Customize the scope of user lists for tasks

To limit the list of users displayed in the task we can customize the definition of a task. The definition can limit the list to include only the users relevant for the current Identity Service Center user. We must have read and write access to the customizable files and the directories where they are maintained. See...

• Location of Identity Service Center customizable files
• Customization of Identity Service Center files

To work with the configuration files and properties, see:

• Manage custom files

• Manage the server properties

The home page and page header menus of the Identity Service Center display tasks that the user is allowed to perform. Some tasks, such as the Request Access task, involve the selection of one or more users from a list. For some organizations, this list of users can be large..

We can customize the definition of tasks so that the user list shows only the users relevant for the current Identity Service Center user. For example, we might want the list of users to be restricted to only those users in the department that is managed by the current user. The config/ActionDefinition.json file defines how tasks are launched when the user selects them. The contents of this file are maintained in JavaScript Object Notation (JSON) format, which is a way of representing structured data. Each section in this file defines the launch information for one task, as shown here for the Request Access task.

  "SVCENTER_REQUEST_ACCESS": 
  {
     "actionType": "CreateFlow",
     "urlHash":"requestAccess",
     "properties": 
     {
         "widgetPath": "com/ibm/isim/ui/util/uiflow/requestaccess/RequestAccessFlow",
         "widgetArgs": { "personFilterId": "" }     
     } 
  },

The properties section contains a widgetArgs field that defines a list of JavaScript variables passed to the task when it is launched. The value of the personFilterId variable specifies the filterId. The filterId is configured in the custom/rest/searchfilter.json file. This filter is used by the task when it looks for users relevant to the current Identity Service Center user.

The value can be customized to suit the needs of the organization by modifying the attribute baseFilter for the configured filterId in the custom/rest/searchfilter.json file. For example, see Filter configuration for REST search services.

1. ActionDefinition.json file.

2. Locate the section of this file that describes the launch information for the task to be customized, such as SVCENTER_REQUEST_ACCESS.

3. Specify the filterId for the user list in the task by modifying the value of the personFilterId variable of the widgetArgs field in the properties section to

4. Upload the modified file.

5. Restart ISIM application to make the changes effective.

When the task with the customized user scope is launched, the list of users is restricted to only those users that match the specified filter. Only those users are displayed on the Select user page.

In a managed-cluster environment, we must wait until after the configuration is synchronized to the application servers in the cluster.

Log in to the Identity Service Center and verify the scope reflects the your customizations.

Parent topic: Identity Service Center user interface customization