Delegations
The People module's Delegations interface allows administrators to manage the default and custom delegation settings. To access this menu, click Settings in the People module and choose Delegations.
Note
This menu allows you to modify profiles as well as delegations.
A Profile represents a collection of attributes about a particular identity (user) such as name, role, and contact information, etc. A Delegation is a logical grouping of profiles based on roles and/or attributes.
 |
This interface replaces the Delegation Definition Manager in the legacy user interface. With the settings configured in this module, users with direct reports are able to assist with self-service options such as changing a password or resetting authentication variables.
 |
Selecting a delegation enables the Delete and Clone action in the footer.
To clone a delegation, select the checkbox and click Clone. The Delegations interface will refresh and display the new delegation with the word copy and a timestamp appended to the Delegation name.
 |
Clicking Delete opens the right sidebar to require confirmation before deleting the delegation. To delete the Delegation, click Yes in the right sidebar.
 |
A successful deletion deletes the delegation immediately and displays a green notification alert.
Using the cursor to hover over the Delegations table displays up and down arrows to order the delegations to display to users and a Details button to edit the delegation.
 |
Edit a Delegation
The Delegations menu allows administrators to perform the following actions:
Modify the existing system delegations (General tab)
Add or modify attributes to the delegations for that profile (General tab - Enable ABAC option)
Determine which People Actions that managers, team leads, or users should have access to for each delegation (Actions tab)
To access the Delegations configurations menu, click the Settings cog at the bottom left of the People module and select Delegations.
To edit a Delegation, hover your mouse over the right column of the profile or delegation to be modified and click Details.
 |
General Tab
The General tab of the Edit Delegation menu has multiple configuration options.
 |
 |
Field | Description |
|---|---|
ID | A system-generated string associated with the delegation once it has been created |
Enabled | Enable the delegation for use |
Type | Choose MY or CUSTOM.
|
Name | Provide a clear name for the delegation |
Description | Provide an optional description |
Edit Profile Message | Provide a notification to the user or delegated administrator when editing an account |
Preload All Results | Check to ensure all members of the delegation are visible when viewing the delegation list. If this is not checked, users will have to do a search to view any results |
Enable Proxy As | Enable the Proxy As feature for users within this delegation who have direct reports |
Enable ABAC | Enable attribute-based filtering for this delegation. If chosen, you will be required to provide the attribute defining who can view the delegation |
Source Base DN | The base location to begin searching for the objects that are able to use this delegation. Note that sub-trees are searched as well |
Source Attribute ACL | The specific objects that may use this delegation |
Enable Appliance Roles | Enable role-based filtering for this delegation. If chosen, provide the source role(s) and further attributes defining who can view the delegation. Anyone who has access to the source roles can see the delegation |
Edit Attributes
At the bottom of the General Tab for Delegations is the Attributes button, which leads to the Edit Attributes menu. This menu has two tabs: Attribute Map and Layout.
Attribute Map
The Attribute Map tab provides the ability to define which attributes about the users in the delegation are visible in list or detailed view and whether the attributes are editable by the user. After clicking Attributes on the General Tab, click Add Another Attribute on the following menu.
 |
The Create Attribute menu provides several options for administrators to configure attributes associated with the selected Delegation.
 |
Field | Description |
|---|---|
Attribute | Select an attribute from the drop-down list. All searchable attributes listed in the GAL should be visible here |
Display Name | This field will auto-populate when an attribute is selected from the list. If desired, it can be changed here |
Allow Editing | Clicking this checkbox will allow users within the delegation to edit their value for this attribute. This also allows admins to edit this value from within the delegation |
Required | Only visible if Allow Editing has been selected. Clicking this checkbox will force users to keep a valid value for this attribute (it cannot be blank) NoteThe rest of the form cannot be saved if this field is not populated and set as |
Show in List | Clicking this checkbox will ensure that this attribute is shown in the workspace when the delegation has been selected from the left menu |
Show in Details | Clicking this checkbox will ensure that this attribute is displayed in the profile details for each user within the selected delegation |
Layout
The Layout tab determines what the sidebar looks like when viewing panels. To do this, the menu options control the order of the chosen attributes displayed in the user profile for each user in the Delegation. Each of the Attributes selected and defined on the Attribute Map page will be available in a drop-down field. Choose which attribute will come first, second, third, etc.
 |
Once the attributes have been defined and ordered, click Update and then Save. The attributes will now be listed and visible in the order defined on the Layout tab when viewing the Grid view of the People's module Profiles menu.
 |
Actions Tab
Through the Actions tab, administrators can define which actions users will be able to perform for themselves instead of contacting Support. These actions are specific to the MY type delegation. Simply click the drop-down list and choose the actions that users will be encouraged to use through the Self Service Interface.
People Actions
The People module supports delegating actions to users and roles. For example, it is possible to allow users the ability to reset another user's password or challenge questions. Delegating this privilege can expedite access and relieve the IT ticket log.
The People Actions Buttons available to users and their delegations depends on how each delegation is configured. Typically, however, these options will show up in the action bar at the bottom of the screen when a user has been selected. The width of the browser window will dictate how many of the options are visible at any one time out of the options assigned to the applicable delegation.
 |
The actions that do not fit on the screen at its present width can be accessed by clicking the expansion kabob (three vertical dots); these will show in a resulting window.
 |
The available People Actions Buttons are summarized in the following table and illustrated in the Self-Service section.
Action Button | Description |
|---|---|
Edit Profile | Administrators can allow users to update certain fields in their RapidIdentity Portal Profile. One advantage is to allow users to update their mobile number or to include an alternate Email address that can be used to facilitate communication. Changes saved are automatically updated in the organization's directory service. |
Change Password | Change Password allows for self-service password reset functionality. When selected, a dialogue box appears directing the user to comply with the organization's password policy requirements. The password policy requirements are set by RapidIdentity Portal Administrators and can exceed the requirements of other applications within the IT environment. |
Reset Challenge Responses | Reset Challenge Responses is a self-service feature built into the RapidIdentity Portal Profiles Module allowing users to update their responses to challenge questions required to reset their passwords. Depending on how the RapidIdentity Portal Administrator has defined this action, it may be necessary to answer a minimum number of the possible questions shown. It is also possible for administrators to allow users to define their own challenge questions and answers; if this option is available, click the green plus sign and then enter a unique question and answer; to discard this action, click the Minus icon (not shown). |
Enable | Enable allows users to enable the accounts of their direct reports. |
Disable | Disable allows users to disable the accounts of their direct reports. |
Unlock | Unlock allows users to unlock the accounts of their direct reports. |
Export | Export allows users to export the account information that they have access to within the People module. |
Print allows users to print the account information that they have access to within the People module. | |
Generate QR Code (Secure or Insecure) | QR Code allows users to print their Secure or Insecure QR Code, allows managers to print QR codes for their direct reports, and allows help desk members to print QR codes of any user. Secure QR Codes integrate the user's username and password, and those users are not required to enter this information to authenticate. Insecure QR Codes integrate the user's username only. |
Reset TOTP | Reset TOTP resets the TOTP keys. |
Reset Pictograph | Reset Pictograph resets the pictograph image pool used for authentication. |
Delete FIDO | Users with a registered FIDO device can delete (i.e. dissociate) the FIDO device from their profile by clicking Delete FIDO and then clicking Yes to confirm. |
Manage FIDO | Manage FIDO provides information about a registered FIDO device and allows FIDO users to rename their device. |
Profiles Delegations
There are four default Profiles delegations.
My Profile
Team Profiles
Other Profiles
Whitepages
Additional delegations are available by cloning an existing delegation or choosing to Add Delegation.