IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

Identity Governance and Intelligence as Launch point for other applications in the organization

By Tushar Mehta posted Mon October 28, 2019 04:57 PM

  

By Tushar Mehta and Madhura Damare

All organizations have multiple applications. Everyone wants a single point of entry for applications in the organizations so that the users don’t juggle for applications links/URLs. Identity Governance and Intelligence (called IGI here onwards), is a tool for managing Identity, accesses and governing them. Along with this IGI can also be used as launch point for other application by hooking links in it. So that when user logs in to IGI service center, based on the access user has, he/she will see additional application links. When single-sign on is implemented in the organization, then it become a seamless experience for the users. 

 

This article intends to share steps to configure IGI such that, it become a single launch point for other applications in the organization. 

   

The steps to do the customization are as follows: 

 

  1. IGI virtual appliance console (VA) , Configure→Custom File Management should be selected, as seen in below diagram. 

 

 

 

  1. Create an application.xml file. You can download the sdk.zip from sdk folder. Extract the zip file. A sample application.xml is available at: customization\IDEASPlatformEnvCustom\properties\desk\console 

 

 

 

 

 

<DESK> 

<REALM name="IDEAS" label="IDEAS" enableHeaderAuth="true" isDefault="true"> 

<APPLICATION name="SN" label="Service Now" url="https://xxxxx.service-now.com/" openInNewWindow="true" checkISIGPermission="true" img="" img_dis="" img_rol="" order="10" isEndUser="true" showIfDisabled="true"/> 

 

<APPLICATION name="PadLock" label="Secure Systems" url="https://devpadlock.org.com/" openInNewWindow="true" checkISIGPermission="true" img="" img_dis="" img_rol="" order="11" isEndUser="true" showIfDisabled="true"/> 

 

<APPLICATION name="SAP-FICO" label="SAP Financial Accounting" url="https://sap.org.com/" openInNewWindow="true" checkISIGPermission="true" img="" img_dis="" img_rol="" order="8" isEndUser="true" showIfDisabled="true"/> 

 

</REALM> 

</DESK> 

  1. In the above xml sample, you can define the order in which you want to display the applications links to the user. You can also elaborate the name you want to show to the user. For more details on the different attribute you can refer to: https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.5/com.ibm.igi.doc/CrossIdeas_Topics/Advanced_Customizations/Custom_Realm_Desk/Custom_Desk.html 

 

  1. Upload the application.xml at (create the directory structure for first time.): directories/properties/desk/console   

 

 

 

 

 

  1. Restart IGI server. 

 

 

 

  1. Configure the application in IGI either by configuring Enterprise connector or creating an application. 

 

 

 

  1. If user has access to the given application, user will see that as an additional menu in IGI Service center. 
  1. Here user Jean has access to two applications, she can see only those 2 applications in the order defined in the xml. 

 

  

  1. User Alan has access to Service Now and Secure Systems 

 

 

 

 

 

Page Urls 

https://www.ibm.com/support/knowledgecenter/en/SSGHJR_5.2.5/com.ibm.igi.doc/CrossIdeas_Topics/Advanced_Customizations/Custom_Realm_Desk/Custom_Desk.html 

 

0 comments
9 views

Permalink

https://community.ibm.com/community/user/blogs/tushar-mehta1/2019/10/28/identity-governance-and-intelligence-as-launch-poi