Dear Experts,

I have a requirement to trigger mail notifications to some teams whenever they are assigned. So i have created a privilege in idm and mapped it to few roles. Maintained notification task to the privilege Add memeber event, so that whenever this privilege is assigned to any user it triggers mail notification. This entire flow is working fine, but only challenge is how to identify the role via which this privilege is assigned to user. Unable to get this information in the pending value attributes.

Business Use Case:

There are three teams A, B, C.

Whenever Role 1,2,3 are assigned Team A should be notified via email. Similarly for Role 4,5 its team B and Role 6 it is Team C.

So created three different privileges as priv:alert:teamA, teamb, teamC and mapped to respective IDM roles and linked notification task under Add member event process.

When role1 & 2 are being assigned then the respective team should be notified on which roles are assigned.

In the below screenshot is the sample pending value object which would be created when event task is triggered. Able to identify, the user, the assigner, privilege being assigned but unable to identify the parent role.

Can you please let me know if there any way can maintain the role via which the privilege is assigned to user in the pending value or else only possible solution i find, is to create one privilege with same name as role and map it to the respective role and notified users stating that this role is assigned to users.

Not sure if it is good idea to link the event task to the roles. is it a good idea to do it? if so should i need to maintain it in the add member task after complete role approval process or else link the notification task to the RequestCompleteProcess once the role is assigned to the user and here it checks whether notification needs to be triggered or not and sends notification.

IDM Version - SAP IDM 8.0 SP4

Regards,

Deva