Identity Proofing for Identity Claim
The Identity Claim feature has been enhanced to support identity proofing. The proofing requirement is optional, and can be configured per user type from the Identity Claim configuration (admin UI). 1Kosmos is the only proofing provider currently supported within the product.
Enabling Proofing for Identity Claim
The identity proofing level can be configured per user type level. The Identity Claim detail UI will have ‘Identity Proofing Level’ combo with following options:
None: No proofing required (default).
IAL-1: Proofing response should have an IAL level 1 or above
IAL-2: Proofing response should have an IAL level 2 or above
IAL stands for Identity Assurance Level, this value is returned by the proofing provider based on the identification documents available for proofing. Level 2 is a higher proofing level than Level 1.
Configuring the Proofing Provider
The configuration properties required to connect to 1Kosmos can be configured under the 'Identity Proofing' section of the Configuration menu. These configurations must be configured in order for the Identity Claim proofing feature to work.
Identity Claim Proofing Screen
During the Identity Claim process, if the user type requires identity proofing and if the user is not already proofed, then the proofing UI will be displayed. The proofing UI will have a QR code, which can be scanned by the BlockId app of 1Kosmos. The UI will wait for the proofing response. When a response is received, the 'IAL' level is validated, user is updated as proofed and the user proceeds to the next step. The proofing UI is displayed after the Acceptable Use panel (when configured) and before any secondary factor authentication (if configured).
Note: The timeout for the response to be received by the proofing provider is configurable.
After the user approves the proofing request from the BlockId app, the Identity Claim process advances to the next step.
Oracle HCM Enhancements
Oracle HCM connector is enhanced to support different REST Framework versions. A plug-in level configuration is introduced to configure this for export and import. The versions supported now are any value in the range 2 to 7.
During import, this is used while fetching the UID and current entry to do the change comparison. Filters and response data converters are adjusted to support different REST framework versions. Some filtering was handled at the connector level. For newer REST Framework versions, all these filters are included with the API calls. So there will be a considerable performance improvement when such filters are used. Part of the framework version enhancement, was the introduction of more filter options to fetch worker based on assignmentId.
REST Framework version can be configured for lookup using the advanced configuration option.
Ellucian Ethos Enhancements
The Ellucian Ethos connector had the following enhancements:
- Student data format enhanced to support organizational unit info.
- Employee data format enhanced to support organizational unit info.
- StudentAdmission data format enhanced to support additional, available, student related attributes.
List of defects reported by customers or implementation, does not contain defects raised internally.
- Fixed approver being logged out of Self-Service Portal when trying to approve the manager profile update request.
- Fixed issue that prevented user management option update from admin UI under Self-Service-->User Management.
- Fixed mapper temp variables not listed in mapper functions and the listing of output variables twice.
- Fixed issue of mapper lines getting reversed when copy and then pasted within a mapper.
- Fixed search not listing custom mapper variables without prefixing it with $ symbol.
- Fixed Get Mapper Data rule not returning data.
- Fixed sample data creation feature for Identity Hub and Data Hub when using product attribute schema.
- Fixed issue of IF condition source value not updating after updating the mapper condition.
- Fixed issue of assigning the mapper rule to the wrong row on deleting with rule combo popped up.
- Fixed issue of using global variable in IF mapping condition.
- Fixed copied mapper lines not bringing in the variables used.
- Fixed deploy all options of workflows from studio not working.
- Fixed global variables not being substituted during alias management validations.
- Fixed issue with Get Config Info filters when filter has JDBC special chars. The special characters were not being escaped correctly.
- Fixed Success/Failure task execution for GIG associated import task.
- Fixed LDAP Trigger execution for non GIG associated triggers
- Fixed Gallagher Entitlement processing when qualified entitlements got changed on policy evaluation