US English (US)
FR French
DE German
PL Polish
SE Swedish
FI Finnish

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

English (US)
US English (US)
FR French
DE German
PL Polish
SE Swedish
FI Finnish
  • Log in
  • Home
  • Identity Governance and Administration (IGA)
  • IGA solution library
  • Processes and use cases
  • Use case library
  • Access right management

Manage IGA Solution Users

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Service Management
    Matrix42 Professional Solution Matrix42 Core Solution Enterprise Service Management Matrix42 Intelligence
  • Identity Governance and Administration (IGA)
    IGA overview IGA solution library
  • Platform
    ESM ESS2 ESS Efecte Chat for Service Management Integrations Add-ons
  • Release Notes for M42 Professional, IGA, Conversational AI
    2026.1 2025.3 2025.2 2025.1 2024.2 2024.1 2023.4 2023.3 2023.2 2023.1 2022.4 2022.3 Release Information and Policies
  • Other Material
    Terms & Documentation Guidelines Accessibility Statements
  • Services
+ More
    • Service Management

    • Identity Governance and Administration (IGA)

    • Platform

    • Release Notes for M42 Professional, IGA, Conversational AI

    • Other Material

    • Services

Manage IGA Solution Users

Manage IGA solution Users

 

IGA Solution includes ready-made user groups and responsibilities, which are taking into use based on selected IGA package.


 

Use Case Description


This use case is needed in all IGA packages, but IGA solutions user groups and responsibilities varies according to the selected package.



Description

Overview

This use case describes IGA solutions users can managed. 

IGA solution user can be

1. Self-Service Portal users (user, Manager, Approver etc.)

2. IGA solution user (IGA Admin, IGA Owner etc.)

Operators

IGA solution
IGA Admin

Customers directory (recommended)

Prerequisites

IGA solutions users are managed similar way than other user accounts and accesses are managed in the Customers directory. 

1. This means that user needs to have user account in the directory

2. IGA solutions access are created as groups to the directory and read to IGA Entitlement datacards

Result

Customers users are able to access Self-Service Portal and in IGA solution (Matrix42 Service Management platform) functionalities. Users have accesses as defined in IGA Solutions user groups section. 

Operating chain for accessing IGA solution

  1. All users who will be using Self-Service Portal or IGA solution (Matrix42 Service Management platform) needs have user account in the directory

  2. All groups, which are used for accesses Self-Service Portal or IGA solution (Matrix42 Service Management platform) needs to be created to the directory

    • It is recommended that also Matrix42 Consultants using Customers Matrix42 solution, are created to the directory and accesses are managed by using same process

  3. User accounts and groups are read from the directory

    • User accounts are read to IGA Account datacard

    • Groups are read to IGA Entitlement datacard

  4. Based on user account and group memberships, IGA solution grants accesses to different user groups

    • IGA Entitlements needs to be related to Person datacard

  5. Depending on which package Customer is using,

    • Group membership connections can be created automatically by using IGA Automated Rules** (IGA Growth and Enterprise)

    • Group membership connections can be created straight to Customers directory (all packages)

    • Group membership connections can be multi-edited in IGA solution and automatically provisioned to the directory (all packages)

  6. User accesses to IGA solution can be managed, reported and audited by using same use cases that are used for managing any other accesses

    • IGA Admin can manage IGA solution accesses, approvals etc. like described in Manage Entitlements use case

    • IGA Admin can create IGA Automated Rules** for granting accesses automatically based on users organizational unit, title or Cost Center.

    • Users can use "Request Accesses" service from Self-Service Portal

    • Managers can use "On-board New User or Request Access for Subordinate" services from Self-Service Portal

    • IGA Admin can create re-certification** request regarding IGA solution accesses

    • IGA Admin can report and audit IGA solution accesses by using IGA solutions reporting tools

    • Users accesses to IGA solution are managed according to Manage User Lifecycle** use case

    • IGA solutions admin level accesses can be managed as privilege accesses***
Operating chain for managing IGA solutions responsibilities
  1. Responsibilities are managed inside of the IGA solution

  2. IGA Admin can manage Approvers in IGA Entitlement, IGA Business Role*, IGA Re-certification** and IGA Set Account Information* datacards

  3. Support group member are managed in xxx

    • Support group members can also be managed by using directory groups

  4. Users IGA responsibilities can be managed as a part of other use cases, 

    • IGA Admin can report and audit IGA solution accesses by using IGA solutions reporting tools

    • Users accesses to IGA solution are managed according to Manage User Lifecycle** use case

    • User can delegate approval responsibilities to substitute 

Related datacards

IGA Entitlement
IGA Access Right Record
IGA Account

 

Delete

IGA Solutions User Groups & Responsibilities

 

In this section are described different user groups and their accesses to different services and functionalities. 

 

1. User groups

Entitlement (directory group) IGA user group description

Efecte_ESS_User
Efecte_test_ESS_User

IGA User

Can access to Matrix42 Self-Service Portal and may request access rights or roles for him-/herself. User may also request access right removal.

When user sign into this role, it will show as an Entitlement.

Efecte_ESS_Manager

Efecte_test_ESS_Manager

IGA Manager

Can access to Matrix42 Self-Service Portal and may request adding or removing access rights for him-/herself or subordinates. Endorses / rejects subordinate access right requests.

**Manager can re-certificate and request active access right removal for subordinates.

**Manager can request for urgent lock for user accounts and access rights.

*Manager can add new user or update information for existing users through Self-Service Portal

User can have only one Manager. 

When user is signed in this role, it will show as an active Entitlement.  

Efecte_IGA_Starter_Admin

Efecte_IGA_Growth_Admin

Efecte_IGA_Enterprise_Admin

Efecte_test_IGA_Starter_Admin

Efecte_test_IGA_Growth_Admin

Efecte_test_IGA_Enterprise_Admin

IGA Admin

Can access to all datacards related to IGA solution and can manage datacards which allows manual changes. With this access IGA Admin can perform all daily tasks and maintenance according to IGA packages. 

IGA Admin does not have any access to the Matrix42 Service Management -platforms configuration, but they can manage info text's, logo, colors etc. in Matrix42 Self Service Portals admin site. 

Notice! To get this access, IGA Admin training is mandatory for user.

When user is signed in this IGA Entitlement, it will show as an active Entitlement and can be managed as any of the IGA Entitlements.  

Efecte_IGA_Starter_Module_Admin

Efecte_IGA_Growth_Module_Admin

Efecte_IGA_Enterprise_Module_Admin

Efecte_test_IGA_Starter_Module_Admin

Efecte_test_IGA_Growth_Module_Admin

Efecte_test_IGA_Enterprise_Module_Admin

IGA Module Admin**

As an IGA Module Admin, user get's same access that IGA Admins and they can manage IGA configuration, provisioning tasks, workflows and has most powerful access rights to Matrix42 Service Management -platform, Self-Service Portal and to IGA solution. 

Notice! To get this access, Efecte's Advanced training's are mandatory for user. 

When user is signed in this IGA Entitlement, it will show as an active Entitlement and can be managed as any of the IGA Entitlements.  

IGA Owner

Efecte_IGA_Owner
Efecte_test_IGA_Owner

IGA Owner

Can see owner view in IGA Admin console, can start re-certification and manage access rights, roles assigned to her/him.

IGA Security Manager
Efecte_IGA_Security
Efecte_test_IGA_Security
IGA Security Manager
Can access to risk levels, approves security clearances, IGA admin functionalities and has access to report and audit all information founded in IGA solution.
IGA Password Manager
Efecte_IGA_Password
Efecte_test_IGA_Password
IGA Password Manager
Can access to change password to others service in Self-Service Portal and can change passwords to all other users.


2. Responsibilities

Responsibility Description
Approvers Access right requests, re-certification requests**, reconciliation requests** and IGA Admin actions are approved according to approval levels and Approvers set in the datacards. 

Approvers can access only to Matrix42 Self-Service Portal.
Support groups Users who belongs to support group can manage, report and see requests pointed to the support group. Support group members are managed inside IGA solution, or directory groups can be used for defining support group members.

Notice, that support group members are using IGA solution (Matrix42 Service Management -platform), so all users needs to have license. 
Application admin for manual provisioning Access right requests, which IGA Entitlements provisioning type is manual, can be sent via email to application admins, for manual actions to add accesses to the user. 
Application admin needs to answer to the email, so that IGA Admin Task is closed.
Application admins for manual provisioning are managed in IGA Entitlement datacards.


Delete

Configuration Changes

 

Customer can define these configuration changes, without them affecting the projects schedule or work estimations. 

 

1. Directory group names

Customer can define own names for the needed groups.

 

2. Availability for services in Self-Service Portal

Customer can define which services are available for pre-defined user groups. 

 

Delete

Expansion Possibilities

 

In this chapter are listed expansion possibilities, but please notice that these might have affect to the projects schedule and work estimations, so these will always needs Matrix42 Consultants review before agreeing on implementation.

 

1. New Matrix42 Self-Service Portal Users

Customer can define new user groups to be allowed access to Matrix42 Self-Service and which services are available for the new user group. 

 

2. New IGA Solution Users

Customer can define new user groups to be allowed access to IGA solution, please notice that this may also affect on licenses. These users can be for example application owners. 


3. Modify existing role accesses

Customer can define, that for example IGA user can access to more services in Self-Service Portal or other changes to role access levels. 


4. Use local users instead of directory users

Customer can define that only local users founded in IGA solution, can access to its services and functionalities. 

Delete

Relations & configuration instructions


Relations to other use cases, 

​

Relations to other data cards, 

IGA Entitlement
IGA Access Right Record
IGA Account

Configuration instructions,

  1. Check that needed User groups are created to directory and imported to ESM
    1. IGA Entitlement data cards
    2. EPE task Reading Data from [Directory]
  2. Check tha needed Test users are created to directory and imported to ESM
    1. IGA Account data cards
    2. EPE task Reading Data from [Directory]
  3. Change ESM servlet settings (platform settings) to point right groups
    1. servlet.auth.admin.ad.group
    2. servlet.auth.user.ad.group
  4. Change ESS groups to point right groups
    1. ESS Admin site and tab Roles check IGA for Managers and IGA for Users
Delete


 

iga solutions user management

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • Re-certification
  • Identify Users & Accounts

Copyright 2026 – Matrix42 Professional.

Matrix42 homepage


Knowledge Base Software powered by Helpjuice

0
0
Expand