30.6 Exporting and Importing Quick Reference

30.6.1 Exporting and Importing Data Sources and Related Data

OpenText Identity Governance enables you to download and import entity attributes, data sources, and catalog entities from one environment to another. However, certain conditions and constraints might apply to import capabilities. When importing catalog entities, if there is a conflict between the imported custom attribute data type and the attribute data type in the target system, you will not be able to import the custom attribute. For example, if you edited a custom attribute data type in your staging environment, exported the attribute, then attempted to import it in your production environment, the import will fail. This is because the application does not support attribute data type change during import or after collection.

To export and import

Log in as

Navigate to

Click the link or select the action

Attributes as SQLite database files

Global, Customer, Business Roles, or Data Administrator

NOTE:Business Roles Administrator can export and import only Business Role attributes.

Data Administration > Attributes where attributes are:

  • Identity

  • Account

  • Permission

  • Group

  • Business Role

  • Application

  • Permission Assignments

Download Attributes

Import Attributes

Identity data sources as JSON files

Global, Customer, or Data Administrator

Data Sources > Identities

Select an identity source, then select Test Collection and Troubleshooting > Download and Emulation

Download Data Source Configuration

Import an identity source

Application data sources as JSON files

Global, Customer, or Data Administrator

Data Sources > Applications

Select an application source, then select Test Collection and Troubleshooting > Download and Emulation

Download Data Source Configuration

Import an application source

Identity bulk update definitions as SQLite database files

Global, Customer, Bootstrap, or Data Administrator

Data Sources > Identities > Bulk data update

Export Bulk Data Update

Import Bulk Data Update

Application bulk update definitions as SQLite database files

Global, Customer, Bootstrap, or Data Administrator

Data Sources > Applications > Bulk data update

Export Bulk Data Update

Import Bulk Data Update

Identities merge rules as a single JSON file

Global, Customer, or Data Administrator

Data Sources > Identities

Export merging rules

Import merging rules

Application collector as a JSON file

Global, Customer, or Data Administrator

Data Sources > Application

Expand the collector view, then click Export

Import collector, before importing, you must create an application source and save it.

Application definition as a JSON file

Global, Customer, Bootstrap, or Data Administrator

Data Sources > Application Definitions, select an application definition source, then select Test Collection and Troubleshooting > Download and Emulation

Download Data Source Configuration

Import an application definition source

Data source templates as JSON files

Global, Customer, or Data Administrator

Configuration > Templates where templates are:

  • Identity Source Collector Templates

  • Application Source Collector Templates

  • Application Definition Source Collector Templates

Actions > Download

Actions > Add new template

Data centers as a single JSON file

Global or Customer Administrators

Data Sources > Data Source Connection

Actions > Export Data Centers

Import Data Centers

Data source connections as a single JSON file

Global, Customer, Data, or Fulfillment Administrators

Data Sources > Data Source Connections

Export Data Source Connections

Import Data Source Connections

Data policies as JSON files

Global, Customer, or Data Administrator

Data Administration > Policies and Controls

Actions > Export Data Policies

Import Data Policies

Data policy schedules as SQLite database files

Global, Customer, or Data Administrator

Data Administration > Policies and Controls > Schedule

Export Schedule

Import Schedule

Archive destinations as SQLite database files

Global, Customer, SaaS Ops, Bootstrap, or Maintenance Administrator

Data Administration > Maintenance

Export Archive Destination

Import Archive Destination

Collection schedules as a SQLite database file

Global, Customer, or Bootstrap Administrator

Data Sources > Schedules

Export Schedules

Import Schedules

Catalog entities as a CSV file

Global, Customer, Access Request, Data, Auditor, Security Officer, Review, Technical Role, or Separation of Duties Administrator

Catalog > Entities where entities are:

  • Identities

  • Accounts

  • Groups

  • Applications

  • Permissions

Download all as CSV

Email notification templates as XML files

Global, Customer, or Bootstrap Administrator

Configuration > Notification Emails

Download XML

Import XML

30.6.2 Exporting and Importing Authorization Assignments and General Settings

To export and import

Log in as

Navigate to

Click the link or select the action

Global authorizations as SQLite database files

Global, Customer, Bootstrap Administrator, or Security Officer

Configuration > Authorization Assignments

Export Assignments

Import Assignments

General settings as SQLite database files

Global, Customer, or Bootstrap Administrator

Configuration > General Settings

Export General Settings

Import General Settings

30.6.3 Exporting and Importing Fulfillment-Related Data

To export and import

Log in as

Navigate to

Click the link or select the action

Fulfillment context attributes as SQLite database files

Global, Customer, Bootstrap, or Fulfillment Administrator

Configuration > Fulfillment Context Attributes

Export Context Attributes

Import Context Attributes

Fulfillment target as single JSON files

Global, Customer, or Fulfillment Administrator

Fulfillment > Configuration

Select a fulfillment target, then select Download Fulfillment Target

Fulfillment target configurations as SQLite database files

Global, Customer, Bootstrap, or Fulfillment Administrator

Fulfillment > Configuration

Export Fulfillment Configuration

Import Fulfillment Targets

Application fulfillment target configurations as SQLite database files

Global, Customer, Bootstrap, or Fulfillment Administrator

Fulfillment > Configuration

Export Fulfillment Configuration

Import Application Setup

Fulfillment target templates as JSON files

Global, Customer, or Data Administrator

Configuration > Fulfillment Target Templates

Actions > Download

Actions > Add new template

Email notification templates as XML files

Global, Customer, or Bootstrap Administrator

Configuration > Notification Emails

Download XML

Import XML

30.6.4 Exporting and Importing Risk Policies and Schedules

To export and import

Log in as

Navigate to

Click the link or select the action

Risk policies and schedules as SQLite database files

Global, Customer, Bootstrap, or Data Administrator

NOTE:Bootstrap Administrator can export only risk policies.

Policy > Risk

Export Risk Policies

Import Risk Policies

30.6.5 Exporting and Importing Technical and Business Roles and Related Data

When you import technical roles, OpenText Identity Governance detects whether you are importing new or updated roles and whether the updates would create any conflicts or have unresolved references. Unresolved technical roles where a match for the referenced object is not available in the system, are marked by an indicator. Importing before the roles are resolved will result in incomplete roles with some missing permissions. If an indicator appears next to a role in the import view, inspect these roles and ensure that they map properly in the target system.

NOTE:After importing technical or business roles, you must activate or publish them before they take effect in the system. Also, OpenText Identity Governance must recognize the users that hold the permissions as members of a technical role. For more information, see Section 15.8, Activating Technical Roles.

When you import technical roles as a JSON or ZIP file that is exported from a previous version of OpenText Identity Governance, OpenText Identity Governance will utilize the enhanced import process to import the file.

When you import a business role, if that role references a technical role that is deactivated, then the applicationdisplays a warning. You can choose to activate the technical role and import, or continue with the import without activating the role. If you select the latter, the application ignores the reference to the inactive role but allows you to activate the role later and include it in the policy.

To export and import

Log in as

Navigate to

Click the link or select the action

Technical role definitions as SQLite database files

Global, Customer, Bootstrap, or Technical Role Administrator

NOTE:A Bootstrap administrator can export only technical role definitions.

Catalog > Roles

Actions > Download Definitions

Import Technical Roles

Lists of Technical roles as CSV files

Global, Customer, Bootstrap, or Technical Role Administrator

NOTE:A Bootstrap administrator can export only technical role definitions.

Catalog > Roles

Actions > Download all as CSV

Business role definitions as a JSON file

Global, Customer, or Business Roles Administrator

Policy > Business Roles

Actions > Download Definitions

Import Business Roles

List of Business roles as a CSV file

Global, Customer, or Business Roles Administrator

Policy > Business Roles

Actions > Download all as CSV

Business role approval policies as a single JSON file

Global, Customer, or Business Roles Administrator

Policy > Business Roles > Approval Policies

Download Definitions

Import Approval Policies

Business role auto request settings as SQLite database files

Global, Customer, or Business Roles Administrator

Policy > Business Roles > Auto Requests

Export Auto Request Settings

Import Auto Request Settings

List of Business role inconsistencies as SQLite database files

Global, Customer, or Business Roles Administrator

Policy > Business Roles > Manage Inconsistencies

Export Inconsistency Settings

Import Inconsistency Settings

Auto Inconsistency Resolution policies as SQLite database files

Global, or Customer Administrator

Policy > Inconsistency Resolution > Auto Resolution Policies

Import Auto Resolution Policies

Actions > Download

List of Auto Inconsistency Resolution policy related business role inconsistencies as a CSV file

Global, or Customer Administrator

Policy > Inconsistency Resolution > Auto Resolutions, then click on inconsistencies count

Download

Analytics and role mining settings as an SQLite database file for:

  • Decision support

  • Similarity Profile Attributes

  • Role Mining

Global, Customer, Bootstrap, Business Roles, Technical Role, or Data Administrator

NOTE:A Technical Role Administrator can export and import decision support and role mining settings.

Configuration > Analytics and Role Mining Settings

Export Analytics Settings

Import Analytics Settings

Email notification templates as XML files

Global, Customer, or Bootstrap Administrator

Configuration > Notification Emails

Download XML

Import XML

30.6.6 Exporting and Importing Separation of Duties Related Data

During an export, if a default approval policy is assigned, the application exports the policy as part of the JSON file. When importing, if the import file includes a default approval policy, the application offers the option to change or modify the existing policy or set a default policy if no policy currently exists.

When you import SoD policies, if that policy references a technical role that is deactivated, the application displays a warning. You can choose to activate the technical role and import, or continue with the import without activating the role. If you select the latter, ignores the reference to the inactive role but allows you to activate the role later and include it in the policy.

To export and import

Log in as

Navigate to

Click the link or select the action

SoD policies as JSON files

Global, Customer, or Separation of Duties Administrator

Policy > SoD

Actions > Download Definition

Import Separation of Duty Policies

SoD approval policies as JSON files

Global, Customer, or Separation of Duties Administrator

Policy > SoD > SoD Approval Policies

Actions > Download Definition

Import SoD Approval Policies

SoD violation options as SQLite database files

Global, Customer, Bootstrap, or Separation of Duties Administrator

Policy > SoD > Violation Options

Export Violation Options

Import Violation Options

Email notification templates as XML files

Global, Customer, or Bootstrap Administrator

Configuration > Notification Emails

Download XML

Import XML

30.6.7 Exporting and Importing Access Request Related Data

When you download forms, the JSON file contains both request and approval form data because the request and approval forms need corresponding controls to facilitate data flow. When you import forms, you can preview the forms and compare the previous form with the imported form and revert if required. To use the imported form, you must publish it. Note that, for default forms, you must select an application or permission to preview the imported forms.

When you import new access request policies, if that policy references a technical role that is deactivated, the application displays a warning. You can choose to activate the technical role and import, or continue with the import without activating the role. If you select the latter, the application ignores the reference to the inactive role but allows you to activate the role later and include it in the policy.

NOTE:When you download approval policies for access requests, the associated assignments for the policy are also included in the download file.

To export and import

Log in as

Navigate to

Click the link or select the action

Default forms as a single JSON file

Global, Customer, or Access Request Administrator

Policy > Access Request Policy

  • Application Default Forms

  • Permission Default Forms

Download Forms

Import Custom Forms

Custom forms as a single JSON file for applications and permissions

Global, Customer, Access Request Administrator, or Application Owner

Catalog > Applications > Application Name > Custom Forms

Or

Catalog > Permissions > Permission Name > Custom Forms

Actions > Download Forms

Import Custom Forms

 

Global, Customer, or Access Request Administrator

Policy > Access Request Policy > Approval Policies Edit the policy, then select:

  • Approval Process

  • Applications

  • Permissions

  • Roles

Import Assignments

Workflows or forms

Global, Customer, or Workflow Administrator

Workflow Administration Console > Catalog

  • Forms

  • Workflow

Export and import workflows

Export and import forms

Coverage maps as a JSON file

Global, Customer, Bootstrap, Access Request, or Review Administrator

Policy > Coverage Maps

Actions > Export Coverage Maps

Import Coverage Maps

Delegate mappings as a SQLite database file

Global, Customer, or Data Administrator

Policy > Delegation

Download mappings or Actions > Download mappings

Import Delegate Mappings

Access requests as a single JSON file

Global, Customer, or Access Request Administrator

Policy > Access Request Policies

Import Access Request Policies

Access request approval policies as a single JSON file

Global, Customer, or Access Request Administrator

Policy > Access Request Policies > Approval Policies

Actions > Download Definitions

Import Access Request Approval Policies

List of access request approval policies as a CSV file

Global, Customer, or Access Request Administrator

Policy > Access Request Policies > Approval Policies

Actions > Download all as CSV

Email notification templates as XML files

Global, Customer, or Bootstrap Administrator

Configuration > Notification Emails

Download XML

Import XML

30.6.8 Exporting and Importing Review Definitions Related Data

Remediation settings such as email recipients and review definitions can be resolved when a certification policy is imported or it can be resolved manually after import. So, to avoid unmapped errors when you are importing, extract the files, import the review definitions, then import the certification policy.

Importing review definitions may also result in unresolved references when matching criteria is not collected. To avoid these errors, ensure that the global import and export settings com.netiq.iac.importExport fie is configured. Contact your SaaS Operations Administrator to ensure that the settings are configured correctly.

NOTE:OpenText Identity Governance uses an existing coverage map, and automatically resolves coverage map references. If a coverage map does not exist, it creates one.

To export and import

Log in as

Navigate to

Click the link or select the action

Review definitions as JSON files

Global, Customer, Auditor, or Review Administrator

NOTE:Auditors can only download review definitions.

Reviews > Definitions

Download Definitions

Import Review Definitions

Reviewers and review item lists as CSV files

Global, Customer, Auditor, or Review Administrator

Reviews > Reviews > review name

Download reviewers

Download all review items as CSV

Review Configuration as SQLite database files

Global, Customer, Data, or Review Administrator

NOTE:Data Administrator can export and import only account controls.

Reviews > Review > Settings

Export Review Configuration

Import Review Configuration

Delegate mappings as a SQLite database file

Global, Customer, or Data Administrator

Policy > Delegation

Download mappings or Actions > Download mappings

Import Delegate Mappings

Coverage maps as a JSON file

Global, Customer, Bootstrap, Access Request, or Review Administrator

Policy > Coverage Maps

Actions > Export Coverage Maps

Import Coverage Maps

Certification policies as a JSON file

Global, Customer, Data, or Review Administrator

Policy > Certification

Action > Export Policies

Import Certification Policies

Certification schedules as SQLite database files

Global, Customer, Data, or Review Administrator

Policy > Certification > Schedule

Export Schedule

Import Schedule

Email notification templates as XML files

Global, Customer, or Bootstrap Administrator

Configuration > Notification emails

Download XML

Import XML

30.6.9 Exporting and Importing Analytics-Related Data

OpenText Identity Governance provides ability to define queries and metrics to analyze your governance system.

To improve download speed of insight queries CSV file, the default value of com.netiq.iac.ui.insightQuery.download.results.pageSize configuration property is set to 1000. Contact your SaaS Operations Administrator to ensure that the settings are configured correctly.

To export and import

Log in as

Navigate to

Click the link or select the action

Metric results as a CSV file

Global, Customer, or Data Administrator

Configuration > Analytics and Role Mining Settings

Actions > Download Metrics

Custom metric definition as a JSON file

Global, Customer, or Data Administrator

Configuration > Analytics and Role Mining Settings

Actions > Download Definition

Import Custom Metrics

Metrics data store configurations as SQLite database files

Global, Customer, Bootstrap, or Data Administrator

Configuration > Analytics and Role Mining Settings > Metrics Data Stores

Export Metrics Data Stores

Import Metrics Data Stores

Insight queries as SQLite database files

Global, Customer, Auditor, Data, or Governance Insights Administrator

Catalog > Governance Insights

Download Queries

Import Insight Queries

Insight query results as a CSV file

Global, Customer, Auditor, Data, or Governance Insights Administrator

Catalog > Governance Insights then select the query

Download results of insight query as a CSV file

Custom governance widget data as a PDF or a CSV file

Global, Customer, or Data Administrator

Overview > Governance Widgets

Download chart as PDF file

Download data as CSV file

30.6.10 Exporting and Importing Categories and Settings

You can directly import categories or use the entity import feature to import entities with category reference.

To export and import

Log in as

Navigate to

Click the link or select the action

Categories as SQLite database files

Global, Customer, or Bootstrap Administrator

NOTE:Bootstrap Administrator can export only categories.

Configuration > Categories

Export Categories

Import Categories

Download settings as SQLite database files

Global, Customer, Bootstrap, or Data Administrator

Configuration > Download Settings

Export Download Settings

Import Download Settings