Provisioning - how to force provisioning for roles
USE CASE
We have a system, where we need to send all roles, that user actually has in IDM. This solution is designed to configure system id for which we will provide all roles, that account has. It basically switches off incremental provisioning and force provisioning whenever role request for our configured system appears.
How to start it?
1) First of all, we need to create an identity which will be on our system - it can be done by creating system role and giving it to our identity - see this tutorial for adding a role to identity: Role assignment - changing roles of users manually
2) The processor is by default off, so we need to start it! To do so go to Settings → Modules → Processors
3) Here we need to find processor extras-role-request-identity-system-processor and in the right click to activate. See the following picture
4) We need to set configuration
- go to settings → configuration
- add the new property as shown in the image - Key: idm.sec.extras.configuration.systemId , value: your system UUID