To create an application instance certification definition:
Log in to Oracle Identity Self Service.
Click the Compliance tab.
Click the Identity Certification box, and select Definition. The Certification Definitions page is displayed.
From the Actions menu, select Create. Alternatively, click Create on the toolbar. The General Details page of the New Certification wizard is displayed.
Enter values as follows:
Name: Enter a name for the certification.
Type: Select Application Instance to create an application instance certification definition.
Description: Optionally enter a description for the new application instance certification definition.
Click Next. The Base Selection page of the New Certification wizard is displayed.
In the Base Selection section of the page, select an application instance selection strategy from the list, as shown:
All Application Instances: Selects all application instances in Oracle Identity Manager.
Selected application instances only: Allows you to manually select the application instances. Click Add to search and select the application instances. To remove any selected application instance, click Remove.
Select any one of the following options to specify constraints:
Application Instances with Any Level of Risk
Only High Risk Application Instances
Click Next. The Content Selection page is displayed.
Select any one of the following:
Accounts of Users from All Organizations: Selects the accounts of users from all organizations in Oracle Identity Manager.
Accounts of Users from Selected Organizations: Allows you to manually select the organizations whose user accounts will be certified.
Accounts of All Users: Selects the accounts of all users in Oracle Identity Manager.
Accounts of Selected Users: Allows you to manually select the users whose accounts will be certified.
Click Next. The Configuration page is displayed.
Select the configuration options, as described in Table 13-1, "Configuration Properties", and click Next. The Reviewers page is displayed.
From the Reviewer list, select a primary reviewer. The primary reviewer can be application instance certifier, user manager, application instance certifier, organization certifier, or any other user that you select.
Click Next. The Incremental page is displayed.
Select Enabled for Generate Incremental Data. This setting enables certifiers to certify or revoke only changes or inclusions made to a certification. It eliminates the need to review the access of users who have been certified.
When Incremental Certification is enabled, it takes the following parameters:
Incremental Date Range (required): This includes:
Since Last Base (default): When this option is selected, current access of the user is compared against the last certification of the same type, which was created without enabling incremental and all the incremental certifications since then, to the current date when the certification is created.
Since Date: When this option is selected, current access of the user is compared against all the certifications of the same type since the given date and when the certification is created.
Show Previous Value (optional): This includes:
Disabled (default): When this is deselected, then the values that have already appeared in the previous certifications based on the Incremental Date Range parameter are not included in the certification.
Enabled: When this is selected, all the current values that existed in previous certifications are displayed with the last decisions taken for those access.
Click Next. The Summary page is displayed with the details of the user certification.
Click Create. A message is displayed asking if you want to create a certification job based on the definition and run it now. You can edit the job name, and click Yes to run the certification job.
Alternatively, click No to create a certification definition without creating and running the scheduled job. With this option, you must manually create a certification job later.
The new application instance certification definition is displayed in the Certification Definition page.