Configuring Custom Attributes

6 Configuring Custom Attributes

You can configure custom attributes or user-defined fields (UDFs) for the user, role, organization, and catalog entities.

Entity attributes are properties of the entity. The information about the user entity is stored in the form of attributes, such as first name, last name, user login, and password. There are default user attributes in Oracle Identity Manager. However, you can create custom user attributes by using the User form under System Entities in the Oracle Identity System Administration. The custom attributes are referred to as user defined fields (UDFs). Oracle Identity Manager lets you create UDFs for the user, role, resource, organization, and catalog entities.

This chapter describes how to create and manage UDFs in the following sections:

Note:

Before you start performing the procedures described in this section, it is recommended that you review the Managing Sandboxes section in Developing and Customizing Applications for Oracle Identity Governance.

6.1 Creating a Custom Attribute

Creating a custom attribute involves activating a sandbox, using the System Entities section of the Identity System Administration to create the UDF for the particular entity, and exporting and publishing the sandbox.

The searchable property controls whether or not the attribute can be used to perform searches. For user defined attributes, setting this property will result in the attribute being shown in the Search form. Default attributes do not support this property.

To create a custom attribute or UDF:

Note:

Do not use ParentAccountId as a form field name. ParentAccountId is used to store system information.

Log in to Oracle Identity System Administration.
Create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
To create a UDF for the user, organization, role, and catalog entities, click the component under System Entities on the left navigation pane of Identity System Administration.

Catalog UDFs will not be available under Role VO. When ever a catalog UDF is added and customized in access request page, then the new UDF will be available automatically in Role page.
In the Custom section of the Fields tab, click the Create icon. The Select Field Type dialog box is displayed.
Select a field type you want to create. The available field types are:
- Text: Select this option to create a text field.
- Number: Select this option to create a numeric field.
- Checkbox: Select this option to create a checkbox field.
- Date: Select this option to create a date type field.
- Lookup: Select this option to create a lookup field in which users can search and select the value. Note that there are two types of lookups that you can create:
  - A drop-down list from which you can select a value.
  - A searchable picklist (ADF name input list of value), from which users can search and select the value. If you want to create a searchable picklist, then on the Create Lookup Field page, under the Advanced section, select Searchable Picklist.
  Note:
  
  After you create a UDF for dependent lookups (a lookup field that is created with the Constrain list by parent field value selection option selected), you must set the partialTriggers property through WebCenter composer to refresh the values in the dependent lookup. To do so, see the procedure described in Creating Cascaded LOVs.
  
  If you create a UDF in the User Details page, then the UDF is recommended to be in read-only mode. If the UDF is of drop-down or checkbox type, then you must customize it to read-only mode explicitly. To do so:
  1. In the User Details page, click Customize to open WebCenter Composer. The page opens in customization mode.
  2. Click the drop-down or checkbox region to edit its properties. In the pop-up window, click Edit.
  3. In the Component Properties window, select the Read Only checkbox and click OK.
  4. Click Close to close the page in customization mode.
  Do not add drop-down UDF as outputText to a page if the value of the Meaning field has to be displayed.
Click OK. The page to create a custom field is displayed.

As an example, Figure 6-1 shows the Create Text Field page. The rest of the procedure in this section has been based on creating a custom text field.

Figure 6-1 The Create Text Field Page

Description of "Figure 6-1 The Create Text Field Page"

Enter values in the fields of the Create Text Field page. Table 6-1 lists the fields in the Create Text Field page. Depending on the type of field that you are creating, the fields on the Create Text Field page varies.

Table 6-1 Fields in the Create Text Field Page

Section	Field	Description
Appearance	Display Label	The custom field label that is displayed in the form. Note: Display Labels for forms designed by using the Form Designer must be specified in single default language, for example English. If there is a requirement to enter the Display Label in any other language, then the ROOT resource bundle (/xliffBundles/oracle/iam/ui/runtime/BizEditorBundle.xlf) containing the Display Labels specified in the Form Designer can be translated to other languages. The translated labels will be displayed when the form is displayed in the request catalog, Inbox, track requests, and other pages.
Appearance	Display Width	The display width in characters. If you do not specify a value for this field, then the length of the field is taken as default.
Name	Name	The unique custom field name. This field is of internal use only, and the value of this field is not displayed to the user. Note: The auto-populated value of the Name field is the first character of the value in the Display Label field. Overwrite the auto-populated value manually with the desired value.
Name	Description	The description of the custom field. This field is of internal use only, and the value of this field is not displayed to the user.
Constraints	Searchable	The searchable property controls whether or not the attribute can be used to perform searches. For user defined attributes, setting this property will result in the attribute being shown in the Search form. Default attributes do not support this property. Note: If you select the Searchable checkbox, then in the Advanced section, you cannot select Encrypt. A custom field that is marked as searchable cannot be encrypted.
Constraints	Maximum Length	The maximum length of the field in characters. Note: You can increase the maximum length for default and custom attributes by using the User form. However, decreasing the maximum length is not supported.
Default Value	Text field	The default value of the custom field. The value you specify in this field is set for the field when the object is created. Note: The field below the text field is grayed out and is not used.
Advanced	Encrypt	Determines whether the custom field must be encrypted. Note: If you select the Encrypt checkbox, then in the Constrains section, you cannot select Searchable. A custom field that is encrypted cannot be searchable.
Advanced	Use in Bulk	Determines whether the attribute is available in bulk operations.
Advanced	LDAP Attribute	Name of the attribute in the LDAP repository to which this custom attribute must map to. Note: Unless LDAP synchronization is enabled, setting a value for this field has no effect. For more information about enabling LDAP synchronization, see Configuring Oracle Identity Manager Server in Installation Guide for Oracle Identity and Access Management.
Advanced	Certifiable	Determines whether the attribute is certifiable. A requestable entity is available for certification only if it is marked as certifiable.

Click Save and Close. The UDF is created in the backend and is displayed in the Custom section of the Form Details page.
It is recommended that you export the sandbox to store all the changes made in your sandbox. For detailed instructions on exporting a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
Publish the sandbox. For detailed instructions on publishing a sandbox, see Managing Sandboxes in the Developing and Customizing Applications for Oracle Identity Governance.

When you create a UDF by using the Form Designer, it is created in the back-end, and is not available for use. To make it available for use to the user, you must include the UDF in the Oracle Identity Self Service page on which it will be displayed. For information about including a UDF in the Oracle Identity Self Service page, see Adding a Custom Attribute.

6.2 Creating a Custom Child Form

Application instance forms can have child forms. Creating custom child forms involve activating a sandbox, using the Form Designer to add the child form to the application instance form, and exporting and publishing the sandbox.

Note that at some places in this guide, the term resource form has been used to refer to application instance forms.

To create a custom child form:

Log in to Oracle Identity System Administration.
Create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance

Note:

You must ensure that sandbox in which the application instance form for which you are creating the child form must be published. If it is not published, then you must perform the procedure described in this section in the same sandbox in which the application instance form was created.
In the left pane, under Provisioning Configuration, click Form Designer. The Form Designer page is displayed.
Search for and open the application instance (resource) form for which you want to create a child form as follows:
1. Specify a value for the Resource Type lookup field.
2. Click Search.
  
  A list of all resource forms (application instance forms) that meet the search criteria is displayed.
3. From this list, select the form to open. Alternatively, click Open on the toolbar.
  
  The Manage APP_INSTANCE_FORM_NAME page is displayed.
On the Child Objects tab, click the Add icon on the toolbar. The Add dialog box is displayed.
In the Name field, enter the name of the child form. In the Description field, enter a description of the child form. Then, click OK. The child form is created in the backend and is displayed in the Child Objects tab of the application instance form for which it was created.

For information about adding a new child form attribute, see "Creating a Custom Child Form Attribute".
Click Regenerate View to regenerate the application instance form associated with the child form. If you do not regenerate the view the child form will not be available in the page for use on which you want it to be displayed.
It is recommended that you export the sandbox to store all the changes made in your sandbox. For detailed instructions on exporting a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
Publish the sandbox. For detailed instructions on publishing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.

6.3 Creating a Custom Child Form Attribute

Creating a custom child form attribute involves activating a sandbox, opening the parent form and the child form in the Form Designer, creating and saving the child form attribute, and exporting and publishing the sandbox.

To create a custom child form attribute:

Note:

Do not use ParentAccountId as a form field name. ParentAccountId is used to store system information.

Log in to Oracle Identity System Administration.
Create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance

Note:

You must ensure that sandbox in which the child form for which you are creating the attribute must be published. If it is not published, then you must perform the procedure described in this section in the same sandbox in which the child form was created.
In the left pane, under Provisioning Configuration, click Form Designer. The Form Designer page is displayed.
Search for and open the parent form (application instance form) of the child form in which you want to create an attribute. See Step 4 of Creating a Custom Child Form for information about searching and opening a form.

The Manage APP_INSTANCE_FORM_NAME page is displayed.
On the Child Objects tab, from the list of child forms, select the child form in which you want to create the attribute. The Manage CHILD_FORM_NAME page is displayed.
In the Custom section of the Fields tab, click the Create icon. The Select Field Type dialog box is displayed.
Select a field type you want to create. The available field types are:
- Text: Select this option to create a text field.
- Number: Select this option to create a numeric field.
- Checkbox: Select this option to create a checkbox field.
- Date: Select this option to create a date type field.
- Lookup: Select this option to create a lookup field in which users can search and select the value.
Click OK. The page to create a custom field is displayed.

The rest of the procedure in this section has been based on creating a custom lookup field.

Enter values in the fields of the Create Lookup Field page. Table 6-2 lists the fields in the Create Lookup Field page:

Table 6-2 Fields in the Create Lookup Field Page

Section	Field	Description
Appearance	Display Label	The custom field label that is displayed in the form. Note: Display Labels for forms designed by using the Form Designer must be specified in single default language, for example English. If there is a requirement to enter the Display Label in any other language, then the ROOT resource bundle (/xliffBundles/oracle/iam/ui/runtime/BizEditorBundle.xlf) containing the Display Labels specified in the Form Designer can be translated to other languages. The translated labels will be displayed when the form is displayed in the request catalog, Inbox, track requests, and other pages.
Appearance	Display Width	This attribute will specify the width for LOV UDF on the screen. Note: When creating a Lookup type UDF, the recommended value of Display Width is `40`.
Appearance	Help Text	Field-level help text that is displayed to the users as a tooltip.
Name	Name	The unique custom field name. This field is of internal use only, and the value of this field is not displayed to the user.
Name	Description	The description of the custom field. This field is of internal use only, and the value of this field is not displayed to the user.
Constraints	Searchable	Determines if the custom field can be searched by the user.
Constraints	Maximum Length	Determines the maximum length of the value that can be provided.
List of Values	Lookup Type	The lookup whose values are displayed to the user as a list of available values. You can either specify an existing lookup type or create a new one. Note: If you are creating a new lookup, then the name of this new lookup must not be the same as that of the UDF (of type lookup) that you are creating. Otherwise, the lookup is not displayed in the Manager User page.
Default Value	Drop-down list	The default value of the custom field. The value you specify in this field is set for the field when the object is created. Note: The field below the down-down list is grayed out and is not used.
Advanced	Entitlement	Determines whether the custom field is an entitlement. Note: If you are creating a child form with a lookup field for entitlement (in other words, the Entitlement field is selected), then you must select Searchable and Searchable Picklist options too.
Advanced	Use in Bulk	Determines whether the attribute is available in bulk operations.
Advanced	Searchable Picklist	Determines whether the custom field is a input list of values. This is applicable to Lookup field.

Click Save and Close. The UDF is created in the backend and is displayed in the Custom section of the Form details page.
Click Re-generate View.
It is recommended that you export the sandbox to store all the changes made in your sandbox. For detailed instructions on exporting a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
Publish the sandbox. For detailed instructions on publishing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.

6.4 Modifying a Custom Attribute

Modifying a custom attribute involves activating a sandbox, editing the custom attribute, and exporting and publishing the sandbox.

To modify a custom attribute that you created for a form:

Create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
In the Form Designer, search and open the form which contains the custom attribute you want to modify.
In the Custom section, select the custom attribute that you want to modify.
Click the Edit icon on the toolbar. Alternatively, click the Display Name of the attribute. The page to edit the field is displayed.
Modify the values in the fields by referring to Table 6-1. Note that all the fields listed in Table 6-1 are editable.
Click Save and Close.
Click Re-generate View.
It is recommended that you export the sandbox to store all the changes made in your sandbox. For detailed instructions on exporting a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
Publish the sandbox. For detailed instructions on publishing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.

6.5 Adding a Custom Attribute

When you create a UDF, it is created only in the backend, and is not available in the page for use on which you want it to be displayed.

Note:

Adding a custom attribute is always in relation to one of the following entities: User, Organization, Role, or Catalog.
When catalog UDFs are customized to show in the first page of the Create Role wizard, they are also shown in the summary page of the wizard. But when role UDFs are customized to show in first page of the Create Role wizard, they are not shown in the summary page of the wizard. The summary page must be separately customized for these role UDFs to be displayed.
The LOV attribute (OOTB/CUSTOM) is not supported for unauthenticated pages. For example, in the self-registration UI, the LOV attribute is not supported.

Adding a custom attribute involves the following:

6.5.1 Displaying a UDF in Oracle Identity Self Service Page

You must customize the UI to add the custom attribute and display it in a page in the Identity Self Service.

To display a UDF in a page in Oracle Identity Self Service:

Create the UDF by using the User form under System Entities in Identity System Administration. For example, you can create a UDF for the Create User page.

See Creating a Custom Attribute for information about creating a UDF.

Note:

After adding a UDF through the User form, logout of both Oracle Identity System Administration and Oracle Identity Self Service, and then login again to be able to see the newly added UDF and use it for customization.
Log in to Oracle Identity Self Service as the system administrator.
Create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
Click Manage. The Home tab displays the different Manage option. Click Users. The Manage Users page is displayed.
From the Actions menu, select Create. Alternatively, you can click Create on the toolbar. The Create User page is displayed with input fields for user profile attributes.
Click Customize at the upper right corner of the page to open WebCenter Composer. The Create User page opens in customization mode as shown in Figure 6-2.

Figure 6-2 Create User Page in Customization Mode

Description of "Figure 6-2 Create User Page in Customization Mode"
Enter values for all mandatory fields.
Select Structure tab. The object tree is displayed as shown in Figure 6-3.

Figure 6-3 Object Tree Page in Customization Mode

Description of "Figure 6-3 Object Tree Page in Customization Mode"
Select the section of the page on which you want to add the UDF.
In the Confirm Task Flow Edit dialog box, click Edit to confirm the edit task. The corresponding ADF component in the object tree is selected.
Select the panelFormLayout component, and click the Add icon. The Add Content dialog box is displayed.

Depending on the entity or area on which the UDF was added, select the data component, and then the view object. Table 6-3 lists the entities, pages, data components, and view objects that must be selected.

Note:

Adding VO as tables is not supported.

Table 6-3 Entities and Corresponding Data Components and View Objects

Entity	Page	Data Component	View Object
User	Create User	Data Component - Catalog	userVO
User	Modify User	Data Component - Catalog	userVO
User	Search Users	Data Component - Manage Users	UserVO1
User	View User Details	Data Component - Manage Users	UserVO1
User	My Information	Data Component - My Information	UserVO1
User	New User Registration	Data Component - User Registration	UserVO1
Role	Create Role	Data Component - Role	RoleDetailsVO
Role	Modify Role	Data Component - Role	RoleDetailsVO
Role	Search Roles	Data Component - Role	RoleVO1
Organization	Create Organization	Data Component - Organization	EditOrgVO
Organization	Modify Organization	Data Component - Organization	EditOrgVO
Organization	Search Organizations	Data Component - Organization	OrganizationVO
Catalog	Access Request	Data Component - Catalog	Catalog results table: CartItemsVO1 Cart items under Edit Cart Popup: CartItemsVO Catalog details for a selected cart item either under catalog results table or edit cart popup: EditCartItemsVO
Certification	User Certification	Data Component - Certification	UserCertificationUserVO1
Certification	User Certification	Data Component - Certification	UserCertificationUserEntitlementVO1
Certification	Role Certification	Data Component - Certification	RoleCertificationRoleVO1
Certification	Role Certification	Data Component - Certification	RoleCertificationMemberVO1
Certification	Role Certification	Data Component - Certification	RoleCertificationPolicyVO1
Certification	Application Instance Certification	Data Component - Certification	ApplicationCertificationApplicationVO
Certification	Application Instance Certification	Data Component - Certification	ApplicationCertificationEntitlementVO
Certification	Entitlement Certification	Data Component - Certification	EntitlementCertificationEntitlementVO
Certification	Entitlement Certification	Data Component - Certification	EntitlementCertificationEntitlementMemberVO

Scroll to find the UDF that you added and click Add. If the UDF is not displayed, then refresh the content by clicking the Refresh icon at the top right hand corner of the dialog box.
Depending on the custom attribute that you created in step 1 and the type of UDF that you want to display, select one of the following items from the menu:

For a UDF of Text or Number type:
- ADF Output Text
- ADF Output Text w/Label
- ADF Output Formatted
- ADF Output Formatted w/Label
- ADF Input Text
- ADF Input Text w/Label
- ADF Label
- ADF Readonly Input Text w/Label
- ADF Table Column
For a UDF of Checkbox type:
- ADF Select Boolean Checkbox
- ADF Table Column
For a UDF of Date type:
- ADF Input Date w/Label
- ADF Table Column
For a UDF of Lookup type:
- ADF Input List Of Value (select only for searchable PickList)
- ADF Select One Choice (select only for non-searchable PickList; this option is not visible for a searchable PickList for which you must select ADF Input List of Value)
- ADF Table Column (select when adding a column within an af:table)
For example, if you have created a UDF of Text type, then select ADF Input Text w/Label. Similarly, if you created a searchable UDF of Lookup type, then select ADF Input List of Value. As an example, Figure 6-4 shows options for a UDF of Text type.

Figure 6-4 Options for Adding a UDF of Text Type

Description of "Figure 6-4 Options for Adding a UDF of Text Type"
Click Close to close the Add Content dialog box.

Note:

If two attribute labels are displayed for the same field, then add the attribute that does not end with __C.
From the object tree on the Editing Page, select the UDF on the page, and click the Show properties icon. The Component Properties page is displayed.
On the Display Options tab:
1. Select Auto Submit.
2. If you have added the UDF on the user form, then in the Value Change Listener field, enter #{pageFlowScope.cartDetailStateBean.attributeValueChangedListener}.
  
  If you have added the UDF on a form other than the user form, then copy the value of the Value Change Listener field from any of the existing fields on the form and paste it as the value of the Value Change Listener field for the newly added UDF.
3. If you want to mark this attribute as mandatory, then change the Required and Show Required properties to true. To set the Show Required property, select the Show Required option. In the Required field, select Expression Editor, and in the Expression Editor field, enter the value as true.
4. If you want to display this attribute as read-only, then select the checkbox for the Read Only property.
5. If you want to bind this attribute to a custom-managed bean method, then change the Value property.
  
  The custom-managed bean method must include a call to the original method binding. For more information, see Developing Managed Beans and Task Flows section of Developing and Customizing Applications for Oracle Identity Governance.
Click OK.
Click Close to leave customization mode.
It is recommended that you export the sandbox, in case if you intend to move the change from test to production environment. See Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance for detailed instructions on exporting a sandbox.
Publish the sandbox. For detailed instructions on publishing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.

To remove a UDF, you can use the customization mode to open the WebCenter Composer. In the customization mode, select the component or UDF that you want to remove, and then delete it or set the rendered property on that UDF to false.

6.5.2 Enabling the Submit Button After Adding a UDF to the Modify User Form

After adding a new UDF to the modify user form by customizing the UI using Web Composer, the Submit button of the form is not enabled when you try to modify a user. But modification of other user form fields enables the Submit button.

To avoid this issue, when you add a new UDF to the modify user form for the first time:

Create a sandbox and activate it. Open the page that contains the UDF, and click Customize.
Select Structure.
Note the value of the valueChangeListener property of a predefined or default field. To do so:
1. Click the predefined field, and then click Edit to open the Component Properties dialog box.
2. Copy the value of the valueChangeListener property.
Add the new UDF to the form, as described in Adding a Custom Attribute.
Export the sandbox as a ZIP file.
Delete the sandbox without publishing it.
Extract the ZIP file, and edit the jsff.xml file for the specific screen.

Add the following attributes to the ADF tag, for example af:inputText, for the UDFD field, as shown:

valueChangeListener=VALUE_COPIED_IN_STEP3
autoSubmit="true"

The resulting XML will look similar to the following:

<?xml version='1.0' encoding='UTF-8'?>
<mds:customization version="11.1.1.61.92" xmlns:mds="http://xmlns.oracle.com/mds" motype_local_name="root" motype_nsuri="http://java.sun.com/JSP/Page">
   <mds:move node="_xg_12" parent="_xg_pfl5" position="last"/>
   <mds:insert parent="_xg_pfl5" position="last">
      <af:inputText xmlns:af="http://xmlns.oracle.com/adf/faces/rich" value="#{bindings.JobCode__c.inputValue}" label="#{bindings.JobCode__c.hints.label}" required="#{bindings.JobCode__c.hints.mandatory}" columns="#{bindings.JobCode__c.hints.displayWidth}" maximumLength="#{bindings.JobCode__c.hints.precision}" shortDesc="#{bindings.JobCode__c.hints.tooltip}" id="dtrt_dc_628826708" autoSubmit="true" valueChangeListener="#{pageFlowScope.cartDetailStateBean.attributeValueChangedListener}">
     <f:validator xmlns:f="http://java.sun.com/jsf/core" binding="#{bindings.JobCode__c.validator}"/>
      </af:inputText>
   </mds:insert>
   <mds:move node="_xg_19" parent="_xg_pfl5" position="last"/>
   <mds:move node="_xg_20" parent="_xg_pfl5" position="last"/>
   <mds:move node="_xg_27" parent="_xg_pfl5" position="last"/>
   <mds:move node="_xg_23" parent="_xg_pfl5" position="last"/>
   <mds:move node="_xg_41" parent="_xg_pfl5" position="last"/>
</mds:customization>

Create the ZIP file for the sandbox.
Import the sandbox.
Publish the sandbox.

6.5.3 Adding a Custom Attribute Category into Create User Form

You must customize the Create User or Modify User form to add a new category of fields.

To customize the Create User or Modify User form to add a new category of fields:

Log in to Oracle Identity Self Service.
Create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
Click Manage. The Home tab displays the different Manage option. Click Users. The Manage Users page is displayed.
From the Actions menu, select Create. Alternatively, you can click Create on the toolbar. The Create User page is displayed with input fields for user profile attributes.
Click Customize at the upper right corner of the page to open WebCenter Composer. The Create User page opens in customization mode.
Enter values for all mandatory fields.
Select Structure tab. The object tree is displayed.
Click the first field of the Create User form and select its ancestor panelGroupLayout component.
Click the Add Content icon.
In the Add Content dialog box, click Web Components.
Click Add next to the ShowDetailHeader component.
Click Close.
Select the newly added ShowDetailHeader component and click Edit to open the Component Properties dialog box.
Modify the value of Size to 2.
Modify the default value of Text with a suitable value.
Click Apply and Close.
Click the Add Content icon.
In the Add Content dialog box, click Web Components, if not already open.
Click Add next to the PanelFormLayout component.
Click Close.
Add fields into this new panelFormLayout component as described in step 11 in Adding a Custom Attribute.
Click Close to leave customization mode.
It is recommended that you export the sandbox, in case if you intend to move the change from test to production environment. See Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance for detailed instructions on exporting a sandbox.
Publish the sandbox. For detailed instructions on publishing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.

6.5.4 Customizing Unauthenticated Page

You can customize an unauthenticated page for example New User Login or Self Registration page.

To customize an unauthenticated page for example New User Login or Self Registration page:

Log in to Oracle Identity Self Service.
Create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
Click Self Service. The Home tab displays the different Self Service option.
Click Customize at the upper right corner of the page to open WebCenter Composer. The Home page opens in customization mode.
Select Structure tab. The object tree is displayed.
Select the area on the screen where all other tiles like My Information, My Access and so on are present.
In the right hand side panel, select the last gridRow, right click and select Show Component.

Incase the Unauthenticated box does not immediately appear on the screen, you may have to close the screen and reopen.
Unauthenticated option gets added to the screen. This box has a drop-down list of all unauthenticated pages in the Identity Self Service. You can select any one screen that you would like to customize.

For detailed steps on how to add a custom attribute see, Adding a Custom Attribute.

6.6 Adding a Custom Attribute to an Application Instance Form

When you create a custom attribute (UDF) on an application instance form, it is created only in the backend, and is not available in the page for use on which you want it to be displayed. The options available to display the UDF in a page in the Identity Self Service are regenerating view and updating the application instance form by using WebCenter Composer.

The following are the options available to display the UDF in a page in Oracle Identity Self Service:

6.6.1 Regenerating View

One of the methods to display a UDF in a page in the Identity Self Service is to use the Regenerate View option in the Child Objects tab of the Form Designer.

To display the UDF in a page in Oracle Identity Self Service:

Log in to Oracle Identity System Administration.
Create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance

Note:

You must ensure that sandbox in which the application instance form for which you are adding a custom child attribute must be published. If it is not published, then you must perform the procedure described in this section in the same sandbox in which the application instance form was created.
In the left pane, under Provisioning Configuration, click Form Designer. The Form Designer page is displayed.
Search for and open the application instance form whose child form (containing the UDFs that you added) must be displayed in a page in Oracle Identity Self Service.
On the Child Objects tab, click Regenerate View.
Note:
- The Regenerate View dialog box is displayed. Select the appropriate options for Form Type and Generate Entitlement Forms. See Modifying Forms By Using the Form Designer for information about the Form Type and Generate Entitlement Forms options.
- Any customization made to the page will be lost when you click Regenerate View.
It is recommended that you export the sandbox, in case if you intend to move the change from test to production environment. See Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance for detailed instructions on exporting a sandbox.
Publish the sandbox. For detailed instructions on publishing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.

6.6.2 Updating the Application Instance Form By Using WebCenter Composer

One of the methods to display a UDF in a page in the Identity Self Service is to update the application instance form by using WebCenter Composer.

To display the UDF in a page in Oracle Identity Self Service:

Create the UDF by using the Form Designer.
Log in to Oracle Identity Self Service.
Create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
In the left pane, under System Entities, click Catalog. The Catalog page is displayed.
Search for and select the application instance whose resource form page must be updated, and the click Add to Cart.
Click Checkout.
On the Cart Details page, under the Details section, the application instance form and its attributes are displayed.
Click Customize to open WebCenter Composer. The page opens in customization mode.
Enter values for all mandatory fields.
From the View menu at the upper left corner of the page, select Structure. The object tree is displayed.
Under the Details section, select and click the attributes of the application instance form. A message confirming whether you want to edit the page is displayed.
Click Edit. In the object tree, the ADF component corresponding to the selection made in the preceding step is selected.
Click Add Content. The Add Content dialog box is displayed.
Select the data component. To do so:
1. Select Data Component - Catalog.
2. Search for APP_INSTANCEVO and then click Open. Here, APP_INSTANCE is the name of the application instance for which the attributes are added.
Scroll to find the UDF that you added. If the UDF is not displayed, then refresh the page.
Select the UDF on the page, and click Add.
Click Close to leave customization mode.
It is recommended that you export the sandbox to move the change from the test to production environment. For detailed instructions on exporting a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
Publish the sandbox. For detailed instructions on publishing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.

6.7 Moving UDFs from Test to Production

You can move a UDF that is added to an entity from one deployment, such as test environment, to another, such as production environment.

The following sections discuss the procedure to move a UDF added to entities from test to production:

6.7.1 Moving UDFs Added to Entities

You can move a UDF that is added to a User, Role, Organization or Application Instance entity from one deployment to another by using the Deployment Manager.

Moving a UDF that is added to a User, Roles, Organization or Application Instance entity from test to production consists of the following steps:

Note:

Before you perform these procedures, ensure that you do not have any popup blockers enabled in your browser and that you have a supported Java Runtime Environment (JRE) installed in the browser. This is because the Deployment Manager uses a popup window and it requires JRE to be installed in the browser.

6.7.1.1 Exporting the UDF from the Test Environment

To export the UDF from the test environment:

Log in to Oracle Identity System Administration.
Under System Configuration, click Export.
Search for the desired metadata, User Metadata, Role Metadata, Organization Metadata, or Application instances. A list of all available metadata is displayed.
Select the UDF that you want to move from test to production, and then click Select Children.
Click Select Dependencies, and then click Confirmation.
Click Add for Export.
In the confirmation message that is displayed, click OK to exit the wizard.
Click Export. Alternatively, provide description and then click Export.
Specify the location to which the content must be exported. A message confirming that the export was successful is displayed.
Export the sandbox from the test environment to store all the changes made in your sandbox. For detailed instructions on exporting a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
Note:
- The sandbox exported here must be the same, which has been used while creating and adding custom UDFs.
- The sandbox must not have been published before exporting, because there is no way to export the published sandbox.

6.7.1.2 Importing the UDF into the Production Environment

To import UDF into the production environment:

In Oracle Identity System Administration, under System Configuration, click Import.
Specify the path to the XML file that was exported from the test environment by using the Deployment Manager.
Click Add File, Import, and then confirm the import. A message confirming that the import was successful is displayed.
Import the sandbox exported from the test environment. For information about importing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
Activate the sandbox to verify the changes. For information about activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
Publish the sandbox after you verify the changes. For information about publishing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.

6.7.2 Moving UDFs Added to Catalog Entities

Depending upon the type of customization done, moving the catalog definition from test to production involves one or both the steps of exporting and importing using sandbox and Deployment Manager.

The procedure to move a UDF added to a catalog entity from test to production is discussed later in this guide. See Test to Production Procedures for Catalog Customizations for more information.

6.8 Synchronizing User-Defined Fields Between Oracle Identity Governance and LDAP

If you enable LDAP synchronization any time after creating one or more UDFs, then you must synchronize these UDFs with the corresponding LDAP attributes.

To do so, by using the Form Designer, search for and open the form containing the UDF, and then save it (no need to make any other change). Repeat this process of opening the form containing the UDF and then saving it for all UDFs created before enabling LDAP synchronization.

Note:

LDAP synchronization works when Oracle Identity Manager is integrated with Access Manager (OAM). The integration is based on LDAP connectors and is available from Release 12.2.1.3 onwards. For more information on LDAP synchronization, see Enabling LDAP Synchronization in Oracle Identity Manager in the Integration Guide for Oracle Identity Management Suite.
While creating/modifying an attribute using Form Designer, provide a value against LDAP Attribute. This is the value of LDAP attribute name against which the user-defined field (UDF) will be synchronized, and applicable only in LDAP sync enabled environment.
If you are using an OUD LDAP directory, then the Oracle Identity Manager custom attribute name must not contain a space. OUD does not allow creating a custom attribute with space in the attribute name.

6.9 Creating Cascaded LOVs

Creating cascaded LOVs involve activating a sandbox, creating UDFs of Lookup type, exporting the sandbox, and customizing the UI.

To create cascaded LOVs on the My Information page:

Note:

In this release of Oracle Identity Manager, LOVs cannot be added on the Self-Registration Page.

Log in to Oracle Identity System Administration.
Create and activate a sandbox, for example SUJ. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
Under System Entities in the left pane, click User.
Create the following UDFs of Lookup Type:
- parent - ParentChoice
- dependent - DepChoice
  
  While creating DepChoice, make it dependent on the UDF ParentChoice, and map the values. To do so:
  1. In the List of Values section, search for the parent field and select it.
    
    Select Constrain list by parent field value selection. This enables the fields to set the parent dependency details.
  2. Select the required Parent Choice List and set the Value Map.
Click Save and Close.
Export the sandbox.

The sandbox is stored as sandbox_SUJ.zip.

Unzip the sandbox_SUJ.zip file, and perform the following steps:

In the file \persdef\sessiondef\oracle\iam\ui\runtime\form\model\user\view\mdssys\cust\site\site\userVO.xml.xml, under tag <ViewAttribute Name="DepChoice__c", search for the following text:

<Property Name="CascadingParentChoiceList" Value="ParentChoice__c"/>

<Property Name="CascadingRelationshipId" Value="100000000002523"/>
Copy the text in Step 7 a to \persdef\oracle\iam\ui\common\model\user\view\mdssys\cust\site\site\UserVO.xml.xml file under tag <ViewAttribute Name="DepChoice__c".

In the file \persdef\sessiondef\oracle\iam\ui\runtime\form\model\user\view\mdssys\cust\site\site\userVO.xml.xml, search for the following text:

</mds:insert>
<mds:insert parent=" userVO " position="last">
<ViewAccessor Name="LOVVA_For_DepChoice__c"
ViewObjectName="oracle.adf.businesseditor.model.views.CascadingLookups "
xmlns="http://xmlns.oracle.com/bc4j">
 
  <ParameterMap>
            <PIMap Variable="Bind_RelationshipId">
               <TransientExpression Name="expression" access="local"><![CDATA[structureDef.findAttributeDef("DepChoice__c ").getProperty("CascadingRelationshipId")]]></TransientExpression>
            </PIMap>
            <PIMap Variable="Bind_ParentLookupCode">
               <TransientExpression Name="expression" access="local"><![CDATA[ParentChoice __c]]></TransientExpression>
            </PIMap>
         </ParameterMap>
 
</ViewAccessor>
</mds:insert>
</ParameterMap>
</ViewAccessor>
</mds:insert>

In the file \tmp\persdef\oracle\iam\ui\common\model\user\view\mdssys\cust\site\site\UserVO.xml.xml search for the below text and replace it with the text copied in step 7 c. Change userVO to UserVO:

</mds:insert>
<mds:insert parent="UserVO" position="last">
<ViewAccessor Name="LOVVA_For_DepChoice__c"
ViewObjectName="oracle.adf.businesseditor.model.views.Lookups"
xmlns="http://xmlns.oracle.com/bc4j">
<ParameterMap>
<PIMap Variable="Bind_LookupType">
<TransientExpression><![CDATA['Lookup.Conditions.Severity']]></TransientExp
ression>
</PIMap>
</ParameterMap>
</ViewAccessor>
</mds:insert>

In the file \persdef\sessiondef\oracle\iam\ui\runtime\form\model\user\view\mdssys\cust\site\site\userVO.xml.xml, search for the following text:

<mds:insert parent="userVO" position="last">
      <Properties xmlns="http://xmlns.oracle.com/bc4j">
         <Property Name="__INTERNAL_EXPR_VALUE_OVERRIDES__" Value="userEO"/>
      </Properties>
   </mds:insert>

Copy the text from 7 e to file persdef\oracle\iam\ui\common\model\user\view\mdssys\cust\site\site\UserVO.xml.xml and change userVO to UserVO and userEO to UserEO.

Recreate the zip file with same name as in Step 6.

For example, $zip -r sandbox_SUJ.zip*
Delete the sandbox SUJ from Oracle Identity System Administration.
Import the modified sandbox_SUJ.zip created in Step 8.
Logout from Oracle Identity System Administration.
Log in to Oracle Identity Self Service.
Activate the sandbox, SUJ.
In the left pane, under My Profile, click My Information. The My Information page is displayed.
Click Customize to customize the My Information page while the sandbox is active in Oracle Identity Self Service.
Add parent UDF and child UDF (created in Step 4) on the page as Select one choice component.
Select ParentChoice and click Edit Property and copy the Id of parent component. Set the auto submit property to true.
Select DepChoice and click Edit Property and paste the id value of ParentChoice UDF copied in Step 17 to the partailTrigger field.
Publish the sandbox.

Note:

For any LOV, the user details page displays the lookup code as the output text value. To display the LOV lookup value on the user details page, create a searchable picklist (ADF name input list of value), and then make it read-only.

6.10 Specifying Cascaded LOVs Without NULL Value

When you set the value of the required property to true in the attributes on the create user or modify user form, you can still submit a request without selecting a value.

To make the user select a value for the required attribute, you must modify the request dataset to mark the attribute as mandatory. To do so:

When the administrative server and at least one Oracle Identity Manager managed server is running, login to Oracle Enterprise Manager Fusion Middleware Control by using the URL in the following format:

http://ADMINSTRATION_SERVER:PORT/em
Navigate to Identity and Access, oim. Right-click and navigate to System MBean Browser.
Under Application Defined MBeans, navigate to oracle.mds.lcm, Server:oim_server1, Application:OIMAppMetadata, MDSAppRuntime.
To export the request dataset:
1. Click the Operations tab, and then click exportMetaData.
2. In the toLocation field, enter /tmp or the name of another directory.
3. Select createSubDir as false.
4. Specify the doc location as the following:
  
  /metadata/iam-features-requestactions/model-data/CreateUserDataSet.xml.
  
  /metadata/iam-features-requestactions/model-data//ModifyUserDataset.xml
  
  Note:
  
  Multiple documents can be set in the doc location while invoking operations exportMetaData or importMetaData.
5. Also select false for excludeAllCust, excludeBaseDocs, and excludeExtendedMetadata. Then, click Invoke.
  
  This exports the file specified in the docs field to the directory specified in the toLocation field.
Edit the CreateUserDataSet.xml file, and change the value of the 'required' property to true for the attribute you created.
Edit the ModifyUserDataset.xml file, and change the value of the 'required' property to true for the attribute you created.
To import the request dataset:
1. Click importMetaData.
2. In the fromLocation field, enter /tmp or the name of the directory in which you have the configuration files.
3. Select createSubDir as false.
4. Also select false for excludeAllCust, excludeBaseDocs, and excludeExtendedMetadata. Then, click Invoke.
  
  This imports the file specified in the docs field to MDS in the toLocation field.
Restart Oracle Identity Manager.

6.11 Localizing Display Labels of UDFs

Localizing display labels of UDFs involves localizing the content in the BizEditorBundle.xlf file.

To localize display labels of UDFs:

Add a new custom field for the user object by referring to Creating a Custom Attribute and ensure to publish the sandbox.
Export the BizEditorBundle.xlf file from MDS by referring to Exporting Metadata Files to MDS in the Developing and Customizing Applications for Oracle Identity Governance.
Localize the content in BizEditorBundle.xlf to the expected locales. To do so:
1. Create a copy of the BizEditorBundle.xlf file and rename it, for example, BizEditorBundle_zh_CN.xlf.
2. Edit the <file> element from:
```
<file source-language="en" original="/xliffBundles/oracle/iam/ui/runtime/BizEditorBundle.xlf" datatype="x-oracle-adf">
```
  To the following sample:
```
<file source-language="en" original="/xliffBundles/oracle/iam/ui/runtime/BizEditorBundle.xlf" datatype="x-oracle-adf" target-language="zh-CN">
```
3. Translate all the contents in the BizEditorBundle_zh_CN.xlf file.
Import the BizEditorBundle_zh_CN.xlf file to MDS by referring to Importing Metadata Files from MDS in the Developing and Customizing Applications for Oracle Identity Governance.
Customize the Identity Self Service page to add the custom field label. See Adding a Custom Attribute for details.
Switch the browser language to zh-CN, and log in to the Identity Self Service again.
Go to the page on which the custom attribute has been added, and confirm that the customized field label is using its localized value.

6.12 Configuring a Field as Mandatory Attribute in the Request Catalog

Configuring a field as mandatory attribute in the request catalog involves customizing the catalog, and setting the value of the Override property to true.

To configure a field as mandatory attribute in the request catalog:

In Oracle Identity Self Service, create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
On the left pane, under System Entities, click Catalog. The Catalog page is displayed.
Search for and select the application instance whose form page must be updated, and the click Add to Cart.
Click Checkout.
On the Cart Details page, under the Details section, the application instance form and its attributes are displayed.
Click Customize. The page opens in customization mode.
From the View menu, select Source. The object tree is displayed.
Under the Details section, select and click the attributes of the application instance form. A message confirming whether you want to edit the page is displayed.
Click Edit. In the object tree, the ADF component corresponding to the selection made in step 8 is selected.
Select the input text that is to be marked as mandatory, and click Edit. The Component Properties:inputText window opens.
Navigate to the required field, click the drop down icon adjacent to the field, select Override, and then select Expression Builder.
In the Expression Builder window, select the Type a value or expression option, and enter true.
Click OK, and then click Apply.
Click OK in the Component Properties:inputText. Click Close to quit customization mode.
Export the sandbox and publish it.