Identity Director 2022.1

Starting with Identity Director 2022.1, you can use Access Certification to improve the management of users and entitlements in your environment.

This feature allows administrators to create and manage certification campaigns from the Management Portal. The newly added section contains a series of tabs which display campaigns according to their status. New campaigns can be created by clicking on the Add button at the bottom of the page.

Once a certification campaign starts, the selected reviewers are able to see it in the My Access Reviews tab of the Web Portal. After starting the review process, reviewers see a list of users that qualify for an entitlement and the options to either authorize or revoke access for each user. At this point, the reviewer can either complete the process in one go or save it and continue at a later date. Once completed, the campaign moves to the Completed tab under My Access Reviews and becomes read-only.

Please note that, at the moment, campaigns can only be created for entitlements. Additional options will be added in the future.

For a complete overview of the Access Certification feature, check out the Access Certification page in the Identity Director Help.

You can now set hourly intervals for email reminders for your workflow actions.

Previously, users remained enrolled when marked for deletion using an import file from which they had been removed. This behavior was changed in this version and users are unenrolled when marked for deletion.

All Multifactor Authentication add or removal operations are now logged in the Audit Trail.

At Setup > Multifactor Authentication, you can now decide whether or not you want to enforce multifactor authentication for the users in your environment.

While multifactor authentication is enabled in your environment, you can opt between making enrollment mandatory for everyone, or allowing your users to decide independently if they want to use an authenticator application or not.

This version of Identity Director includes the following performance-related improvements:

• The overall qualification processing has been improved through code and cache loading optimization.

• Qualification based on people attributes has been improved and changing a regular people attribute that is not used in qualifications does not trigger any qualification processing.

• The responsiveness and time interval before triggering services when people attributes change have been improved.

A new section called Authenticator Apps was added for both the Password Reset and the Unlock Account login page services. Enabling this option allows your users to choose enrolled authenticator applications as their preferred verification method in the Web Portal.