Add authoritative source policy

Horizons feature enabled

With the Horizons feature enabled, the Authoritative Source Policies are not used to determine which source system is authoritative for the property on the Identity, Context, or Resource objects in ODW. For more information, go to Authoritative Source Policies.

Authoritative source policies are maintained in the Omada Identity portal in Setup > Master data > Policies > Auth. source policies.

Follow these steps to create an Authoritative source policy:

1. As a master data administrator click New in the top left-hand corner of the screen.

   

2. On the New Authoritative Source Policy page enter the name and select a Data object type to which this policy should apply, remembering that these policies can be applied to Identities, Resources, or Contexts.

   

3. In the Evaluation order field enter a value that defines the policy evaluation order. Authoritative Source Policies that are defined for the same Data Object Type are evaluated in this order when Omada Identity needs to determine which policy applies to a specific data object.

   important

   You should not use the same Evaluation order value in more than one policy defined for the same Data object type.

4. Decide if the policy is a Default policy. When Omada Identity needs to determine which Authoritative source policy applies to a specific data object it will revert to the one marked as default if no other suitable policy can be found. Only one policy per Data Object Type can be marked as default.

5. In the Scope expressions field, provide expression that defines which data objects the policy applies to, for example,

   <scope xmlns="http://schemas.omada.net/ois/2018/AuthoritativeSourcePolicyScopeML">
   <expressions>
   <expression left="IDENTITYCATEGORY" operator="eq" right="ac0c67fc-5f47-4112-94e6-446bfb68326a" />
   </expressions>
   </scope>

6. The Binding rules field allows you to specify if a certain property is either maintained in Omada Identity (Internal) or in an external system (External), for example,

   <bindingRules xmlns="http://schemas.omada.net/ois/2018/AuthoritativeSourcePolicyBindingRuleML">
   <bindingRule property="JOBTITLE" source="External" description="Jobtitle is maintained in HR" />
   <bindingRule property="RISKSCORE" source="Internal" description="Maintained in OIS" />
   </bindingRules>

Edit an Authoritative source policy

By selecting an Authoritative source policy from the Auth. Source Policies list, or by selecting the check box in the left column and clicking the Edit button, you can open the policy's setting and edit them.

You can edit all settings in the source policy except for the DOT it applies to. For the description of the fields in the policy form, refer to the Add new Authoritative source policies section.

info

You can add new Authoritative source policies and change the order of them, so your policies are applied above the default policies.

As an alternative to deleting the default authoritative source policies, you can remove the bindings in the Bindings rules policies, so only the start and end elements are present.