Identity Director Administration Guide

Home 

Configure people identifiers

In the Management Portal at Data Model > People Identifiers, configure methods to identify people in your environment. This can be the Windows user account or an e-mail address, but also an employee ID or phone number; as long as you can assign a unique value to it. User authentication in the Web Portal is also based on people identifiers.

You can specify individual values for a person by opening the person's record from the People page, then clicking the Properties tab.

Identity Director contains two default people identifiers:

  • Primary e-mail address
  • Windows user account

By default, people in your environment are identified through their Windows user account. You can change this at Setup > Behavior.

Configuration

Field Explanation and Tips
Link to service attribute Resolve the value of the people identifier automatically when someone subscribes to the service. For example, this allows you to determine the value through user input.
  • The person must subscribe to the service before the value of its service attribute can be resolved. The value only exists as long as the person subscribes to the service.
  • You can edit the resolved values. [Third bullet removed as per WI 580142]
Restricted information Mask the people identifier value in the Management Portal. This ensures you can be compliant with the privacy laws of your country or organization, as unauthorized administrators do not have access to private information like e-mail addresses, phone numbers, social security numbers, etc. This functionality applies to the Management Portal only; restricted information is still shown in the Web Portal.
  • Unauthorized administrators see the icon Evil eye for restricted identifiers. At Transactions, restricted identifiers are shown as [identifiername]. Although unauthorized administrators cannot see the identifier value, this still allows them to verify if the context or definition of the identifier is correct.
  • Unauthorized administrators cannot search for people based on restricted identifiers.
  • You can set administrative permissions on this functionality.
  • People identifier values have a limit of 255 characters. If the value of a people identifier exceeds this limit, for example because it is linked to a service attribute or because it is set by a Set Person Attributes and Identifiers action, it is truncated to 255 characters.
See also

Was this article useful?