- SAP IDM Tutorial
- SAP IDM - Home
- SAP IDM - Introduction
- SAP IDM - Architecture
- SAP IDM - Installation
- SAP IDM - Developer Studio
- SAP IDM - Setting up the Framework
- SAP IDM - Repository Types
- SAP IDM - Using Identity Stores
- SAP IDM - Identity Center Properties
- SAP IDM - Maintaining Packages
- SAP IDM - Using Processes
- SAP IDM - Identity Store Forms
- SAP IDM - Maintaining Jobs
- SAP IDM - Self Service Password Reset
- SAP IDM - Setting Email Notifications
- Connecting SAP ABAP Systems
- Connecting non-SAP Systems
- Identity Reporting using SAP BW
- SAP IDM - Integration using GRC 10.0
- SAP IDM - Migration to New Version
- SAP IDM - Job Responsibilities
- SAP IDM Useful Resources
- SAP IDM - Quick Guide
- SAP IDM - Useful Resources
- SAP IDM - Discussion
SAP IDM - Using Identity Stores
In SAP IDM, information stored in Identity stores are used in provisioning framework and this provides a centralize repository for managing identity related information like Dept, Emp name, Groups, BU, etc. Identity store also provides extensive audit trail and tracking functionality to monitor attributes which can be changed.
Usually an Identity store is connected to identity management user interface in SAP NetWeaver AS for Java and each Java installation can only connect to one identity store. There are number of system attributes added in the system when an identity store is created. There is an identifier- MSKEYVALUE which stores unique identifier in Identity store across all entry types.
In Identity Management, you use entry type to define an entry property such as allowed and mandatory attributes.
Note − MSKEY number is unique across in an identity center across all identity stores.
Managing Entry types in Identity store
Usually it is not recommended to delete entry types in an identity store as they are required for audit trail and tracking purpose. You can mark it as inactive or use a state field to mark the status of that entry type.
Ex − An employee can join back a company later and in that can it simplifies the process if the same entry type can be used for that employee.
