Tutorial for Identity Selector configuration for Role Owners
Today’s blog features a tutorial detailing the Identity Selector configuration for Role Owners.
We had a requirement to configure a Role Creation and Modification workflow for which there was a criterion defined for Role Owners.
We have customized the Identity selector list for role owners in the UI for which those users who pass the criteria should be visible only.
Let us take a requirement where only those Role Owners who are Employee & have a designation of manager or above should be allowed to be as role owner.
We will first list out the designations of employees who are managers or above. In our case the Designation of Manager or above are below:
- Senior Director
- Senior Manager
- Senior Vice President
- Vice President
To get the value of Role Owner for customizing Identity selector, you will need to use a URL tracing tool like SAML Tracer or Firebug.
We will be using SAML Tracer in this example:
Go to IIQ Console on your Mozilla Firefox and open the SAML Tracer (Firefox add on):
Under the roles, create a new role:
Select the Owner drop-down and open SAML Tracer to get the parameter value:
Check the suggestID parameter value:
We have got the Role Owner value which is editedRoleOwnerSuggest.
Now we will configure the Role Owner value in the Identity Selector Configuration.
Go to the Debug Page/Object Browser/Configuration and open Identity Selector Configuration:
Create the configuration for Role Owner:
Save the Identity Selector Configuration and Reset Configuration Cache:
Now if you try to create or modify a role, only the Users who are employees and have Designation of Manager or above will be shown at the drop-down of Owners.