- Created by Ann Base, last modified by Josefin Klang on Nov 13, 2023
Use this task to assign an entitlement to a person. The task works on three different core objects: To use this task, configure the following delegate expression in your service task: The following parameters can be configured in Identity Manager Admin: Example value: Example value: The field name of the above data pool, where the external id of the assignment is stored, for example, 'ExternalId'. Example values: The assignment is done on either a person or an access rule. By providing values such as 'person' or 'PERSON' (all letter are handled as lower case) the assignment is done on the person entity. By providing any other values, the assignment is done on the access rule. Contains a list of entitlements related to the entitlement to be assigned. Mostly used to associate a room with a time zone. Use this task to create a group membership in Smart ID Physical Access component. Group membership means, assigning an existing person to an existing group. The task works on three different core objects: To use this task, configure the following delegate expression in your service task: The following parameters can be configured in Identity Manager Admin: groupMembershipDataPoolName Example value: Example value: The field name of the above data pool, where the external id of the membership is stored. Use this task to send a request to PACS to create (if non existent) or to update (if exists) a card. To use this task, configure the following delegate expression in your service task: The following parameters can be configured in Identity Manager Admin: pacsName cardStateFieldName Example value: cardActiveStates Example value: Valid values: Use this action to send a request to PACS to create (if non existent) or to update (if exists) a person. To use this task, configure the following delegate expression in your service task: The following parameters can be configured in Identity Manager Admin: pacsName personStateFieldName Example value: personStates Example value: Use this action to fetch entitlements of a given type or several types from a PACS system. Currently supported: Physical Access component. The fetched entitlements are stored as core objects. To use this task, configure the following delegate expression in your service task: The following parameters can be configured in Identity Manager Admin: Example value: The name of the data pool for core objects, that store the assignment with the external id. Valid values: Zero or more comma separated values from the list: DEFAULT, ZP, ZPC, RZ_TZ, DG_TZ, D_TZ Use this task to send a request to PACS to create (if non existent), update (if exists) and delete (if exists) a group. To use this task, configure the following delegate expression in your service task: The following parameters can be configured in Identity Manager Admin: Valid values: Use this task to send a request to PACS to create (if non existent), update (if exists) and delete (if exists) an access rule. To use this task, configure the following delegate expression in your service task: The following parameters can be configured in Identity Manager Admin: Valid values: Use this task to withdraw an entitlement from a person. The task works only on the core object 'Assignment'. This is an entity that stores the external id of the EntitlementAssignment within Physical Access component. Usually a Request is used to hold this information. To use this task, configure the following delegate expression in your service task: The following parameters can be configured in Identity Manager Admin: Example value: Example value: The field name of the above data pool, where the external id of the assignment is stored. Example values: The withdrawal is done on either a person or an access rule. By providing values such as 'person' or 'PERSON' (all letter are handled as lower case) the withdrawal is done on the person entity. By providing any other values, the withdrawal is done on the access rule. Use this task to withdraw a group membership in Physical Access component. To use this task, configure the following delegate expression in your service task. There has to be a Request with the group membership id in the process map. The following parameters can be configured in Identity Manager Admin: groupMembershipDataPoolName Example value: Example value: The field name of the above data pool, where the external id of the membership is stored.Description
Configuration
${pacsAssignEntitlementParametrizedTask}
Parameter Mandatory Value Description pacsName The name of the PACS system to communicate with. entitlementAssignmentDataPoolName The name of the data pool for core objects, that stores the assignment, for example, 'Request'. entitlementAssignmentExternalIdFieldName targetEntity relatedEntitlementsCoreObjectDescriptorList Description
Configuration
${pacsCreateGroupMembershipParametrizedTask}
Parameter Mandatory Value Description pacsName The name of the PACS system to communicate with. The name of the data pool for core objects, that stores the group membership. groupMembershipExternalIdFieldName Description
Configuration
${pacsCreateOrUpdateCardParametrizedTask}
Parameter Mandatory Value Description The name of the PACS system to communicate with. The card data pool field name where Identity Manager stores the state of the person. A comma separated list of supported active card states in Identity Manager. cardType - Optional. The type of a card. Physical Access component accepts two types: 'mifare' and 'em'. Description
Configuration
${pacsCreateOrUpdatePersonParametrizedTask}
Parameter Mandatory Value Description The name of the PACS system to communicate with. The person data pool field name where Identity Manager stores the state of the person. A comma separated list of supported active person states in Identity Manager. Description
Configuration
${pacsFetchEntitlementsParametrizedTask}
Parameter Mandatory Value Description coreTemplateName The name of the core template in which the entitlements shall be stored. entitlementTypesField - listOfEntitlementTypes - coreObjectDescriptorOutputField - List of the core objects that were saved into the database. In this service task, the list contains entitlement objects, since the task saves entitlements into the database. Description
Configuration
${pacsDealWithGroupParametrizedTask}
Parameter Mandatory Value Description pacsName The name of the core template in which the entitlements shall be stored. deleteFlag Flag for indicating whether the group should be created/updated (false) or if the group should be deleted (true). Description
Configuration
${pacsDealWithAccessRuleParametrizedTask}
Parameter Mandatory Value Description pacsName The name of the PACS system to communicate with. deleteFlag Flag for indicating whether the access rule should be created/updated (false) or if the access rule should be deleted (true). Description
Configuration
${pacsWithdrawEntitlementParametrizedTask}
Parameter Mandatory Value Description pacsName The name of the PACS system to communicate with. entitlementAssignmentDataPoolName The name of the data pool for core objects, that store the assignment with the external id. entitlementAssignmentExternalIdFieldName targetEntity Description
Configuration
${pacsWithdrawGroupMembershipParametrizedTask}
Parameter Mandatory Value Description pacsName The name of the PACS system to communicate with. The name of the data pool for core objects, that stores the group membership. groupMembershipExternalIdFieldName