Policies — A Feature Access Policy is composed of a right which encompasses several Features.
Manual Provisioning Policies — A Manual Provisioning Policy allows to define that manual provisioning or deprovisioning Workflow is launched when the Role assignment status changes.
Object Lifecycle Policies — An Object Lifecycle Policy allows to configure rules, on all Object Types, that will alter an Object attribute directly when certain lifecycle events occur.
Password Policies — A Password Policy determines how passwords should be composed and which rules apply to their lifecycle.
Role Request Policies — A Role Request Policy allows to define if a Role can be requested, for whom, by whom, and using which Workflow.
Workflow Administration Policies — A Workflow Administration Policy is composed of a right which encompasses several Features.
Memority MFA Account Policies — A Memority MFA Policy allows to configure how multi factor authentication should be applied to a population of user
Homepage Selection Policies — A Memority Home Page Selection Policy allows to configure differents home page depending on user rights.
SOD Policies - DRAFT — A SOD Policy allows to define what kinds of conflicts you can create and what attributes the system will use to detect them.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close