🔄Lifecycle Management
Introduction to Lifecycle Management with Veza
Veza's Lifecycle Management (LCM) solution empowers organizations to automate and streamline the management of user identities and access rights throughout the employee lifecycle. From onboarding to role changes and offboarding, automated LCM workflows ensure that the right people have the correct access at the right time.
Key Features
Automated Provisioning and De-provisioning: Streamline granting and revoking entitlements as employees join, move within, or leave the organization
Environment-wide Synchronization: Keep user attributes and access rights consistent across applications and platforms
Customizable Workflows: Design tailored processes for different lifecycle events and user segments
Compliance and Audit Support: Maintain detailed records of access changes to support compliance and audit efforts
Integration with Identity Providers: Integrate with identity providers and HR systems, import HR data from CSV, or use a custom OAA template
Core Concepts
Policies
Policies define the rules and actions for managing identities throughout their lifecycle. They specify what actions should occur when there are changes in a source of identity, such as when a user is created or their attributes change.
After configuring a policy for a source of identity in your organization, Veza Lifecycle Management tracks the source for changes. When employee records are added or changed, actions will trigger based on the workflows and actions specified in the policy.
Workflows
Workflows are sequences of actions within a policy that execute based on specific conditions. They enable automation of lifecycle management processes such as onboarding, role changes, and offboarding.
Workflows only execute actions on users that meet specific conditions, and Policies can contain more than one Workflow. This enables you to create a single policy for your source of identity that contains multiple workflows, with one applying to new hires, another applying to terminated employees, and so on for the different JML scenarios you want to automate.
Learn more about Workflows
Access Profiles
Access Profiles define sets of entitlements (such as group memberships or role assignments within a target application) that should be granted to users based on their role within the organization (or another distinguishing attribute). You can use Access Profiles to define both Business Roles – segments of employees, and Profiles – collections of entitlements in a target application.
Assigning Business Roles to the Profiles they should inherit enables you to define the birthright entitlements for different types of employees in your organization. You can then assign those Business Roles when configuring workflows that add or remove access to an application.
Learn more about Access Profiles
Actions
Lifecycle Management Actions are tasks performed within a workflow, such as creating a user account, assigning group memberships, or disabling an account. Actions can be combined to trigger in sequence when there are changes in the source of identity. Actions can run for any identity that meets the workflow conditions, or only apply when action-level conditions are met.
Learn more about available Actions
Attribute Transformers
Transformers allow you to modify and format user attributes when synchronizing data between systems, ensuring consistency and compatibility when creating users across applications.
Lifecycle Management will provision new users with these attributes and can keep their accounts up-to-date when there are changes in the source of identity. Target entity attributes can be set to specific values or use metadata from the source of identity, and support a range of transformation functions.
Learn about Transformers
Getting Started
Enable Integrations: Configure your data sources and enable them for Lifecycle Management. Lifecycle Management Integrations
Define Access Profiles: Create profiles that map your organizational structure to application-specific entitlements. Creating Access Profiles
Create Policies: Add policies to automate identity management processes. Building Lifecycle Management Policies
Configure Workflows: Design workflows within policies to handle specific lifecycle events. Configuring Workflows
Last updated