Creating an identity template

2023-10-10Last updated

Before you can submit an identity request, you must create your identity templates.

Before you begin

What you should know

Only an account administrator can create an identity template.
Create identity templates to address the identity requests that your organization frequently encounters.
  • You can create identity templates with predefined role access to suit different requirements. For example, identity requests for different types of contractors, or identity requests for large groups of specific employees who require access to a specific site or building.
  • When an identity request is submitted using an identity template, the identity is added as a role member to the roles that apply to the template and inherits the associated role access.

Procedure

  1. Click Organization > Identity templates .
    Identity templates page in Genetec ClearID™ showing an empty identity templates list.
  2. Click Add identity template.
  3. In the Identity template section, complete the fields or configure the settings as required:
    Identity templates wizard in ClearID showing completed Identity template settings.
    Identity template name
    Enter a name that summarizes the type of identity requests that the template is intended for. For example, Electrical contractors.
    Description
    Enter a meaningful description that describes the purpose of your template. For example, Electrical contractors for HQ Main Building.
    Form type
    Standard is the default.
    Enabled
    Move the slider to the Enabled position for this template to be available for selection when requesting an identity. Enabled is the default.
    1. In the Web portal access section, configure the option that you require.
      Enable option for web portal access
      Select the check box if you want to display the web portal access option when requesting an identity.
      Note: When requesting multiple identities the availability of the web portal access option is dependent on your template configuration.
      • If your template does not include the web portal access option, the web portal access fields are ignored.
      • If your template does include the web portal access option, the web portal access fields are processed.
    2. In the Access control section, configure the options that you require.
      An expiry date is required
      Select the check box if you want to enforce an expiry date when creating identity requests.
      Enforce a maximum duration for the period of access
      Select the check box if you want to specify a maximum duration when creating identity requests.
      Limit the duration to nnn days
      Specify a maximum duration. For example, 365 days.
    3. Click Next.
  4. In the Permissions section, configure the settings or add roles as required:
    Identity templates wizard in ClearID showing blank Permissions settings including settings for roles and role access.
    1. In the Who can request this identity template? section, do one of the following:
    • If you want all users to be able to select this identity template, select the All users can request identities check box.
    • If you want to select specific roles, click Add role.
    Note: If you selected All users can request identities proceed to step 6.
  5. If you clicked Add role, search for or select one or more roles and click Add.
    NOTE: The roles that you add in the Who can request this identity template? section determine who can request identities using this template. For example, you might add a role, so that only Contractor managers can request identities. Another example could include buildings with tenants spaces, for that situation you might want to create Tenant managers.
  6. (Optional) In the What roles do you need? section, add the roles that you require.
    1. Click Add role.
    2. Search for or select one or more roles and click Add.
      Identity templates wizard in ClearID showing completed Permissions settings.
      Note: The roles that you add in the What roles do you need? section determine the access that the identity inherits when an identity is requested using this template. For example, an electrical contractor role could be setup with access to rooms containing electrical infrastructure.
    3. Click Next.
  7. In the Approval setting section, select the Identity request approval workflow that you require.
    Identity templates wizard in ClearID showing Identity Request Approval optionss.
    No approval required
    Automatically approved.
    Supervisor approval required
    Approved by the supervisor of the requester.
    Note: If the requester has no supervisor (or is a trusted requester) the supervisor approval step is bypassed.
    Identity approvers approval required
    If selected, identity approvers must be added.
    1. Click Add and choose either Add identities or Add roles.
    2. Complete the steps as prompted.
    Supervisor and identity approvers approval required
    If selected, supervisors are already associated with the identity, however the identity approvers must be added as described previously.
    Note: If the requester has no supervisor (or is a trusted requester) the supervisor approval step is bypassed.
    API approval
    API approval is only used when the identity request approval workflow is customized to handle requests from an external service.

    For example, Genetec ClearID™ LDAP Synchronization Agent, Genetec ClearID™ One Identity Synchronization Tool, or an API workflow for a plugin integration. In this situation, the request approvals are not shown in the ClearID user interface.

    Note: If a user creates an identity request using the ClearID web portal, that user will still see their requests in the My requests dashboard.
    Identity templates wizard in ClearID showing Approval setting with Supervisor approval specified.
  8. Click Finish.
Your template is now ready to be used.

Example

After you finish

Request an identity.