cancel
Showing results for 
Search instead for 
Did you mean: 

GRC 12:FF ID Request in IDM-GRC provisioning

plaban_sahoo6
Contributor
0 Kudos
659

HI All,

in a IDM-GRC set-up where IDM does the provisioning, can we have ONLY ff ID access requests provisioned by GRC.

The initiator rule/BRF rule used consists of the calling of risk analysis function module followed by reading the risk analysis results into the decision table.

However, inclusion of the Request type column in this decision table does not pick up our FF id rule result. it picks up the rule result NO-SOD-PATH. i think the reason is because the FF id request consists of FF id. And is therefore the FM is not not able to perform the risk analysis. Thus giving a NO-SOD-PATH.

Looking forward your suggestion. And my set-up is a centralized provisioning one, where Global provisioning is set to 'No Provisioning' in GRC.

If we make this setting as Provisioning enabled, we think that GRC will do the provisioning for other request types as well, which is not desirable. Because IDM is doing it.

Regards

Plaban

Accepted Solutions (0)

Answers (1)

Answers (1)

geraldfest
Product and Topic Expert
Product and Topic Expert
0 Kudos

Hi Plaban,

I am not sure what the initiator has to do with the provisioning problem (as it can be adapted if needed by a custom one), but let me try to answer the provisioning problem. Here, it depends on whether you are using the classical AC/IDM integration (request starting in IDM) or the new one (request starting in AC).

For the former the provisioning settings are considered, so 'No provisioning' actually means also no FF IDs are provisioned by AC. For the latter this is supposed to work (please check note 3156573 for a required fix).

Best regards

Gerald