 |
Description | This plugin construct an organizational chart within IdentityIQ with additional visualization features. |
 |
Legal Agreement | By using this CoLab item, you are agreeing to SailPoint’s Terms of Service for our developer community and open-source CoLab. |
 |
Repository Link | GitHub - sailpoint-oss/colab-org-chart-plugin |
 |
New to IIQ Plugins in the CoLab? | Read the getting started guide for IIQ Plugins in the CoLab. |
 |
Supported by | Community Developed |
Overview
Displaying an organizational chart is typically part of an organizational human resources solution. However, IdentityIQ (IIQ) holds not only identities from authoritative sources but also technical identities and workgroups, which are also presented as entities within IIQ. Therefore, this plugin can assist customers who want to have an organizational chart within their IAM solution, or those who wish to combine an organizational chart that includes both authoritative sources and built-in IIQ objects, such as technical identities and workgroups.
The plugin provides below features:
- Display an Org-Chart based on the provided identity.
- Display details of the select identity.
Requirements
To build the plugin repository, the environment shall follow below setup:
- Windows OS
- Ant
- IIQ Package
- Node.js
Configure attribute iiq.home under build.properties to your IIQ_HOME.
Guide
Configuration
- Level of Managers to be displayed: the initial load of manager hierarchy to be loaded. (e.g.
3) - Display Identity Attributes: Display Attributes on the Identity Card defined in CSV format. Maximum 3 attributes can be configured, additional will be ignored. (e.g.
department,jobtitle,email) - Display Identity Detail Attributes: Display Attributes on the Identity Details view defined in CSV format. (e.g.
department,jobtitle,email,firstname,lastname) - Display Workgroup Attributes: Display Attributes on the Workgroup Card defined in CSV format. Maximum 3 attributes can be configured, additional will be ignored. (e.g.
description,email) - Icon Image Identity Attribute: Identity Attribute which stores the Icon Image in Base64 format.
- Color Code Setting: Define color code per identity type and workgroup. In json format. (e.g.
{"employee":"#FAA403","contractor":"#8A03FA","workgroup":"#FA0B03","partner":"#03FA1D"}) - Connection Rule: Rule to calculate the connection between each node. An extra link will be displayed base on the rule result.
Sample Connection Rule
import sailpoint.object.*;
import sailpoint.tools.*;
List connections = new ArrayList();
// Expected: allNodeIds List<String>: all identity ids from current UI
for (String id : Util.safeIterable(allNodeIds)) {
Identity ident = context.getObjectById(Identity.class, id);
String forwardUserName = ident.getPreference(Identity.PRF_FORWARD);
if (Util.isNotNullOrEmpty(forwardUserName)) {
Identity forwardUser = context.getObjectByName(Identity.class, forwardUserName);
Map map = new HashMap();
map.put("from", id);
map.put("to", forwardUser.getId());
String label = "Forward to";
map.put("label", label);
connections.add(map);
}
}
return connections;
User Manual
Access Plugin Page
User is required to be granted with Capability Org Chart Plugin. User can then access plugin page via below interfaces:
- Menu > Intelligence > Organizational Chart
- Menu > Identity Warehouse > Select Identity > Link icon
- Quick Link Menu > View Identity > Selecte Identity > Link icon
Tour Guide
Upon the first usage of the plugin, use will then be prompted with a tour to guide on how to use the plugin. A preference attribute orgChartPluginGuideTourInactive will then be set on the session user’s identity to avoid future start of the guide tour.
Tour guide can start manually by clicking 
button on the page upper-right corner.
Search Identity
Once search and select the identity, an initial load of the Org Chart will be dislayed.
The Org Chart can be expanded dynamically by cliking any node.
More details of the select identity can be displayed by click the Details button.
Click the Show Connections button will display addition connection conculated by the Connection Rule.
FAQ
-
Q: What relation is used to build up the relation between each node?
A: For identity manager field is used as the relation key, and for workgroup owner field is used. There is also possibility to make such relation configurable. But for now just hard-coded as described. -
Q: Can we display all employees under two division?
A: The plugin has a limitation that it can only have a single root node in the chart. Therefore, regardless of how how many departments or divisions, if we want to display two head of units (two root node) in a single chart. This won’t work. -
Q: How to populate user Avatar icon?
A: Ideally we shall be able to display with a image url. But fow now, for PoC purpose, I simply display an image stored in Base64 format under an Identity Attribute. -
Q: What technology is in used in the plugin?
A: The plugin frontend is based on Angular, while in future, I may also consider to move to React framework. Or even have a branch for ISC integration.
Resources
This plugin is also presented in SailPoint Developers Day 2023, if you would like to know more please reference: Plugin Development: Frontend Solution with Typescript/Angular
Feedback
Any bug report, issue, question or feature enhancement are all welcome. Please leave comment, or contact me directly on Developer Community private message.
Appreciation
The idea for the plugin was inspired by KOGIT GmbH as an initial innovation to explore and showcase the visualization capabilities of the Plugin Framework in IdentityIQ. I appreciate the opportunity provided by KOGIT GmbH to publish this plugin on SailPoint Colab.
