We are using the Targeted Certification to handle our Transfer Certification (New manager certifies an ID should continue to have access) process. Currently, when a certification is created if the ID being certified has multiple accounts (Primary and Secondary) the entitlements are the only thing that displays the Primary or Secondary Account information.
Example —- (look at the Account Name)
First Name
Last Name
Type
Display Name
Description
Application
Account Name
Identity
Business Application Name
Privileged Entitlement
Jane
Doe
Entitlement
Entitlement 1
Entitlement 1 Description
Windows
def1234
Jane Doe
John
Doe
Entitlement
Entitlement 2
Entitlement 2 Description
Windows
abc1234
John Doe
We would like to see this same behavior for the Roles area of the certification. Are there any configurations to allow for this to happen?
I believe account name would not show on the main page of the certification for the roles but the account name is available for review by clicking the 3 bars located on right end as shown below:
We cannot populate account name by default as Roles are associated directly to Identity rather than an application account. However you can see the role, entitlement and account details in the certification.
I knew that the Account Name was available on the 3 dots…. but if you can see that information there, it should be available to display on the main area of the Certification too. Most if not all users completing the certification are going to miss those details since it is not on the main page.
You can create an Certification Extended attribute, populate it with account name and can show it in main page of certification. You have to also add that attribute in UI config of certifications page
