Customizing account status and compliance information in the View Access wizard
You can customize the account status and compliance information that is displayed on the access cards in the View Access wizard.
Before you begin
- Depending on your system customization, you might not have access to this task. Contact your system administrator to obtain access to this task, or to have someone complete it for you. See Location of Identity Service Center customizable files and Customization of Identity Service Center files for specific details about where these files are located.
- By default, the account status and compliance information is displayed on the access cards. Account status is displayed for the suspended and disallowed accounts. The compliance information is displayed for the accounts that are non-compliant. You might see the following compliance messages on the access cards:
- Compliance evaluation is pending
- Indicates that the access was returned from a reconciliation, which means it was not checked against the existing policies.
- Access is not compliant with the policy
- Indicates that the access can exist for the user, but that one or more of the underlying account attributes do not comply with the existing provisioning policies.
- Access is not allowed by the policy
- Indicates either that the access is not supposed to exist because the user is not allowed to have access to the specified resource, or that a provisioning policy is not defined for the resource.
- No message
- Indicates that the access is compliant.
About this task
Use the following sections to work with the configuration files or the configuration properties from the IBM Security Identity Manager virtual appliance console:The file Access.json contains the access attributes that are customizable. The access attributes can be in the following categories:
- To go to a custom file and edit, download, upload, or search it, see Managing custom files.
- To go to a property file and edit, upload, or search it see Managing the server properties.
- Standard attributes that are in the primary, secondary, tertiary, or image areas of the access cards. For more information about customizing the standard attributes, see Customizing an access card in the Request Access wizard.
- Attributes that are customized for the user-specific views. For example, account status and compliance information.
Procedure
- Optional: Customize the account status that is displayed on the access cards.
- Download a copy of the Access.json file. See Managing the server properties.
- Edit the file. The contents of this file are maintained in JavaScript Object Notation (JSON) format, which is way of representing structured data.For example:
"userAccessView": { "userId": { "attribute": "account.eruid", "display": true, "sort": { "enabled": true, "labelKey": "userId" } }, "showCompliance": true, "showAccountStatus": true }- If you do not want to display the account status on the access cards, set the value for showAccountStatus to false. For example, "showAccountStatus": false.
- Optional: Customize the compliance information that is displayed on the access cards.
- Download a copy of the Access.json file. See Managing the server properties.
- Edit the file. The contents of this file are maintained in JavaScript Object Notation (JSON) format, which is way of representing structured data.For example:
"userAccessView": { "userId": { "attribute": "account.eruid", "display": true, "sort": { "enabled": true, "labelKey": "userId" } }, "showCompliance": true, "showAccountStatus": true }- If you do not want to display the compliance information on the access cards, set the value for showCompliance to false. For example, "showCompliance": false.
Results
The account status and compliance information that are displayed on access cards are changed to reflect the customization that you made in the Access.json file.Parent topic: View Access wizard