Access catalog properties

Access catalog properties

The com.ibm.itim.accesscatalog.groupIntersectionJoin.enabled enables support for searching group access when requesting access in the Identity Service Center when Intersection Join directive is used for the group attribute. The com.ibm.itim.accesscatalog.customJoin.enabled enables support for searching group access when requesting access in the Identity Service Center when Custom Join directive is used for the group attribute.

com.ibm.itim.accesscatalog.groupIntersectionJoin.enabled

Do not change this property value unless you are a qualified administrator.
Enables support for searching group access when requesting access in the Identity Service Center in the case where Intersection Join directive is used for the group attribute.
Values include.

true
false

The default is false.
Example (default).
com.ibm.itim.accesscatalog.groupIntersectionJoin.enabled=false

com.ibm.itim.accesscatalog.customJoin.enabled

Do not change this property value unless you are a qualified administrator.
Enables support for searching group access when requesting access in the Identity Service Center in the case where Custom Join directive is used for the group attribute.
Values include.

true
false

The default is false.
Example (default).
com.ibm.itim.accesscatalog.customJoin.enabled=false

enable.service.access

Do not change this property value unless you are a qualified administrator.
Specifies whether a service is defined as an access by default during creation. Values include:

true
false

If the value is not defined, the value defaults to false.

For upgraded installations of IBM Security Identity Manager, the default value is false.
For new installations of IBM Security Identity Manager, the default value is true.

Example (default.
enable.service.access=false

enable.group.access

Do not change this property value unless you are a qualified administrator.
Specifies whether groups are defined as access by default when a group is created or modified.. Values include:

true
false

If the value is not defined, the value defaults to false.

For upgraded installations of IBM Security Identity Manager, the default value is false.
For new installations of IBM Security Identity Manager, the default value is true.

Example.
enable.group.access=false

enable.role.access

Do not change this property value unless you are a qualified administrator.
Values include.

true
false

If the value is not defined, the value defaults to false.

For upgraded installations of IBM Security Identity Manager, the default value is false.
For new installations of IBM Security Identity Manager, the default value is true.

Example.
enable.role.access=false

access.request.staging

Do not change this property value unless you are a qualified administrator.
Specifies whether to stage the authorized dynamic service and group entitlements for a person during the access request for a person. Staged dynamic entitlements are cleared after 30 minutes. Values include:

true
false

If the value is not defined, the value defaults to false.

For upgraded installations of IBM Security Identity Manager, the default value is false.
For new installations of IBM Security Identity Manager, the default value is true.

Example.
access.request.staging=true

Parent topic: System property configuration in enRole.properties

com.ibm.itim.accesscatalog.groupIntersectionJoin.enabled
	Do not change this property value unless you are a qualified administrator. Enables support for searching group access when requesting access in the Identity Service Center in the case where Intersection Join directive is used for the group attribute. Values include. true false The default is false. Example (default). com.ibm.itim.accesscatalog.groupIntersectionJoin.enabled=false
com.ibm.itim.accesscatalog.customJoin.enabled
	Do not change this property value unless you are a qualified administrator. Enables support for searching group access when requesting access in the Identity Service Center in the case where Custom Join directive is used for the group attribute. Values include. true false The default is false. Example (default). com.ibm.itim.accesscatalog.customJoin.enabled=false
enable.service.access
	Do not change this property value unless you are a qualified administrator. Specifies whether a service is defined as an access by default during creation. Values include: true false If the value is not defined, the value defaults to false. For upgraded installations of IBM Security Identity Manager, the default value is false. For new installations of IBM Security Identity Manager, the default value is true. Example (default. enable.service.access=false
enable.group.access
	Do not change this property value unless you are a qualified administrator. Specifies whether groups are defined as access by default when a group is created or modified.. Values include: true false If the value is not defined, the value defaults to false. For upgraded installations of IBM Security Identity Manager, the default value is false. For new installations of IBM Security Identity Manager, the default value is true. Example. enable.group.access=false
enable.role.access
	Do not change this property value unless you are a qualified administrator. Values include. true false If the value is not defined, the value defaults to false. For upgraded installations of IBM Security Identity Manager, the default value is false. For new installations of IBM Security Identity Manager, the default value is true. Example. enable.role.access=false
access.request.staging
	Do not change this property value unless you are a qualified administrator. Specifies whether to stage the authorized dynamic service and group entitlements for a person during the access request for a person. Staged dynamic entitlements are cleared after 30 minutes. Values include: true false If the value is not defined, the value defaults to false. For upgraded installations of IBM Security Identity Manager, the default value is false. For new installations of IBM Security Identity Manager, the default value is true. Example. access.request.staging=true