I have decided to present our custom extension for the standard IdM Password Change UI:
As well, all of the systems can be selected by default and if we change the password in all of them, we can monitor the change process from the UI:
Here are some of the standard IdM Password Change limitations:
- doesn’t support dynamic account generation based on the user access
- not possible to select just one or two of the available systems
- not possible to have a password provisioning status update
- mobile version – not supported
- not very user friendly UI
So we have decided to create a custom solution using SAPUI5. Our UI dynamically generates the available systems based on the logged user information and allows to select only the systems you want for password change. As well, we have added a progress status and system status, so in case the password provisioning fails in IdM/back-end you will have UI error state for the failed systems. The users can also log in from a mobile phone/tablet and change their password from there.
For a similar solution you will need IdM&SAPUI5 knowledge and additional IdM development for the UI REST calls and the password provisioning logic.
In IdM you have to create 2/3 UI tasks responsible for the user data display and for the GET/POST calls to IdM, additional entry type is needed. Depends on the customer needs, you have to create additional attributes responsible for the status update and the system provisioning. For the back-end systems you will have to create a custom password change task instead of the standard one.