• INSERT Event Trigger Not Firing When Inserting via Script

    Hi everyone,

    Has anyone managed event triggers following an insert operation via script into a table?
    The issue is that when inserting an object into any table through a script, the INSERT event is not triggered. This happens because the operation is done…

  • Product visibility based on the role assigned to user

    Hello All,

    We are using One Identity Manager 9.2 version and use new Angular Web Portal.

    We are looking for the options to restrict the visibility of the certain products based on the specific roles assigned to identity. To explain in detail, below is…

  • change processes order

    Hello everyone,

    I created a process triggered by the insert in the table PersonInOrg. This process must update a value in the table PersonHasESet, in the record referred to the assignment of a system role inherited from the assignment of the business role…

  • My Processes section on Angular web portal

    Hello everyone,
    is it possible to hide the section "My Processes" on the Angular web portal?
    I'm on One Identity 9.2 on demand.
    Thank you,

  • Angular Web Not Showing Attestation and Business Role

    Hi all,

    I'm using the new angular web portal on the 9.2 version of One Identity Manager. I followed all the steps in the given link “support.oneidentity.com/.../3. Firstly, I downloaded the project from GitHub and then customized the project and built…

  • How to push/pull One Identity Manager logs to QRadar

    I am trying to pull/push one identity manager logs to QRadar using SEIM, there are below few queries related to same. 
    1. How we can get an API call for the OIM logs, which will help to pull the logs from QRadar

    2. Does OIM forward the logs to specific…

  • How to monitor administrative modification

    Hi everyone,

    I want to monitor admnistrative changes made, for example when someone changes a Process, a template on a table or something else.

    I know that for the import of change label I can monitor this operation with "DialogTag" table, but I want…

  • Force change password on LDAP account

    Hello everyone,

    We want to force to change password on ISAM LDAP account.

    I read that this can be done through "ShadowLastChange" parameter on LDAP accounts, but I don't see this parameter on Target System.

    Can you help me?



  • How to open link in a new browser window password reset portal

    Hi all,

    When I log in with the admin portal in configuration, I can enter the URL for the password reset portal. I want it to open in a new tab when I click on this URL, but it's not happening. Could you help me with this subject

    Best regards,

  • How Can We See Our Authorization as a List Instead of Hyperview

    Hi all,

    Our customer want to see on authorizations (ADGROUP, LDAPGROUP etc.) as a list or grid instead of hyperview. Is it possibble? Could you lead us for this subject?

    Best regards,

  • Is there any guide or whitepaper available on best practice for installation and architecture of Identity Manager?


    I am looking for any official documentation which has recommendation for One Identity Manager's architecture and hardware capacity estimation.

    Any input on this is greatly appreciated.


  • Web Portal How to change Product Name?

    Hi all,

    I cannot change the name of the product. I found how to change the logo from the admin portal, but I am unable to change the Productname. Could you assist me with this?

    Thank you,

  • Keep group membership after termination

    Hello experts,

    Can someone tell me if we can keep group membership of a group assigned by a business role after termination? We have the AD account deferred for 90 days after termination. 

    Thank you,


  • REST API Script - how to determine the authenticated user's username within 1IM Script?

    Would like to know API authenticated user account calling script function so that we can log which account is calling what API script with what parameters, and may be provide finer access control to the script functionality.

    Right now, I see just one…

  • Custom Application - Setting a role via UNSAccountBHasUNSGroupB - POSH4 Connector

    Hello Community, I need some help.

    I´m developing a Powershell Connector for a SaaS Service (1IM 9.1.1) and I want to use a bit more entitlements instead of hardcoded value calculations. I have schemas for User, Locations and Role. The locations are reflected…

  • Not able to Authenticate using Access token(in authentication header) for authentication to API server

    With the implementation of the API server, we want to expose our One Identity Manager capabilities via API's within our organization. In our test setup we successfully managed to authenticate to the authentication API using the oauthrolebased api, and…

  • Permisson to revoke account definition

    Hi everyone,

    we want to enable a role based permisson group to revoke the account definition of an ADs Account. 
    We already tried to assign the task permission to the permisson group but it didnt work. (1. User Interface -> 2. Task definitions -> 3. RevokeAccountDef…

  • Difficulty with cross-object value template

    Hello everyone,

    Could you please advice in creation of simple template for a column in Person table, where I'll use the value from ADSAccount table.

    I have tried the following within CustomProperty10 column of Person table:

    Value = $FK(UID_ADSAccount…

  • Lock down reporter in Webportal

    Hello, Does anyone have instructions or can lead me on how to lock down reporter? Here are some things we would like to consider doing.

    • Remove the "New Report" button
    • Hide tables to choose for reports
    • Hide columns to select in a table for …
  • Report for ADSAccountInADSGroup returns empty

    Hi Everybody,

    We are trying to create new report from Web Portal. While using the Base Table ADSAccountInADSGroup for the report it returns empty result. For other tables (for example ADSAccount, ADSGroup etc.) new reports are working correctly. 

  • Current user reference in template for visibility script

    Hello Experts, 

    Can anyone tell me if there is a way to reference the current user in a template? I need to add something in the visibility script to be true based on role.

    Any help is appreciated. 

    Thank you,


  • Question about OIM Data Import Issues

    Hello, when importing a CSV file in Data Import tool for person table, is there a way to split the full name field into two separate fields for last name and first name?

  • setting up an Angular development environment locally on my laptop.

    I'm currently working with OI Manager v.9.0 LTS and I'm trying to set up an Angular development environment locally on my laptop. 
    I have a question regarding cross-site cookie transmission in this Angular development environment. To enable…
  • SCIM: The request contains invalid parameters or values


    I am trying to connect to a Target System using oAuth authentication method via SCIM. We are using the version 9.0 LTS.

    We populate all the correct values and when we try to test the connection we get the below error message:

    Error returned:…

  • Caches management of Angular Web Portal

    Hello everyone,

    We are making a custom app for one of our solution from the Angular codebase v92. We are building using npm run build. But we see there is a caches that is not getting cleared when we have deployed the custom app. Can anyone of you please…