In COmanage you administer attributes and Identifiers values of each Identity. Attributes values are associated to Attribute Types. Identifiers are specific Attributes and are used to uniquely identify an identity. As a CO-Admin you can define which identifiers are allowed to be used for Authentication. There are standard predefined Identifiers, and you can define your own custom identifiers as well.
Below we will explain the 'standard attributes types' and how you can define your own custom attribute type. Also the Standard Identifiers are explained and how you can make your own custom identifier as well.
Next we will explain how Attributes & Identifiers are getting specific values for a certain Identity.
COmanage holds various predefined attributes. You can learn about these predefined attributes via Configuration / Enrollment Flows / Flow (pick one) / Add Enrollment Attribute
Example:
If you need an attribute that is not listed in above Standard Attribute Types, you can make an attribute definition yourself. This is called an 'Extended Attribute'.
Goto Configuration / Extended Attributes / Add Extended Attribute
You now have the option to define your own Attribute:
COmanage holds a set of standard identifiers. You can list them for example via Configuration / Identifier Assignments / Add New Identifier Assignment
When you need an Identifier that is not yet existing, you can make your own custom Identifier. Go to Configuration / Extended Types
The different methods on how the Attribute Value is provisioned will be explained in more detail.
Attributes values will be assigned typically during following events:
Obtained from identity provider, during Authentication flow
User input during enrollment flow
Automatically Assigned (unique) value by COmanage rule
Next we will explain the different events and what is needed in the CO configuration for that.
Typically these values are originating from the Identity Provider. For example, the Identity Provider 'knows' the given name of the Authenticated User. This attribute value is promoted to COmanage.
Some CO's want to use the attributes supplied by the IdP. How to do so?
Even more, sometimes you don't just want to populate fields, you also want to prevent users from editing those IdP vouched for attributes. EnrollmentFlow Attributes have a 'Modifiable' and 'Hidden' option; so you can either hide those fields, or prevent people from changing them.
Another method is that there is a question to the new CO member to provide a value for a specific attribute. For example, I want the person to provide a value for the Attribute 'Shoe Size".
COmanage automatically calculates and assigns a value, for example during enrollment based on the configuration specified in Configuration / Identifier Assignments
Both Attributes and Identifier values van be updated by the CO-Admin.
(TO BE COMPLETED)