Nexus' software components have new names:

Nexus PRIME -> Smart ID Identity Manager
Nexus Certificate Manager -> Smart ID Certificate Manager
Nexus Hybrid Access Gateway -> Smart ID Digital Access component
Nexus Personal -> Smart ID clients

Go to Nexus homepage for overviews of Nexus' solutions, customer cases, news and more.


Skip to end of metadata
Go to start of metadata

Search configurations are used in Smart ID Identity Manager (PRIME) to search in data pools and identity templates, and to set up search filters and results. Search dialogs can also be integrated into processes, or be shown in batch orders and related object field. Permissions need to be adapted to the intended use and roles. Searches can be done on multiple levels, and for example show card data for all employee cards of a certain employee. 

This article describes how to create or edit a search configuration in Identity Manager Admin (PRIME Designer)

Expand/Collapse All

Prerequisites

Before setting up the search configuration, make sure that the following things apply:

  • Installed Identity Manager
  • Available identity template or data pool as reference for the search configuration
  • If needed: Available report configuration, to allow users to export the search results to a pdf report

Step-by-step instruction

  1. Log in to Identity Manager Admin as an admin user.
  1. In Identity Manager Admin, go to Home > Search Configurations.
  2. To add a new search configuration:

    1. Click +New.

    2. Enter a Name and Select a Reference, either a core template or a data pool. Click Save + Edit.

    3. Optional: add Object picture
      1. The object picture of the Search Configuration is used in the related objects view in Identity Manager.
        If you do not upload a picture, the standard icon of the result object will be used, for example, a card or a meeting icon.
    4. The Search Reference Type shows CORE_TEMPLATE or DATAPOOL, depending on what you selected in Reference in step 1b.
    5. The Search Reference Name shows the name of the core template or the name of the data pool of the CoreObjects that are searched, depending on what you selected in Reference in step 1b.
    6. If you check Maximum number of search results and then enter a number, the search will never return more results than this value. If there are more results, the user gets an error message and has the possibility to modify the filters. Use this only for views where the user has the possibility to modify the filters.
    7. In the General tab, the fields of the selected data pool or core template are listed under Search Criteria. The search dialog as it will roughly appear in Identity Manager is shown on the right, under Extended Search. On the left of it is the search mask, on the right the search results.
    8. Click Save.
  3. To instead edit an existing search configuration, double-click on its name.

Search over multiple levels means that a search can be done over related data pools or core templates. For example, you can search for all Employee cards that are related to an Employee. This is done using ObjectRelations from the given CoreObject to the related CoreObject.

To set multi-level search:

  1. Follow the steps in "Add search configuration" above.
  2. Before you click Save, check Search over multiple levels.
  3. Set Search Depth. Depth means the maximum number of ObjectRelations to be searched for. Search Depth = 1 means that data from directly related objects are shown in the search results. The default depth is 3 and search depth 3 also includes objects from search depth 2 and search depth 1. You can configure the default depth in PermissionAwareSearchConfigManager.

    Search depth values greater than 5 trigger a warning message, regarding possible performance issues.

  4. Select Result Reference Type: core template or data pool, and select a Result Reference Name, which defines the name of the core template or data pool that are searched at depth zero up to the specified search depth. The selected data pool or core template with its text fields are shown in the Search criteria field.
  5. Set Object Relation Types:
    1. All
      If All is checked, it includes all current and future object relation types not available at the time of configuration, but available at the time of search. Also, it disables Type Selection. All is checked by default.
    2. Type Selection
      Only enabled when All is not checked. If Type Selection is checked, a pop-up is shown with a list of object relation types to select. The pop-up shows already stored, and therefore selected, types in alphabetical order at the top of the list followed by additionally available types not yet selected, also in alphabetical order.
  6. Click Save to save your settings.

To add a search criterion to the search filter:

  1. On the General tab, drag-and-drop the search criterion, for example Birth date, from Search criteria to the left field in Search.
  2. Select an initial search condition, for example begins with or greater or equal.
  3. Optionally, enter an initial search value, for example Jun 7, 2017
  4. You can combine two search filters, see "Combine two search filters" below.
  5. You can also use expressions as field values, see "Add field values with expressions" below.
  6. To change the search properties of the field, click Edit (pen symbol).
  7. In Change search field properties, check Hidden, to hide the criterion from the search mask. A hidden field needs an initial search value. To use a variable value from another data pool in the search mask, select the data pool in Selection list and select a Value. Click OK.
  8. Repeat steps 1-5 for all search criteria needed in the search mask.
  9. Click Save to save your settings.

You can combine two search filters using logical AND or OR.

To combine two search filters, add both of them as filter fields. You can add each data pool field as a filter field as often as you like. OR and AND combinations are only available for text-fields, not for numeric, boolean, date, etc. It is not allowed to use both logical operators "AND, OR" at the same time in the searchValue. 

The logical operators makes no sense with some filters. For example:

SearchField: First name
SearchValue: Tom _AND_ Jack
Filter: equals

The result will be an empty list.

Logical AND
  • Use " _AND_ "
    • Note the blanks at the beginning and end
    • AND must be in upper case

Example 1:

Example 1 - AND

SearchField: First name 
SearchValue: Tom _AND_ Jack
Filter: unequals.
This can be used to find all persons, except those with the first name 'Tom' or 'Jack'

Example 2:

Example 2 - AND

SearchField: First name
SearchValue: Tom _AND_ Jack _AND_ Julian
Filter: unequals.
This can be used to find all persons, except those with the first name 'Tom' or 'Jack' or 'Julian'. 

Example 3:

When translatable values are used, the non-translated symbolic names have to be used.

Example 3 - AND

SearchField: Identity Status
SearchValue: CtEmployee _AND_ CtContractor
Filter: unequals


Logical OR
  • Use " _OR_ "
    • Note the blanks at the beginning and end
    • OR must be in upper case

Example 1:

Example 1 - OR

SearchField: Department 
SearchValue: Development _OR_ Finance
Filter: equals
This can be used to find all entries having department 'Development' or 'Finance'.

Example 2:

Example 2 - OR

SearchField: Department 
SearchValue: Development _OR_ Finance _OR_ Sales
Filter: equals.
This can be used to find all entries having department 'Development' or 'Finance' or 'Sales'.

For the initial values of text or number filter fields, you can also use Juel expressions.

Process expressions

ExpressionDescription
${<Datapool_Field>}Any data pool field from the process map, for example, ${Person_FirstName}.

User expressions

ExpressionDescription
${user.id}Unique user id
${user.name}User login name, i.e. 'jsmith'
${user.fullName}User full name, i.e. 'Johnny Smith'
${user.ipAddress}IP address of the user
${user.<Datapool_Field>}Any data pool field related to the user, if the user data comes from a data pool, that is, ${user.Person_LastName} returns 'Smith'.
This expression may be used only in conjunction with CoreObject based authentication.

System Property expressions

These expressions are replaced by specific values which are configured in Identity Manager Admin. The names of the properties are found in the database in Property.name.

ExpressionDescription
${sysprop.<property>}The value of a system property. Replace the placeholder <property> with the name of a systemProperty which can be found in the database table Property.

To add a search criterion to the list of search results:

  1. To show a search criterion, for example First Name, in the search results, drag-and-drop it from Search criteria to the right field in Search.
  2. To move a column in the search result table, drag-and-drop it to a new location.
  3. Click on a column heading to set the sort order based on that column.
    1. To change sort order between ascending/descending, click on the column heading again.
    2. To sort over multiple columns, hold the <SHIFT> key while selecting the columns.
  4. Click Save to save your settings.

To change the order in which the search dialogs will show up in the Identity Manager:

  1. Click Sort Sequence.
  2. Select a search dialog and use the arrow buttons on the left to move the dialog name up or down.
  3. Click Save.

To set available report formats:

  1. Click Configure function 'Export search results'.
  2. In Choose export formats, check CSV format to make csv export available. Select a PDF format to make pdf export available and define the layout of a pdf export.
  3. Click OK to save the settings.

To define where the search configuration is to be used, the purpose must be set:

  1. Go to the Purpose tab.
  2. Select one or more of these alternatives:
    • Simple Search - A search field appears on the Start tab in Identity Manager. This option is not supported for external data sources.
    • Extended Search - The search configuration is available on the Search tab in Identity Manager.
    • Batch Orders - The search configuration is available on the Batch Orders tab in Identity Manager. This option is not supported for external data sources.
    • Object Relations - The search configuration is displayed in the Related objects field for a certain object.
    • Self-Service Search – The search configuration is available in Smart ID Self-Service.

To set the permissions to execute the search configuration:

  1. Go to the Permissions tab.
  2. Click Execute in the left field.
  3. To add permission for a specific user, click the Add User button to the right, and select the user name in the selection box.
  4. To add permission for a role, click the Add Role button to the right, and select the role in the selection box.
  5. To delete a permission, mark the role or user in the list and click Delete.
  6. Click Save to save the settings.