Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated for Smart ID 20.11. Also valid from Nexus PRIME 3.8.

This article describes how to create or edit a simple process in Identity Manager Admin (PRIME Designer), with the Process Designer tool. To create more complex processes with the full set of tasks, the Activiti designer plugin can be used.

Prerequisites

Expand
titlePrerequisites

Before setting up a process, make sure that the following things apply:

Step-by-step instruction

Expand
titleLog in to Identity Manager Admin


  1. Log in to the Identity Manager Admin as an admin user.



Expand
titleAdd process
  1. In Identity Manager Admin, go to Home > Process Designer.
  2. To add a new process:

    1. Click +New.

    2. Enter a Name, for example Create Employee,and a Description.

    3. Click Save+Edit.
      The Process Design panel is shown.

  3. To edit an existing process, double-click on its name.
  4. Optionally, enter a Help text.


Expand
titleAdd tasks

Add, remove or edit process tasks as needed.

  1. Go to the Task List tab.
  2. There is always a startElement automatically generated. You can configure a form as attribute for it (not mandatory).
  3. In the Task List tab, click + to add a task.
  4. Select a task type. See the available task types and attributes.
    To use standard service tasks, select Service task as type.
  5. Enter a Name, a Description, and the required attributes for the selected task type. For example, for a Save Data task, a data pool is needed to specify where to save the data.
  6. If a service task is chosen, click the pen symbol to edit.
    To use a standard service task:
    1. Select Delegate Expression.
    2. Enter expression with the name of the standard service task in the text field, for example ${createRelationJavaDelegate}.
    3. Enter values for the given parameters.
    For information on the available standard service tasks and parameters, see Standard service tasks in Identity Manager.
  7. To let a step be done in parallel to the previous step, check Branching.
  8. Click Preview to see a graphic representation of the current process.
  9. Click Save.


Expand
titleSet permissions

Add permissions for users and roles for all operation types:

  1. Go to the Permissions tab.
  2. For each operation type, Delete, Update, Start process, and so on, click the operation name. Repeat steps 3-4 to add permissions for users and roles.
  3. To add permissions for a specific user, click Add user and select the user in the drop-down list.
  4. To add permissions for a role, click Add role and select the role in the drop-down list.
  5. Click Save.


Anchor
taskTypes
taskTypes
Task types and attributes

Task name

DescriptionAttributes

Assign New Number

A number from a number range is assigned to a data pool field.
  • Number range
  • Data pool and field name
Card OperationAn action on a card (e.g. Set PIN/Change PIN) is executed. See also Structure of an encoding description in Identity Manager for more information.
  • Form
  • Card action
Change StateThe state of an object is changed in the local Identity Manager database to a particular state, e.g. from "Active" to "Inactive".
  • Data pool
  • Target state
Change State in CAThe state of a certificate is changed in the CA to a particular state. The state is then also changed in the local database.
  • Target state

Check Task

This task checks the relationship between a data pool object and a particular identity object. The relationship must be a "one-to-one" relationship. If this is not the case, an activity error occurs.
  • Data pool
  • Identity template

Choose Mapping

Data are copied from one data pool to another by means of mapping.
  • Mapping
Delete DataThe data of a particular ID are deleted in the data pool indicated.
  • Data pool
Export TaskData is exported according to an export definition.
  • Export definition
Mail TaskAn email is sent, e.g. a confirmation of receipt.
  • Email template
Modify Roles AutomaticallyRoles are automatically assigned to or withdrawn from particular objects.
  • Data pool
  • Role
Modify Roles ManuallyThe user can assign or withdraw roles to or from particular objects manually.
  • Data pool
  • Role
Print ReportA document with the indicated template can be printed.
  • Form
  • Report template

Production

A card or token is produced. This task is for server side production only.

If you configure multiple printers, see Set up printers in Identity Manager.

The process variable processVarCardSdkPrinterUrl can be used to fill with the symbolic name of a  printer to find the connection to the CardSDK. If the variable is not in the process, the defaultPrinter is used.

  • Card template
  • For Nexus GO Cards (CaaS) production:
    Field Name: Field that holds the request id returned by Nexus GO Cards (CaaS).
Production with PreviewBefore a card is produced a preview of the card is displayed on the user interface. There are two variations: one for client-side and one for server-side production. These differ by the following forms:
  • clientSideProductionPreviewTask.jsp
  • serverSideProductionPreviewTask.jsp

If you configure multiple printers, see Set up printers in Identity Manager.

The process variable processVarCardSdkPrinterUrl can be used to fill with the symbolic name of a  printer to find the connection to the CardSDK. If the variable is not in the process, the defaultPrinter is used.

  • Form
  • Card template
Request SofttokenA softtoken is required by the CA and sent to the recipient by email.
  • Certificate type
  • Email template
Return NumberA number from a number range is released again.
  • Number range
  • Data pool and field name
Save DataThe process data are saved in the data pool indicated. If a suitable ID is found, an update is run, otherwise a new data record is created.
  • Data pool

Script Task

This task contains a scripting engine for script languages such as JUEL, BeanShell, JavaScript and Groovy.
  • Script to be executed
Service Task

A JAVA class that is executed during the process runtime is added to the process.

A set of standard service tasks is available. For more information, see Standard service tasks in Identity Manager.

  • Java Class
  • For standard service task:
    Relevant parameters for the selected task
User TaskA user dialog (user task) is used in order to model the interaction of a user. It is a form in which entries have to be made.
  • Form
  • Buttons can be configured


This article is valid from Nexus PRIME 3.8for Smart ID 20.11 and later.

Related information

More details on processes: 

Child pages (Children Display)

Other related topics: