To see the tasks that have been assigned to you:

1. Click My Tasks in the My Work group of actions.

   The list of tasks in your queue is displayed.

   

   For resource and role requests, the Recipient column in the task list specifies the user(s) or group(s) that will receive the resource or role in the event that the required approvals are given. For attestation requests, the Recipient column specifies the name of the attester, which is the same as the name of the individual currently logged on to the User Application.

   The Type column in the task list includes an icon that indicates whether the task is currently assigned to a user, group, delegate, or to multiple approvers. The type Assigned to Multiple Approvers applies in the following situations:

   • The task has been assigned to a group of addressees, but only one addressee can claim and approve the task. After this approval is given, task execution is considered complete.

   • The task has been assigned to multiple addressees, and all of them must claim and approve the task before the activity can be considered complete.

   • The task has been assigned to multiple addressees, and a quorum of users must claim and approve the task before the activity can be considered complete. The definition of a quorum is configured by the administrator. To define the quorum, the administrator specifies an approval condition that specifies the precise number of approvals or the percentage of approvals needed.

   The workflow system performs short circuit evaluation to optimize quorums. Whenever a quorum approval condition reaches the point where a quorum is not possible, the activity is denied and the task is removed from the queues of all addressees.

   The Priority column shows a flag for the high priority tasks. You can sort the list of tasks by priority by clicking the Priority column.

   Workflow tasks associated with attestation requests show a task name of Attestation Approval, as shown below:

   Figure 10-1 Workflow Task for an Attestation Request

   

To select a task in the queue list:

1. Click the name of the task in the queue.

   

   The Task Detail form is displayed.

   

   When a task is assigned to multiple approvers, the Task Detail form displays the Multiple Approvers icon next to the Assigned To field, and displays text below the icon to indicate that multiple approvals are necessary.

   

2. To display more information about a task assigned to multiple approvers, click the text under the Multiple Approvers icon:

   

   A pop-up window displays to indicate how many approvals are required, who the current addressees are, and what the approval status currently is.

   

   The requirements for the task depend on how the task was configured by your administrator:

   • If the approval type is group, the task has been assigned to several users within a group, but only one is expected to claim and approve the task.

   • If the approval type is role, the task has been assigned to several users within a role, but only one is expected to claim and approve the task.

   • If the approval type is multiple approvers, the task has been assigned to several addressees, and all of the addressees must claim and approve the task.

   • If the approval type is quorum, the task has been assigned to several addressees, and a quorum of addressees is sufficient to approve the task. The definition of a quorum is configured by the administrator. To define the quorum, the administrator specifies an approval condition that specifies the precise number of approvals or the percentage of approvals needed.

   The workflow system performs short circuit evaluation to optimize quorums. Whenever a quorum approval condition reaches the point where a quorum is not possible, the activity is denied and the task is removed from the queues of all addressees.

3. To claim a task, follow the instructions under Section 10.2.3, Claiming a Task.

4. To view the comment history for the task, click View Comment History.

   A pop-up window lets you see user and system comments. The order in which comments appear is determined by the time stamp associated with each comment. Comments entered first are displayed first. For parallel approval flows, the order of activities being processed concurrently can be unpredictable.

   1. To display user comments, click Show User Comments.

      

      User comments include the following kinds of information:

      • The date and time when each comment was added.

      • The name of the activity to which each comment applies. The list of activities displayed includes user and provisioning activities that have been processed or are currently being processed.

      • The name of the user who made the comment. If the comment is generated by the workflow system, the name of the application (for example, IDMProv) is the user name. Comments generated by the workflow system are localized automatically.

      • The comment text, which includes the name of the user who is the current assignee for each activity.

      The workflow designer can disable the generation of user comments for a workflow. For more information, see the Identity Manager User Application: Design Guide.

   2. To display system comments, click Show System Comments.

      

      System comments include the following kinds of information:

      • The date and time when each comment was added.

      • The name of the activity to which each comment applies. When you display system comments, all activities in the workflow are listed. The list of activities includes those that have been processed or are currently being processed.

      • The name of the user who made the comment. If the comment is generated by the workflow system, the name of the application (for example, IDMProv) is the user name. Comments generated by the workflow system are localized automatically.

      • The comment text, which indicates what action was taken for the activity.

      System comments are intended primarily for debugging purposes. Most business users do not need to look at the system comments for a workflow.

   3. To scroll through a long list of comments, click the arrows at the bottom of the screen. For example, to scroll to the next page, click the Next arrow.

      

   4. Click Close to close the window.

5. To return to the task list, click Back.

To claim a task to work on:

1. Click Claim.

   

   For resource requests and role requests, the Form Detail section of the page is updated to include the Deny and Approve buttons, as well as any other action buttons included by the flow definition, and the appropriate fields become editable.

   For attestation requests, the Form Detail section of the page is updated to include the attestation form. The appearance of the form varies, depending on the attestation type. For user profile attestation processes, the form shows the user profile data you need to review:

   

   For role assignment, user assignment, and SoD attestation processes, the form includes a report that shows the data you need to review:

   

   For all attestation types, the form shows controls that allow you to answer the required attestation question, as well as any additional survey questions included in the attestation process:

   

   In the case of a resource request, if the task requires a digital signature, the Digital Signature Required icon appears in the upper right corner of the page.

   

   In addition, on Internet Explorer, a message appears indicating that you need to press the Spacebar or the Enter key to activate the digital signature applet.

   

2. If you’re working on a task that requires a digital signature, perform these steps:

   1. If you’re using a smart card, insert the smart card into the smart card reader.

   2. On Internet Explorer, press the Spacebar or the Enter key to activate the applet.

      At this point, your browser might display a security warning message.

      

   3. Click Run to proceed.

   4. Fill in the fields in the approval form. The fields on the form vary depending on which resource you requested.

   5. Click the check box next to the digital signature confirmation message to indicate that you are ready to sign.

      The digital signature confirmation message varies depending on how the provisioning resource was configured by the administrator.

      The applet then displays a pop-up window that allows you to select a certificate. The pop-up window lists certificates imported to the browser as well as certificates imported to the smart card (if one is currently connected).

      

   6. Select the certificate you want to use and click Select.

      

   7. If you select a certificate that has been imported into your browser, type the password for the certificate in the Password field on the request form.

   8. If you select a certificate that has been imported to your smart card, type the PIN for your smart card and click OK.

      You do not need to type the password for the certificate if you’re using a smart card, because the certificate password has already been transmitted to the card.

      

      If your administrator has enabled the ability to preview the user agreement, the Preview button is enabled.

   9. Click Preview to see the user agreement.

      If the digital signature type is set to Form, a PDF document is displayed.

      If the digital signature type is set to data, an XML document is displayed.

3. To deny a resource or role request, click Deny.

   

4. To approve a resource or role request, click Approve.

   

   The User Application displays a message indicating whether the action was successful.