Configure people identifiers

In the Management Portal at Data Model > People Identifiers, configure methods to identify people in your environment. This can be the Windows user account or an e-mail address, but also an employee ID or phone number; as long as you can assign a unique value to it. User authentication in the Web Portal is also based on people identifiers.

You can specify individual values for a person by opening the person's record from the People page, then clicking the Properties tab.

Ivanti Identity Director contains two default people identifiers:

By default, people in your environment are identified through their Windows user account. You can change this at Setup > Behavior.

Configuration

Field

Explanation and Tips

Link to service attribute

Resolve the value of the people identifier automatically when someone subscribes to the service. For example, this allows you to determine the value through user input.

  • The person must subscribe to the service before the value of its service attribute can be resolved. The value only exists as long as the person subscribes to the service.
  • You can edit the resolved values.
  • If the people identifier inherit its value from a service attribute whose value is masked, the value of the people identifier is also masked.

Restricted information

Mask the people identifier value in the Management Portal. This ensures you can be compliant with the privacy laws of your country or organization, as unauthorized administrators do not have access to private information like e-mail addresses, phone numbers, social security numbers, etc. This functionality applies to the Management Portal only; restricted information is still shown in the Web Portal.

  • Unauthorized administrators see the icon Evil eye for restricted identifiers. At Transactions, restricted identifiers are shown as [identifiername]. Although unauthorized administrators cannot see the identifier value, this still allows them to verify if the context or definition of the identifier is correct.
  • You can set administrative permissions on this functionality.
See also

Was this article useful?    

The topic was:

Inaccurate

Incomplete

Not what I expected

Other