Identity processing threshold in IdentityIQ 8.2

The Identity Processing Threshold feature gives you the ability to stop lifecycle events before they are fully processed, to protect against  dangerous or accidentally-triggered workflows from completing. For example, if someone makes a change in the Human Resources database that accidentally changes the status of an entire department's employees to "terminated", the identity processing threshold can stop IdentityIQ from running a Leaver workflow for hundreds of employees.

Thresholds can be set either as a fixed number, or as a percentage of identities. When a threshold is set, the Identity Refresh task will terminate when the threshold is met, without updating any identities.

Identity Processing Threshold can be configured both in Rapid Setup (as global setting) and in Lifecycle Events, for specific workflows. In addition, there are some settings in the Identity Refresh task that must be set to fully enable this feature.

Setting an identity processing threshold in Rapid Setup

The Identity Processing Threshold in Rapid Setup is configured as a global setting, for each type of processing event.

1. Click gear > Global Settings > Rapid Setup Configuration.
2. Choose the type of process (for example, Joiner, Mover, or Leaver) that you want to set a threshold for. Note that the process must be enabled before you can set an identity processing threshold.
3. In the Identity Processing Threshold area, set your threshold preferences
   • Choose whether to use a Fixed number or a Percentage of identities as the threshold.
   • Enter the threshold value. Fixed numbers must be whole; decimal values are not supported. Percentages must be between 1 and 100.

1. Save your changes.
2. Ensure that the Process events setting is selected in the Identity Refresh task; the identity processing threshold will not take effect if this option is not selected. See the section below for more information.

Setting an identity processing threshold in Lifecycle Events

Identity Processing Thresholds are set individually for different types of Lifecycle Events.

1. Click Setup > Lifecycle Events.
2. Choose the type of process (for example, Joiner, Mover, or Leaver) that you want to set a threshold for.
3. Choose a Threshold Type: a Fixed number or a Percentage of identities as the threshold.

1. Enter the Threshold value. Fixed numbers must be whole; decimal values are not supported. Percentages must be between 1 and 100.
2. Save your changes.
3. Ensure that the Process events setting is selected in the Identity Refresh task; the identity processing threshold will not take effect if this option is not selected. See the section below for more information.

Enabling identity processing threshold in the identity refresh task

The Identity Refresh task must be set to process events in order for the Identity Processing Threshold to work as intended.

1. Click Setup > Tasks
2. Select the task you use for refreshing identities to edit it. This is a task of type Refresh Identities.
3. Ensure that the Process events option is enabled. If you want to process events for other purposes but disable the Identity Processing Threshold feature, you can check the Disable identity processing threshold option.
4. Save your changes.