User Guide
Release Notes

iManage

Configuring the Veza integration for iManage

Overview

The Veza integration for iManage connects to the work management platform to discover users, their groups and roles, and the shared libraries they can access. Use the integration to:

  • Search for employees with access to data in iManage, based on their group and role assignments.

  • Review user permissions within iManage based on groups, roles, or the resources they can access.

  • Filter queries and create alert rules based on the authorization metadata discovered by Veza.

To configure the integration, you must enable the Veza - iManage Integration app for your organization's iManage account and add the integration to Veza using the app's credentials.

See Notes and Supported Entities for more details.

Configuring iManage

The integration requires a custom application installed by the iManage team. To request the application for your account, email appregistration@imanage.com.

To: appregistration@imanage.com
Subject: Veza – iManage Integration for <CompanyName> in cloudimanage.com

Body: Please create a new Veza – iManage Integration application for <CompanyName> in cloudimanage.com
Name: Veza – iManage Integration
Customer Name: ______
Customer/Tenant ID: ______
Redirect URL (if applicable): ______

Once the app is installed, you can log in to iManage to get the application client ID. The client secret will be provided to the email requesting the custom application from iManage's team.

  1. Request the Veza - iManage Integration app. The app must have access to the iManage Control Center.

  2. Log in to iManage. Your account needs the App Management, Group Management, Role Management, and User Management privileges to access and use the integration.

  3. The user must have access to the Veza - iManage Integration application to get Client ID and Client Secret for configuration.

  4. Click on the left menu Applications and Add Application button on the right side to configure a new application.

  5. Select Veza - iManage Integration application and click Authentication.

  6. Update authentication settings if required, otherwise, click Access.

  7. Update Access settings if required, otherwise, click Review.

  8. Review before clicking Add application. Enable the application as shown below if not enabled.

  9. Click on Finish to add application. Once the application is added successfully, you should be able to see it on the Applications list.

Add an iManage integration to Veza

To configure the iManage integration in Veza:

  1. Log in to your Veza instance.

  2. Choose Integrations from the main navigation to open the overview page.

  3. In the main pane, click Add Integration.

  4. Choose iManage as the integration to create and enter the required details:

    • iManage URL: URL for iManage API endpoint including protocol

    • iManage Client Identifier: The client ID used to access the iManage API

    • iManage Client Secret: The client Secret used to access the iManage API

    • iManage Username: The username used to access the iManage API

    • iManage Password: The password used to access the iManage API

Notes and Supported Entities

Veza represents identities and access within iManage with the following graph entities:

  • iManage Customer → iManage Application

  • iManage Library → iManage Resource

  • iManage Group & Library Group → iManage Group

  • iManage User & Library User → iManage User

  • iManage User Role and Library Role → iManage Role

  • iManage User Role’s capabilities → iManage Permission

User Attributes

  • allow_logon: Indicates if the user is allowed to sign in. If true, the user is allowed to sign in. If false, the user is not allowed to sign in.

  • create_date: User’s created date.

  • last_modified_at: User’s edit date. (Custom Property: Yes, Used field edit_date)

  • email: User's primary email.

  • failed_logins: Indicates the current number of user's failed attempts to sign in.

  • full_name: User’s full name.

  • id: User’s ID.

  • is_external: Indicates the user is an external user. If false, the user is not an external user, also called a regular user.

  • is_locked: Indicates if the user was locked. If true, not allowed to access iManage Work Server. If false, allowed to access iManage Work Server.

  • preferred_library: Indicates a user's preferred library (formerly called a database).

  • imanage_user_type_no: Indicates the type of user as number. 2 indicates Virtual users. 6 indicates Enterprise users. (Custom Property: Yes, Used user_nos)

  • imanage_user_type: Indicates the type of user as string. Allowed values, Virtual users, and Enterprise users. (Custom Property: Yes)

  • library_id: Indicates the library ID of the user. (Custom Property: Yes)

  • database: Indicates the database of the user.

  • is_tierone: Indicates the user has tier1 privilege access. If true, the user has tier1 privilege access. (Custom Property: Yes, Used is_tier1)

  • is_tiertwo: Indicates if the user has tier2 privilege access. (Custom Property: Yes, Used is_tier2)

  • is_tierthree: Indicates if the user has tier3 privilege access. (Custom Property: Yes, Used is_tier3)

  • is_virtual_user: Indicates the user is a virtual user. If true, the user is a virtual user. If false, the user is not a virtual user.

  • system_user: Indicates the user is a system user. If true, the user is a system user. If false, the user is not a system user.

  • super_user: Indicates the user is a superuser. If true, the user is a superuser. If false, the user is not a superuser.

  • user_num: Indicates User Number.

Group Attributes

  • id: Group’s ID.

  • full_name: Group's name.

  • group_number: Group’s Number.

  • create_date: Group’s Creation time.

  • enabled: Indicates if the group is enabled or disabled. If true, the group is enabled. If false, the group is disabled.

  • is_external: Indicates if the group is intended for external users. If true, the group is intended for external users. If false, the group is intended for regular users (non-external users).

  • imanage_group_type_no: Indicates the type of group as number. 2 indicates Group for virtual users. 6 indicates Group for enterprise users. (Custom Property: Yes, Used group_nos)

  • imanage_group_type: Indicates the type of group as string. Allowed values, Group for virtual users, Group for enterprise users. (Custom Property: Yes)

  • global_id: Indicates the group global ID. If global id is zero, the current group is library group, else global group.

  • library_id: Indicates the group library ID. (Custom Property: Yes)

  • database: Indicates the database of the group.

Role Attributes

  • id: Role's ID.

  • name: Role's name.

  • description: Indicates the description of the role.

  • database: Indicates the database of the role.

Permission Attributes

  • app_management: Either admin or no_access.

  • encryption_management: Either admin or no_access.

  • feature_management: Either admin or no_access.

  • group_management: Either admin or no_access.

  • role_management: Either admin or no_access.

  • settings_management: Either admin or no_access.

  • user_management: Either admin or no_access.

PreviousIBM AsperaNextJenkins

Last updated