Skip to main content

EmpowerID Administrator Training Curriculum

Identity Governance and Administration Overview

→ Visit the full section

IGA Overview
Identity Lifecycle Management
Access Management and Governance
Single Sign-on and Federation
Compliance
Roles Based Access Control (RBAC)
Privileged Access Management (PAM)

Critical EmpowerID Concepts

→ Visit the full section

Modules/Licensing
Identities – Person, Account, Core Identity
Authentication
System Integration
Security Infrastructure
Workflows

EmpowerID System Architecture (hardware and application)

→ Visit the full section

Platform Architecture
EmpowerID Servers
EmpowerID Database
Server Roles
Jobs/Services
Permanent Workflows
Component Model

RBAC Architecture Overview

→ Visit the full section

RBAC Overview
Business Roles/Locations
Management Roles
Delegation/Access Assignment

→ Visit the full section

Legacy Admin Interface
Microservices Interface
Lab - Create Person Identity and Navigating the UI

Connecting to External Systems

→ Visit the full section

FlatFile – HR Data
Active Directory
EntraID
Tracking Only
Lab - Create a Universal Flat File Connector Account Store
Lab - Create an Active Directory Connector Account Store
Lab - Create an Entra ID Connector Account Store
Lab - Create a Tracking Only Account Store

Attribute Flow Rules

→ Visit the full section

Schema Overview
Attribute Flow Rules
Scoring/Weighting
Lab - Configuring Attribute Flow Rules

Identity Lifecycle Settings (JML)

→ Visit the full section

Join and Provision Rules
Core Identity Rules
Termination Query Based Collections
Role/Location Assignments – Dynamic Hierarchy
Lab - Account Inbox Configuration
Lab - Dynamic Hierarchy for Roles and Locations

Provisioning Policies

→ Visit the full section

Configuring/Managing Provisioning Policies
Monitoring Provisioning/De-Provisioning Jobs/Processes
Lab - Create Provisioning Policy - Active Directory
Lab - Create Provisioning Policy - Entra ID
Lab - Create Provisioning Policy - Tracking Only

Birthright Access Entitlements Assignment

→ Visit the full section

RBAC Assignment of Entitlements
- Business Role/Location
- Management Roles
- Query Based Collections
- Person Direct
Entitlement Reporting and Tracing
Lab - Assigning Group Memberships

Dynamic Hierarchy Policies

→ Visit the full section

Dynamic Hierarchy Group Policies
Dynamic Hierarchy Management Role Policies
Lab - Create Dynamic Hierarchy Policies - Groups
Lab - Create Dynamic Hierarchy Policies - Management Roles

Self Service Access Management

→ Visit the full section

Resource Eligibility
Shopping for Resources
Managing Access
Lab - Access Management Configuration

No-Code Workflows

→ Visit the full section

Overview
Events and Event Processing – Scoping
No-Code Flow Definitions, Scope Types
Lab - Configure No-Code Workflow and Event Policy

Approval Flow Policies

→ Visit the full section

Business Request Types
Item Type Actions
Approval Flow Steps
Approval Flow Policies
Lab - Configure Approval Flow Policies

Access Request Policies

→ Visit the full section

Resource Assignments
Time Constraining Access
Approval Flow Policy Assignment

Resource Ownership and Management

→ Visit the full section

Resource Management and Governance
- Managing Groups
- Managing Management Roles
- Managing Person Identities
Lab: Create, Manage Groups
Lab: Create, Manage Management Roles
Lab: Create, Manage Account/Person

RBAC Persona Configuration and Management

→ Visit the full section

RBAC Assignment Delegation/Hierarchy
TRBAC Management
Persona Role Bundling using TRBAC Roles
Lab: Create Persona Delegations

MFA Configuration and Management

Configuring and Managing MFA Methods
Using MFA
Lab: Configure and Use MFA for Login

Password Management

Password Manager Policies
Self-Service Password Reset Workflows and Processes
Using MFA in the Password Management Processes
Lab: Configure MFA Policy and Login using Passwordless Login
Lab: Configure Password Manager Policy
Lab: Configure and Use Self-Service Password Reset

Complex Authorization Management (PBAC)

PBAC Overview
Application Rights
Application Roles
PBAC Assignments

Application Management

Overview - Application Types
Managing Non-Azure Applications
Managing Azure Applications

Risk Management

Risk Management Overview/Concepts
Creating/Managing Local Functions
Creating/Managing Local Risks
Creating/Managing Global Risks
Creating/Managing Global Functions
Creating/Managing Mitigation Controls
Risk Reporting and Analysis
Lab: Create/Configure Local/Global Functions
Lab: Create/Configure Local/Global Risks
Lab: Create SoD Policy
Lab: IAM Shop Request/Risk Approval

Audits and Recertification

→ Visit the full section

Recertification Overview/Concepts
Recertification Policies
Audit Campaigns
Recertification Tasks
Lab: Create Recertification Policy
Lab: Create Audit Campaign
Lab: Approve and Process Recertification Tasks

Privileged Access Management

PAM Overview/Concepts
Credential Management
PSM Configuration/Management
PAM Access Request Policy Configuration
Computer Management
Lab: Configure Computer for Local Management
Lab: Configure Computer Object for PSM
Lab: Create/Configure Shared Credential
Lab: Create/Configure Personal Credential
Lab: Connect to PSM Session
Lab: Checkout/Check in Vaulted Credential

Miscellaneous System Configuration

Localized Text
Workflow Parameters
Email Notifications/Templates
UI Actions
Page Attributes
Lab: Adjust Page Attributes for Person View and Account View
Lab: Create UI Actions
Lab: Set Workflow Parameters for Onboard Management Role Workflow

Reporting and Auditing