Provisioning workflow
Provisioning in HelloID automates your organization’s user account lifecycle by taking personnel data from one or more source systems and translating it into entitlements in your target systems - accounts, account access, group memberships, and other permissions (custom entitlements). It uses a defined workflow to ensure accounts and access rights are kept up to date based on your business rules.
HelloID performs a Source import of your Source systems, importing their raw personnel data.
The latest imports from each source system are combined into a Source snapshot. This snapshot represents the most recent authoritative view of all imported source data.
A source snapshot is the process during which Persons are calculated and put into production.
The raw person and contract data are mapped to Person objects in HelloID. These are the intermediary objects which "bridge" data from source to target systems.
Optional: If configured, Person aggregation merges duplicate persons or generates merge suggestions.
During an Evaluation, your Business rules are applied to the data. Business rules define which Entitlements persons should receive in Target systems, and under what conditions.
Evaluation does not change the target systems; it determines what actions would be needed to reach the desired state:
Which accounts need to be created, updated, or removed
Who should be granted or denied access to their account
Which group memberships or permissions need to be granted or revoked
Finally, an Enforcement carries out the actions determined by evaluation. Enforcement writes the actual changes into your target systems.
This whole flow can run automatically on a schedule using Schedules, and trigger Notifications when needed.
However, each step in this flow can also be taken manually: