Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


As a part of the normal business process for students assisting faculty, Stephen will be hired as a research assistant in the HR system. Stephen will appear to be a new person to the HR person, so it will send a message to midPoint to create Stephen in the registry. The registry discovers Stephen already exists by running its search match process, and updates the registry with the HR system identifier. An updated person message is sent out by the registry, prompting Grouper to retrieve information about Stephens employee status and department and adds Stephen to basis groups resulting in an employee affiliation. Midpoint receives a message about the employee group affiliation and adds the employee role to Stephen.

After two semesters, Stephen decided to stop working to focus on studying, the HR system marked Stephen as terminated. A message from the HR system about the termination is sent to midPoint which marks Stephen as inactive for the HR resource and published an updated person message. Grouper retrieves this message, and processes changes to basis groups resulting in the loss of employee affiliation. A message about this change is picked up by midPoint, which removes the employee role from Stephen.

Students will work through an integrated demo environment and learn how InCommon Trusted Access Platform components can work together to solve common IAM challenges.