Identity Expiration
Note
Required fields are indicated with a red Asterisk.
Enabling Identity Expiration allows an administrator to configure specific types of Identities (for example Non-Employee Contractors) to expire automatically, a specified number of days after they were added into the system.
To access the Identity Expiration Details configuration tab, the toggle switch must be set to the ON position.
To configure an Identity Expiration, click the New button.
Select an Identity Type (Employee or Non-Employee).
Select an Identity Category (e.g. “Contractor).
Enter the number of days after which the Identity will expire. The default is 180 days.
If Enforce the number of expiration days is checked, users will only be able to leave the Expiration Date as-is or extend the Expiration Date up to the number of days configured in the relevant Identity Expiration detail (180 days in this case). If Enforce the number of expiration days is NOT checked, users will also have the option to remove the Expiration Date entirely.
Click the Save button to apply the settings.
Used in conjunction with Notifications allows for specific types of identities to expire automatically, and for various users to receive a notification prior to the expiration. The following use case shows an example of how Identity Expirations can be used:
Employees are added into the system and do not expire.
Non-employee Contractors are configured to expire 180 days after they are added into the system.
Notifications are configured to be emailed to the Identity’s manager prior to the expiration.
A new contractor is added into the system. The expiration date is set automatically for 180 days from today.
Prior to the expiration, the contractor’s Identity Manager (and Manager Delegate, if configured) receives multiple emails notifying them of the upcoming expiration. The manager is able to log into IDM and extend the expiration date up to another 180 days from the current date.
