Automated workflow request options
Bravura Security Fabric can automatically assign roles and groups to users on the basis of user class. The autores program, run as part of auto discovery, compares members of a class with a list of users who have a resource. The program can be configured to submit requests to assign or remove resources. When a user initiates a request, potential automatic assignments will be detected and submitted once the initial request has been approved and processed.
See usage information for autores .
To configure automated workflow settings:
Click Workflow > Options > Automation.
Enable options and type values for the fields listed in Table 1, “Automated workflow options”.
If required, configure event options listed in Table 2, “Automated workflow events that launch interface programs”.
Click Update.
Option | Description |
|---|---|
ATTR AUTO PROPAGATE EXECUTE | Enable this to automatically execute the propagation of changes to profile/request attributes to account attributes on subordinate systems. |
ATTR AUTO PROPAGATE REQUESTER | The profile ID of the user that will submit change requests to the Bravura Security Fabric workflow system to synchronize account attributes to new profile attribute values. |
ATTR AUTO PROPAGATE WRITE | Enable this to automatically write the propagation of changes to profile/request attributes to a work file. You can set this one alone to make changes manually, or combined with ATTR AUTO PROPAGATE EXECUTE for logging purposes. |
ATTR AUTO PROPAGATE THRESHOLD | Control the number of requests to be submitted due to changes to profile attributes, unless overridden on the command line. If the threshold is exceeded, no requests will be submitted automatically by |
AUTO ASSIGNMENT MAX SUBMIT DEFAULT | Maximum number of submissions in a single run of the automatic assignment utility, unless overridden on the command line. You can override this for individual groups or roles by selecting Ignore submission limit during auto discovery. |
AUTO ASSIGNMENT GROUP DELETE ORPHAN ACCOUNT | Enable this to automatically remove orphaned accounts from a group. An orphaned account is currently not associated to an existing profile. |
AUTO ASSIGNMENT GROUPDELETE ORPHAN ACCOUNT RECIPIENT | A valid profile ID of the user that will be the recipient of the request to remove the orphaned account. |
AUTO ASSIGNMENT PROPAGATE REQUESTER | The profile ID of the user that will submit change requests to the Bravura Security Fabric workflow system to assign resources to users based on user classes. |
AUTO ASSIGNMENT REQUEST SPLIT | The name of the plugin script to split an automatic assignment request into separate requests. |
AUTO ASSIGNMENT THRESHOLD | A threshold number of requests to be submitted in a single run of the automatic assignment utility ( |
AUTO ASSIGNMENT VARIANCE FILTER | The name of the plugin script to filter automatic assignment variance detections before automatic submission. |
OOB REQ GROUP JOIN REQUESTER | The requester’s profile ID when automatically submitting requests to add a user or a group to a group, if the user or group’s membership was changed outside of Bravura Security Fabric ’s control. |
OOB REQ GROUPLEAVE REQUESTER | The requester’s profile ID when automatically submitting requests to remove a user or a group from a group, if the user or group’s membership was changed outside of Bravura Security Fabric ’s control. |