There’s a button “Create Certification”, when you click on that button, IDHub would bring you to the Create Certification Wizard, in order to create a new certificate.
The various steps of the Wizard and the details are as follows:
This is the 1st step in the certification creation wizard, the details that you have to fill in are as follows:
Certificate Definition name
This is the name of the certificate that you are going to create.
This is a drop-down. IDHub allows you to either create user based certification or resource based certification. The default is user based certification, but here you can change it to resource based certification.
In this section you need to enter the search keywords for the certificate.
In this section, you need to enter the description of the certificate.
Certification Request Approval
Approval workflow: IDHub provides you 3 different types of approval workflow for the certificate approval and they are as follows:
This means that a specific user would be approving the the certificate. This is the default selection. Therefore if this option/tab is selected, then just below there is a textbox, so that you can enter the name of the user who is going to be approving the certificate. You can enter some keywords for the user, the system would give some suggestions according to the typed keywords, you can select one from the given options.
This means that users belonging to a specific role would have the authority to approve the certificate. If this option/tab is selected, then just below there is a textbox, so that you can enter the name of the role . You can enter some keywords for the role, the system would give some suggestions according to the typed keywords, you can select one from the given options.
This means that no approval is required for the certificate to run.
Select Workflow for certification: By default, there is only 1 workflow attached to the certification process, so you can select that and click on NEXT button, to continue the next set of details for creating the certificate.
This is the 2nd step and in this step you will have to select the users who would be there for the certification. Now IDHub provides you 2 different ways of selecting the user and they are as follows:
By name is the default selection.
Here the you can enter the name of the user in order to select that user for the certification. There is a small plus icon, you need to click on that, then a small pop-up would show up, so that you can enter the name of the user in that pop-up box. Based on what you type in that box, system would give suggestions and you can then select any from the given options. You can enter/select multiple users here, so once you are done entering the users, you need￼ to click on the DONE button.
If you select By query, then you would be able to create a condition or query, through which you can select those users.
IDHub allows you to create a condition using 3 parameters.
Attribute drop-down are the different fields/attributes that you can select in order to create the condition. Attribute examples are: UserLogin, FirstName, LastName etc. So you can select any one from the drop-down.
The next step is to select the condition, IDHub provides the following options for the condition:
Then finally you have to select the attribute value. Again, IDHub provides the values in the drop-down, so that you can select the appropriate values from the drop-down accordingly to create the condition. IDHub provides you 2 different parameters ‘AND’ , ‘OR’
You have the flexibility to create and combine multiple parameters using ‘AND’ , ‘OR’
This is the 3rd step and in this step you will have to select the resources for which certification is going to be carried out. Now as described above (2nd step), IDHub provides you ability to select the resources either manually Or there is a query builder which you can use to create the certificate.
Adding the resources manually is the default selection and in this mode, IDHub provides you the list all the catalog items, so that you can select it accordingly.
In this section IDHub provides you FILTERS so that you can filter out the catalog items according to those filters.
The filters that are provided are as follows:
Therefore say for example: You can want to view only applications and select some applications from the left panel, so for that you can select the application filter and then select the applications from the left panel accordingly. Besides this, there is also a toggle button “Show only selected”. When you select this toggle button, then IDHub would show only those catalog items which you have selected.
If you want to add the resources via Query, then as described above (2nd step), IDHub provided you the query builder, where you can select the attribute, condition and value in order to build your query.
In this case, the attributes that are provided in the drop-down are as follows:
Therefore you can select any one of the above attribute, then add a condition and then select the attribute value from the drop-down accordingly. Again, you can also combine different parameters using ‘AND’, ‘OR’.
Certifier & Scheduler
This is the 4th step and in this step you would be selecting who would be the certifier and you can also select the scheduler for the certificate.
IDHub provides you 4 different types of ways of selecting a certifier and they are as follows:
Select a User
The ‘Select a User’ is the default option.
This option means that a specific user would be certifier for the certifications tasks. Therefore in this option, IDHub provides you a text box, where you can start typing the name of the user. IDHub would provide you automatic suggestions. You can select any from the given options and select a particular user, who would be the certifier and would be responsible for doing the certification tasks.
The ‘Select a Role’ is the 2nd option.
This option means that users belonging to a specific role would be certifier for the certifications tasks. Therefore in this option, IDHub provides you a text box, where you can start typing the name of the role. IDHub would provide you automatic suggestions. You can select any from the given options and select a particular role.
The ‘Beneficiary’s Manager', option means that the person who is the manager of the beneficiary user, he/she would be the certifier.
The ‘Resource Owner’, options means that the person who is the owner of the resource, that person/user would be the certifier.
This is the 5th step and in this step you basically specify some settings for the certification. Those settings and details are explained below:
In this section some configuration settings are displayed for the certification, those configuration settings are as follows:
Require comments on all certify operation
This means that the certifier needs to put comments on all the certify operation that he is going to be doing.
Require comments on all revoke operation
This means that the certifier needs to put comments on all the revoke operation that he is going to be doing.
This means that the certifier would have the ability to re-assign the certification task
Prevent self certification
This means that the system wouldn’t allow the user to self certify.
In this section, IDHub allows you to define who is going to be the alternate certifier in case the certifier isn’t available. There are 3 ways of assigning the alternate certifier and they are as follows:
This is the default option and this means that certifier user’s manager would be the alternate certifier and would have the authority to do the certification task.
In this option, IDHub allows you to select a specific user to be the alternate certifier. There is the Select User textbox, where you can enter the name of the user, system would give suggestions based on the typed keywords and you can select the user from the given options.
In this option, IDHub allows you to select a role to be the alternate certifier. There is the Select Role textbox, where you can enter the name of the role, system would give suggestions based on the typed keywords and you can select the role from the given options.
This will come in future release.
Finally in this section, you will be determining what would be the duration of the certificate. After this duration, the certificate would expire. IDHub allows you to set the duration in days, months and years. Therefore you can select days/month/year from the drop-down and then enter the number in the textbox in order to define the certificate duration.
This is the last and the final step, which is basically a summary page, and IDHub would show you all the selections and details that you have entered in the previous steps for the certification. If this looks good, then you can go ahead and click on Submit button in order to create the certificate OR you can always click on the previous button at the bottom to go the previous steps and edit any details for the certificate.