Identity Expiration

IDM > Configuration > Identity Expiration:

Enabling Identity Expiration allows an administrator to configure specific types of Identities (for example Non-Employee Contractors) to expire automatically, a specified number of days after they were added into the system.

  • To configure an Identity Expiration, click “New”.

  • Select an Identity Type (Employee or Non-Employee).

  • Select an Identity Category (e.g. “Contractor).

  • Enter the number of days after which the Identity will expire. The default is 180 days.

  • If “Enforce the number of expiration days” is checked, users will only be able to extend the expiration date a maximum of another 180 days (if the default expiration is used).

Used in conjunction with “Notifications” allows for specific types of Identities to expire automatically, and for various users to receive a notification prior to the expiration. The following use case shows an example of how Identity Expirations can be used:

  • Employees are added into the system and do not expire.

  • Non-employee Contractors are configured to expire 180 days after they are added into the system.

  • Notifications are configured to be emailed to the Identity’s manager prior to the expiration.

  • A new contractor is added into the system. The expiration date is set automatically for 180 days from today.

  • Prior to the expiration, the contractor’s manager receives multiple emails notifying them of the upcoming expiration. The manager is able to log into IDM and extend the expiration date up to another 180 days from the current date.