How to record admin user id/name in newly provisioned user account?

Hi there,

We got the requirement that admin user (tenant admin) / the user admin who logged in with the authority to create new alpha user, while creating it we need to record who created this particular account (CREATED BY) and store that value.
Currently I am working on achieving it through event hooks but I don’t know how to access the user detail who created it.
Need help in this. Thanks in advance!

This information can be sourced from the Audit logs, where it is recorded for you. Why duplicate the effort or waste cycles persisting this data in the persistent data store?

hi @grpensa,

First of all thank you for ur response!
I understand that but the requirement is we need to push back this information to remote Identity as a value in attribute. That’s the reason we need to achieve this.

Thanks in advance!

Can anyone provide me solution for this. Thanks in advance!


Thank you for the update. Yes, the identity ReST API would of course have access to the identity in question. The repository api can be used to publish the additional information into a persistence store, and either the claims script or )(my preference) the policy engine can source these properties and include them as claims within your tokens.
Don’t forget to extend the schema of the DS to accommodate your new attribute, prior to this.

Let us know how you get on.

Hi @grpensa ,
Thank you so much for ur response. But if I get any sample script to implement this requirement it would do a great help since I am new to this implementation.
Thanks in advance.

Hi Suriya

If you are writing an event hook, you should try to log the following and see if you can capture “CREATED BY” from either the context or the request.

nodeLogger.warn(“Context …” + context);
nodeLogger.warn(“Request …” + request);

Hi @ajaykumar_suri ,
I am not familiar with this, so your suggesting to get it from context/request right.
For e.g.,
object.created_by = session.username; something like this?

Thank you so much for your response!

Hi Suriya,

As explained by @ajaykumar_suri, the way is to inspect the context from the onCreate/onUpdate event hooks (just log it). The context includes a security context, which might well have the information you need,

FYI → Request context chain :: IDM 7.4.0 and Script triggers defined in the managed object configuration :: IDM 7.4.0


1 Like

hi @patrick_diligent ,

I am working on this but if I get any sample steps or scripts that would do a great help.

Thank you for your response.