In our use case, we would encounter scenario where one user having accounts from source A and B, and want to disable only account A. Currently, we have an offboarding LCS to disable all accounts owned by this identity. Is it the best approach to configure multiple LCS for each source account to be disabled?
If it is only for one user, then it is not a good idea to implement a solution for this. You can just enable the specific account again.
In case if it is a requirement for set of users, then yes you can have multiple LCS to manage your requirements. It is quite common to have multiple LCS not just active and inactive.
Alternatively you can add conditions to exclude some users for some sources while disabling accounts, if it is a workflow or some external scripts.
Thank you for the response. It is actually a common use case in our requirements where user will disable one or more accounts but not all accounts owned by this identity.
Example, I have accounts from source A, B and C, but on the same day, I need to disable accounts from source B and C. And for some other user, it will be only disabling the account from source C. Meaning I have to create multiple LCS to cater the different combinations of accounts to be offboarded?
Is there any other way other than configuring LCS in IDN, eg: rules / workflow ? Or a way for me to trigger disable operation via some flags given by authoritative source?