Data Preparation
Once you have deployed Autonomous Identity, you can prepare your dataset into a format that meets the schema.
The initial step is to obtain the data as agreed upon between ForgeRock and your company. The files contain a subset of user attributes from the HR database and entitlement metadata required for the analysis. Only the attributes necessary for analysis are used.
There are a number of steps that must be carried out before your production entitlement data is input into Autonomous Identity. The summary of these steps are outlined below:
Data Collection
Typically, the raw client data is not in a form that meets the Autonomous Identity schema. For example, a unique user identifier can have multiple names, such as user_id
, account_id
, user_key
, or key
. Similarly, entitlement columns can have several names, such as access_point
, privilege_name
, or entitlement
.
To get the correct format, here are some general rules:
-
Submit the raw client data in
.csv
file format. The data can be in a single file or multiple files. Data includes application attributes, entitlement assignments, entitlements decriptions, and identities data. -
Duplicate values should be removed.
-
Add optional columns for additional training attributes, for example,
MANAGERS_MANAGER
andMANAGER_FLAG
. You can add these additional attributes to the schema using the Autonomous Identity UI. For more information, refer to Set Entity Definitions. -
Make a note of those attributes that differ from the Autonomous Identity schema, which is presented below. This is crucial for setting up your attribute mappings. For more information, refer to Set Attribute Mappings.
CSV Files and Schema
The required attributes for the schema are as follows:
Files | Schema |
---|---|
applications.csv |
This file depends on the attributes that the client wants to include. Here are some required columns:
|
assignments.csv |
|
entitlements.csv |
|
identities.csv |
|