Provisioning information
Provisioning providers get information to identify the entities that were affected by a change. This information does not state what changed exactly. For example, upon a modification of the user email address, the provisioning event contains the information user X has been changed
, but not the e-mail address of user X has the new value Y
.
All provisioning events provide the type of operation, the identification of the actor, and the actual entity, to which the operation is applied.
Type of operation
Key: meta.operation
meta.operation
defines what happened with the underlying entity. The possible operations are the following:
- insert with value
i
: the entity is created. - delete with value
d
: the entity is removed, and does not exist anymore in nevisIDM. - update with value
u
: the entity is modified. - archive with value
ar
: the entity, that is, a user or profile, is archived - enable with value
en
: the entity, that is, a user or profile, is activated - disable with value
di
: the entity, that is, a user or profile, is disabled
Type of entity the operation affects
Key: meta.entity
meta.entity
defines the type of the involved nevisIDM entity. The value passed to the provider is equal to the actual name of the entity. The following entities are supported by the provisioning:
- user
- profile
- authorization
- credential
- client
- unit
- application
- role
- enterprise authorization
- enterprise role
- enterprise role member
Information about the actor, the user who carried out the operation
- key
actor.extid
:extId
of the acting user - key
actor.loginid
:loginId
of the acting user - key
actor.clientname
: name of the client, to which the actor belongs - key
actor.clientextid
: extId of the client, to which the actor belongs
Version of the entity
Key: object.newVersionNumber
object.newVersionNumber
defines the version of the entity, and can be used to look up the actual change of the entity. The version number of the entity is raised after any change to the entity. The increase can be of any size, but the new version number has to be higher than the old version number.
Information in the provisioning module for each entity
Application
Information in provisioning event
meta.operation
meta.entity
, that is,application
client.extid
client.name
application.name
application.extid
object.newVersionNumber
Description
The information provided affects application management only, and not the authorizations. A creation or removal operation represents the assignment or revocation of an application to a client, and not the actual creation or removal of the application itself. If an application is completely removed, an event is generated to each client, to which the application is assigned.
Authorization
Information in provisioning event
meta.operation
meta.entity
, that is,authorization
authorization.extid
client.extid
client.name
user.extid
user.loginid
profile.extid
application.name
role.name
role.extid
object.newVersionNumber
Description
The informazion affect the creation, modification, and removal of authorizations, and the assignment or revocation of role to profile. object.newVersionNumber
and authorization.extid
are not available for events triggered by enterprise roles.
Client
Information in provisioning event
meta.operation
meta.entity
, that is,client
client.extid
client.name
object.newVersionNumber
Credential
Information in provisioning event
meta.operation
meta.entity
(=credential
)client.extid
client.name
credential.extid
object.newVersionNumber
Profile
Information in provisioning event
meta.operation
meta.entity
(=profile
)client.extid
client.name
user.extid
user.loginid
profile.extid
object.newVersionNumber
Description
The information provided affects operations on the profile attributes and property values, and does not affect assignment or revocations of roles to the profile.
Role
Information in provisioning event
meta.operation
meta.entity
, that is,role
client.extid
client.name
application.name
role.name
role.extid
object.newVersionNumber
Description
The information provided affects the application or role management only, and not the authorizations. All events are triggered for all clients, to which the application of the role is assigned.
Unit
Information in provisioning event
meta.operation
meta.entity
, that is,unit
client.extid
client.name
unit.extid
unit.name
object.newVersionNumber
User
Information in provisioning event
meta.operation
meta.entity
, that is,user
client.extid
client.name
user.extid
user.loginid
object.newVersionNumber
Enterprise Role
Information in provisioning event
meta.operation
meta.entity
, that is,erole
client.extid
client.name
erole.extid
erole.name
object.newVersionNumber
Description
The information provided affects the creation, modification, and removal of an enterprise role.
Enterprise Authorization
Information in provisioning event
meta.operation
meta.entity
, that is,enterpriseauthorization
- eauthorization.extid
- client.extid
- client.name
- erole.extid
- erole.name
- unit.extid
- unit.name
- user.extid
- user.loginid
- profile.extid
Description
It can be configured with the application.modules.provisioning.erole.enabled
configuration setting (can be found in the chapter nevisidm-prod.properties, paragraph Provisioning module).
Enterprise Role Member
Information in provisioning event
meta.operation
meta.entity
, that is,ermember
- client.extid
- client.name
- erole.extid
- erole.name
- role.extid
- role.name
- application.extid
- application.name
Description
It can be configured with the application.modules.provisioning.erole.enabled
configuration setting (can be found in the chapter nevisidm-prod.properties, paragraph Provisioning module).