Skip to main content

Setting up for single user certifications

Product administrators with relevant privileges can manage or initiate certifications involving multiple users. You can set up Bravura Security Fabric to allow end users to quickly review the entitlements of a single user via the user’s profile page.

Bravura Security Fabric applies a two-participant user class, for example _MANAGER_DIRECT_, to determine whether user X can initiate a certification of user Y. If permitted, then an Initiate a review of all entitlements option is available on user Y’s profile page.

To set up to allow single user certifications:

  1. Click Manage the system > Security> Access to user profiles > Delegated administration rules > Add new….

  2. Enter an ID and Description for the new rule.

  3. Select the Initiate a review of all entitlements privilege.

    3651.png

  4. Click Add.

  5. Select Membership criteria.

  6. Click Select… to use an existing user class, for example, _MANAGER_DIRECT_, or click plus icon Add new… to create a new user class.

    The user class must be a two-participant user class.

  7. Configure the participant mapping; for example, if using the _MANAGER_DIRECT_ user class, map MANAGER to REQUESTER and SUBORDINATE to RECIPIENT to allow managers to initiate a review of entitlements of their direct subordinates.

    3652.png

  8. Click Update.

To test this setup:

  1. Log in to Bravura Security Fabric as a user who satisfies the requester participant criteria; for example a manager if you are using the MANAGER_DIRECT user class.

  2. Click View and update profile in the Other users section.

  3. Select a user who satisfies the recipient criteria to view their profile information and resources page.

    3653.png

  4. Click Initiate a review of all entitlements.

    It can take a moment before the certification campaign is ready for review. Click Refresh to refresh the page.

    Bravura Security Fabric displays a link based on the saved setup:

    3654.png

  5. Click the link to open the certification review app.

    3655.png

You can run the Entitlement review privileges report to list who can run a single user certification for which users.

Save a default configuration

SINGLE_USER_CERTIFICATION_DEFAULT_CAMPAIGN is the default setup for a single user certification campaign. You can modify this setup on the Saved certification setups page. To use another setup, type the ID of the saved setup in the CERT SINGLE USER CONFIGURATION field at Manage the system > Modules > Manage certification process (CERT) .

In this section: