ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Identity Portal Risk configuration does not allow to add/remove roles
Article ID: 186037
CA Identity ManagerCA Identity GovernanceCA Identity PortalCA Identity Suite
When the Risk Configuration from the Identity Portal Risk is set up, it does not allow to Add/Remove Roles even when the roles are different.
This is a limitation to the product, the add operation has to happen first to stop the accidental delete then recreate an account.
Identity Portal 14.x (Virtual Appliance and Standalone)
A possible workaround is to set up a custom attribute that is evaluated based on value. When they have that value upon a modify a PX Policy will trigger. The PX Policy will manage the roles that the user has. Once this is done then setup the risk to evaluate the value of the attribute.