Enabling requester identity validation

In BMC Helix Business Workflows, an administrator can enable the identity validation of requesters who request for services and for whom the case agents create cases at a global or a company level. A case administrator can enable identity validation for case templates. When identity validation is enabled, before a case agent creates a case for a requester (or an employee in an organization), the case agent must validate the identity of the requester by entering a Personal Identification Number (PIN) that the requester provides.

Requester validation ensures the following:

  • The requester is an actual employee and not a fraudulent person who requests a service on behalf of an employee.
  • The case agent does not share any employee-related or sensitive information with a fraudulent person like employee bonuses, benefit policies, reimbursements, and so on.

By default, identity validation is not enabled. An administrator or a case business analyst can enable identity validation in the following ways:

UserWhereReference
AdministratorCommon ConfigurationsTo enable identity validation at a global or company level
Case business analystCase templateTo enable identity validation in a case template

The following table describes the precedence and behavior of identity validation for the selected configuration value:

Configuration valueBehavior of identity validation
NoneNoneOptionalEnforced
OptionalOptionalOptionalEnforced
EnforcedEnforcedEnforcedEnforced

If a case template is not selected, the identity validation set globally is applied.

Important

Identity validation that is set globally is applied only to new cases and not to the existing ones.

Before you begin

As an administrator, ensure that each employee in your organization has a PIN. PIN value can be alphanumeric and has a maximum length of 30 charactersYou can set the length and pattern of the PIN values for the employees of your organization as per your choice. For example, you can decide to use a PIN value of five characters with one alphanumeric character and four numeric characters.

For more information about assigning a PIN, see Creating or modifying People data .

To enable identity validation on a global or company level

  1. Log in to BMC Helix Business Workflows.
  2. Click My Application Settings .
  3. Select Application Configurations > Common Configurations.
  4. On the Application Configurations page, select the Company for which you want to enable identity validation.
  5. Click IDENTITY_VALIDATION.
  6. Click Configuration Value, and select one of the following values:

    OptionAction
    NoneDisable requester identity validation. While creating a case, if identity validation is disabled at global and case template level, the Validate option does not appear on the case template.
    OptionalMake requester identity validation enabled and optional. While creating a case by using Quick Case, if a case agent skips the validation, the agent cannot view requester details, previous cases by the requester, or related cases and knowledge articles.
    EnforcedMake requester identity validation enabled and enforced. A Case Agent cannot create a case without validating a requester's identity.
  7. Click Save.

To enable identity validation in a case template

  1. Log in to BMC Helix Business Workflows.
  2. Click My Application Settings .
  3. Navigate to Case Management Case Templates.
  4. From the Case Templates page, open the required template.
  5. Edit the Template Metadata section, and in Identity Validation, select one of the following options:

    OptionAction
    NoneDisable requester identity validation. While creating a case, if identity validation is disabled at global and case template level, the Validate option does not appear on the case template.
    This is applicable only when the global level setting for identity validation is set to None.
    OptionalMake requester identity validation enabled and optional. While creating a case by using Quick Case, if a case agent skips the validation, the agent cannot view requester details, previous cases by the requester, or related cases and knowledge articles.
    This is applicable only when the global setting for identity validation is set to None or Optional.
    EnforcedMake requester identity validation enabled and enforced. A Case Agent cannot create a case without validating a requester's identity.
    This is applicable irrespective of the global setting for identity validation.
  6. Save the template.

Setting PINs for requester identity validation

You can set the PIN values for identity validation by using different ways. An administrator can directly configure and change the PINs for the employees in the organization. However, if you have a large number of employees, setting the PINs manually becomes difficult. In this case, you can use the REST API to capture the employee PINs by using your own employee portal. This also enables you to define the format of the PIN based on your organization's policies. You can also use a bulk update for the employee PINs by using your own batch jobs by calling the same REST API. Alternatively, you can also use JAVA code to generate the PINs for the employees.

Following example illustrates a REST API command of how a PIN value can be set.

Request URL

http://<hostname>:<portname>/api/rx/application/record/recordinstance/applicationURL:EmployeeName/EmployeeID


Where:
hostname is the name of the host computer on which BMC Helix Innovation Suite is installed.
portname is the port number assigned to the application server.
applicationURL:EmployeeName/EmployeeID is the sample pattern of the URL with the name and ID of the employee.

Request headings

  • Content-Type—application/json
  • X-Requested-By—Client Type ID

Request body

{ "resourceType": "com.bmc.arsys.rx.services.record.domain.RecordInstance", "id": "IDGAA5V0HI5R3ANAUDRBTI0SMOC7P6", "displayId": "1", "recordDefinitionName": "com.bmc.arsys.rx.foundation:Employee", "fieldInstances": { "1000003975": { "resourceType": "com.bmc.arsys.rx.services.record.domain.FieldInstance", "id": 1000003975, "value": "12345678" } } }

For more information about setting the PIN for requester identity validation using the JAVA script, download JAVA code for identity validation.

Best Practice

BMC recommends that you set the PIN values for requester identity validation by using REST APIs or JAVA code.

Related topics

Troubleshooting application access and usage issues

Troubleshooting errors


Was this page helpful? Yes No Submitting... Thank you

Comments