Managing identities and their permissions is important for the companies. Along with performing specific operations, companies also would like to have details/reports on top of the identity management data. These reports could cover the current state of assigned privileges, for example, or what was the situation last year. Some of the requirements for such reports are common to the different companies, but it is also true that there are company specifics. By creating reports on identity management data, companies could do some analyses and if needed execute proper actions.
In the following article we’ll create, modify and extend an analytical report. For this purpose we’ll get the SAP IdM data and via SAP Lumira we’ll create nice looking reports, share them with colleagues and add options to filter/drill-down into the report so that we could discover the information that is important for us. The described approach is applicable to any IdM version and all supported DBs.
Here are the technical details of our configuration:
- Installed, configured and operational instance of SAP Identity Management 7.2 SP9, which is used to manage identities in a multinational company. As DB for this IdM instance we’ll use MS SQL Server and we have created user with proper select permissions for this DB
- Installed SAP Lumira Desktop, an MS Windows application that will be used for building the analytical report
- Created account in SAP Lumira Cloud, an environment that will be used to publish and after that access the analytical report
We’ll go through:
- Part 1: Create initial version of IdM report via SAP Lumira
- Part 2: Modify initial version of IdM report created via SAP Lumira
- Part 3: Combine information from several DataSets in IdM report created via SAP Lumira
- Part 4: Combine multiple visualizations in IdM report created via SAP Lumira
- Part 5: Provide filtering in IdM report created via SAP Lumira
As a result we’ll create a sample analytical report that combines several information sets inside and provides filtering capabilities. The report is easily accessible and could be used for a daily business. In our case the report is almost real-time – the data could be refreshed based on time schedule or on demand. Last but not least, a similar report could be created on top of any SAP IdM version if you use the public APIs (DB views) that are exposed, the same way we did it here.
Additional information and options for IdM reporting could be found in:
ℹ Recent change in the license policy regarding SAP Identity Management and SAP Lumira integration. Licensee is allowed to use up to 10 of the embedded SAP Lumira Desktop Users Licenses regardless of the number of Identity Management licenses purchased.