Thank you for supporting the Cloud Customer Connect Community in 2024. It's a gift to work with you!

Look back
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

How do you avoid orphaning users in IDCS when deprovisioning roles in EPM (via Restapi)?

in Identity and Access Management

We are building a scim-like automation to provision and deprovision users and roles in EPM.

EPM by default has a number of instances all pointing to a single IDCS instance. Per documentation, removing a user is something that would happen once they have been deprovisioned from all roles in all EPM environments. It appears that you should not remove a user while removing their last role, because that user could have a role in a different environment. But in the case of employee terminations, we do want a way to make sure the user is removed eventually.

I will cover some creative integrations we thought about below, and why they are not ideal. Here are the questions I am looking for an answer to:

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!