1. Add, Approve, View, and Retire an Application

Summary:

Administrators are responsible for on-boarding new Applications into IDHub. In this scenario, we will Add, Approve, and Retire an Application. To learn more about Administrators, Applications, Application Management, and Connected Applications see the https://sath.atlassian.net/wiki/pages/resumedraft.action?draftId=710443078. Follow the below steps to Add, Approve, View, and Retire an Application:

Step 1:

  • Login as an Administrator

  • From the Dashboard, navigate to the “Manage Catalog” section

  • Add an Application and complete the 7 sets of required information:

    • Basic details: This section determines the name of the Application and any associated Roles that will be given with approval.

    • Application Owner: This section determines the admin and IT responsible for the Application

    • Integration details: For Field Testing, all Applications are non-trusted and disconnected

    • Approval Workflow: This identifies what the Approval process will look like.

      • Will this Application require Auto Approval, Manager Approval, or Group Approvals?

      • Make this Application “Requestable”

    • Attributes: These provide information related to each Attribute within the Application.

      • Attribute Example: Field Name=First Name & Matching Attribute=First Name

      • At least one Attribute must have “Reconciliation Key” and “Unique Field” turned on

    • Entitlements: These are a set of permissions that determine what a User can or cannot do

      • Add a few requestable Entitlements with varying Approval Workflows

        • Entitlement Examples: EndUser=End User, HR=Human Resources

  • Submit the Request for the new Application

Step 2:

Login as an Access Manager and Approve the new Application Request

Step 3:

  • Login as the Administrator who created the Application and view the status

  • From the Dashboard, navigate to the “Manage Catalog” section and “Retire” the Application

*Note: Please do not remove any Applications, aside from the one you created

*Note: In the event you need help navigating this scenario, follow the below instructions:

1. Add Application as Administrator Instructions

  • Login as an Administrator

  • From Dashboard, click on "Manage Catalog" button

  • Click on “Add Application” drop-down and select “Add Application”

  • Within “Basic Details” section, complete all textbox fields

  • Within “Application Owner” section:

    • Type Administrator name into “Business Owner” and Manual Fulfiller name into “IT Owner” textbox fields

    • Select “IDE Shim” from “IDM” drop-down

  • Within “Integration Details” section:

    • Select “No” from “Trusted Reconciliation” drop-down

    • Select “Disconnected” from “Integration Level” drop-down

  • Within “Approval Workflow” section:

    • Select “Auto Approval Application” from “Approval Workflow” drop-down

    • Type “Access Manager” into “Fulfiller” textbox field

  • Turn On “Requestable” button on bottom of page

  • Click “Next” button

  • Within “Add Attributes” section:

    • Type “Login” into “Field Name” textbox field

    • Select “String” from “Data Type” drop-down

    • Select “User Login” from “Matching Attribute” drop-down (this will match fields)

    • Turn On “Reconciliation Key” and “Unique Field” buttons

      • At least one Attribute must have these two turned on: example - Login

    • Click “Add” button

*Note: At this point, after you have clicked the “Add” button, you have the option to add additional attributes within the application by completing the “Add Attribute” section again. If additional attributes are not required, move on to the next steps to finish on-boarding the application.

  • Click “Next” button

  • Observe “Add New Entitlement” section

  • Within “Basic Details” section, complete all textbox fields:

    • Enter “Entitlement Display Name” and “Entitlement Name” in textbox fields

      • Example: Entitlement Display Name=Admin, Entitlement Name= Administrator

    • Enter “Description” in textbox field

      • Example: “Entitlement needed with application access”

  • Within “Access Details” section:

    • Select “Auto Approval Application” from “Approval Workflow” drop-down

    • Type “Manual Fulfiller” into “Fulfillment Info” textbox field

    • Turn On “Requestable” button on bottom of page

  • Click “Add” button

*Note: At this point, after you have clicked the “Add” button, you have the option to add additional entitlements within the application by completing the “Basic Fields” and “Access Details” sections again. If you choose to add additional entitlements which require higher levels of approval, you are welcome to do so. Simply follow these steps again and change the “Approval Workflow” to “Group Approval Application” and add different approver groups within the “Approver 1, 2, and 3” textbox fields. If additional entitlements are not required, move on to the next steps to finish on-boarding the application.

  • Click “Submit” button

  • Enter submission reason

  • Click “Submit” button

  • Observe popup message in upper right informing Request successful

  • Application has been sent for on-boarding and now requires Approval

  • Logout by clicking on “Logout” located on bottom left hand corner

2. Approve Application as Access Manager

  • Login as an Access Manager

  • Navigate to “Tasks” section

  • Observe open Tasks which require Approval

  • Open new Application Request Task by clicking the hyperlink on the description

  • Observe information within Details, Attributes, and Entitlements tabs

  • Observe available actions for Task by clicking on “Ellipsis” button on bottom of page

  • Select “Escalate”

  • Observe the textbox which appears for entering the escalation reason

  • Close textbox by clicking on ‘x’

  • Click “Claim” button

  • Enter claim reason

  • Click “Claim” button

  • Observe popup message in upper right informing Task action performed successfully

  • Click “Approve” button

  • Enter approval reason

  • Click “Approve” button

  • Observe popup message in upper right informing Task action performed successfully

  • Observe the Task is no longer present on “Tasks” page

  • Logout by clicking on “Logout” located on bottom left hand corner

3. View Approved Application as Administrator

  • Login as the Administrator who created the application

  • From Dashboard, click on "Track Request" button

  • Open new Application creation Request by clicking the hyperlink on the description

  • Observe “Request Workflow” section informing current status of Request

  • Observe information within Details, Attributes, Entitlements, and Reconciliation Logs tabs

4. Retire Newly Approved Application as Administrator

  • From Dashboard, click on "Manage Catalog" button

  • Click on “Applications” tab

  • View list of Applications in catalog

  • Type newly Approved Application name into “Search Application” textbox and click “Search” button

  • Observe the Application and click on “Ellipsis” button next to Application

  • Select “Retire Application” from the drop-down box

  • Click on “Yes” button

  • Observe the newly Approved Application has disappeared

  • Validate Retiring the Application by typing Application name into “Search Application” textbox and click “Search” button

  • Application should not be found

Note: Please do not remove any applications, aside from the one you created

END OF SCENARIO

2. Request, Approve, Remove, and Validate Newly On-Boarded User

Summary:

Removing a User is something all Users within IDHub can Request. Only Access Managers have the authority to Claim and Approve the Request to remove a User. To simplify this scenario, we will Request, Claim, Approve, Remove, and validate the Removal of the User which was created during the “Create a New User and New User Application Requests” scenario, as an Access Manager. Follow the below steps to Request, Approve, Remove, and Validate the newly on-boarded User:

  • Login as an Access Manager

  • Search for the Catalog item “Remove User” under the “Service Request” section and add to the Cart

  • Remove the Access Manager from the Request and add the User you created in “Create a New User and New User Application Requests” scenario

    • It’s critical to remove the Access Manager, we don't want to remove him/her as a user in IDHub

  • Submit the Request for Approval

  • Navigate to the “Tasks” section, Claim, and Approve the Removal Request

  • Validate the Removal of the User by searching for him/her in the Catalog

  • The User should no longer be present within IDHub

    • *Note: Please do not remove any Users, aside from the one you created

  • Please complete the following survey https://sath.com/field-test-admin-tasks-survey/

*Note: In the event you need help navigating this scenario, follow the below instructions:

1. Request Removal of Newly On-boarded User, as Access Manager Instructions

  • Login as an Access Manager

  • From Dashboard, click on "Request Access" button

  • Click on “Service Request” tab

  • View list of Service Requests in Catalog

  • Select Catalog item “Remove User” by clicking on '+' on the Catalog item

  • Observe the count in “Cart Icon” has increased

  • Click on “Cart Icon” to view Cart

  • Click on “Proceed” button

  • Observe Remove User Request page

  • Remove Access Manager from Request by clicking on the ‘x’ next to Access Manager’s name

  • Click on ‘+’ to add newly on-boarded user to Remove User

  • Type newly on-boarded Users name, select newly on-boarded User, and click “Done” button

    • IMPORTANT: Ensure the user you are requesting to remove, is the user you created during the “Create a New User and New User Application Requests” scenario

  • Click “Continue” button

  • Observe “Remove User” panel to ensure you are removing the correct User

  • Click “Done” button

  • Click “Continue” button

  • Enter justification for request

  • Click “Submit” button

  • Observe popup message in upper right informing Request submitted successfully

2. Claim and Approve Removal Request of Newly On-boarded User, as Access Manager Instructions

  • From “Dashboard”, navigate to “Tasks” section

  • Observe open Tasks which require Approval

  • Open Remove User Request Task by clicking the hyperlink on the description

  • Observe information to ensure you are removing the User which you on-boarded in previous scenario

  • Observe available actions for Task by clicking on “Ellipsis” button on bottom of page

  • Select “Escalate” 

  • Observe the textbox which appears for entering the escalation reason

  • Close textbox by clicking on ‘x’

  • Click “Claim” button

  • Enter claim reason

  • Click “Claim” button

  • Observe popup message in upper right informing Task action performed successfully

  • Click “Approve” button

  • Enter approval reason

  • Click “Approve” button

  • Observe popup message in upper right informing Task action performed successfully

  • Observe the Task is no longer present on “Tasks” page

3. Validate Removal of User as Access Manager Instructions

  • From Dashboard, click on "Request Access" button

  • Click on “Users” tab

  • Type newly Removed Users first name into search bar and click on “Search” button

  • Observe newly Removed User is not found

Note: Please do not remove any users, aside from the one you created

END OF SCENARIO