Use Case
Onboarding External users from Saviynt UI into Organizations
Pre-requisites
1) Sav Role.2)Register User form should be configured alongside Global config for Invitation based onboarding.
3)Smtp is Configured to send emails.
4) Email templates are configured to send to external user for registration
5) User creation/Modification Workflow is configured with Invite Block
Applicable Version(s)
EIC versions (2021.x and above)
Solution
1) Make Sure the following access is added in SAV ROLES in Feature list
Show
515202550100
entries
FEATURE DESCRIPTION CATEGORY
| Create User Request | Allows users to request for another user creation or send invitation for guest users to register themselves in Security Manager | |
| Update User Request | Allows users to request for updating other user details in Security Manager |
Also in Create request Home option
Create user request and Update User request is checked
2) Set up global configurations. The Identity Lifecycle global configurations page provides settings for security and acknowledgment options (for terms and conditions). These settings are listed below for your reference:
Invitation Time-To-Live: The amount of time (in minutes) for which an Invite URL exists before it expires. If the configured time elapses, the guest user is no longer taken to the User Registration page.
Invite URL Maximum Retry Count: The maximum number of times a guest user can try to open the Invite URL.
Acknowledge Checkbox for Create User: Enables the Acknowledgment option in the Create User Request (Inviter) form.
Acknowledge Checkbox for Invitation Form: Enables the Acknowledgment option in the guest user registration form.
- Register User Form can be configured in Global Config -> Identity Life cycle . Sample forms are available in Best practices Section of TPAG in Forums
3) Mae Sure the SMTP is Configured so that the emails are going out. (https://docs.saviyntcloud.com/bundle/EIC-Admin-v24x/page/Content/Chapter06-EIC-Configurations/Config...)
4)Email Templates:
Invitation Email: This is a mandatory email template that is configured as the Notification Email Template in the workflow Invite activity. The email contains the unique URL of the secure user registration form that the invitee receives. Ensure that the email contains the following binding variable that substitutes the URL of the end user Registration Form that is automatically triggered.
<https://<Domain Name>/ECM/home/external?token=${token}
Notification Email: This is an optional email template. If you want to send a notification email to another user while sending out an invitation; typically, the sponsor or the manager of the invitee, configure the Notification Email Template (Requestor) in the workflow Invite activity.
Reminder Email: This is an optional email template. If you want to send a reminder to an invitee who has not acted upon the invitation, configure this template as the 1st Reminder Email Template in the workflow Invite activity.
Samples can be found in the best Practices Section in forums for TPAG.
5) you must create a workflow and add the Invite activity to it. This activity manages the invitation to a guest user. It generates a secure URL for the end user registration form
Samples can be found in the best Practices Section in forums for TPAG.
References
https://docs.saviyntcloud.com/bundle/EIC-Admin-v24x/page/Content/Chapter13-Access-Requests/ars-mang-...
