How to use workflows in a self-service scenario

Last modified 22 Apr 2021 17:31 +02:00

Imagine you have a self-service application and you want to approve each registration request coming from it.

One possible solution using midPoint could be based on an assumption that each user registered in the application would become a midPoint user. So, the overall process could look like this:

  1. The user asks in a self-service application for a registration, providing basic personal information in the request.

  2. The application calls a midPoint API (e.g. via SOAP) with a request to add a user. Personal information entered by the user would be part of this request. Also, a user type (e.g. via employeeType attribute) would be set to a specific value (e.g. self-service).

  3. In the midPoint, there would be a specially-created workflow change aspect that would watch for the "self-service" value in employeeType attribute. If encountered, it would forbid direct execution of the request, and would start a specified workflow approval process instead.

    1. The process could be either a custom BPMN process, or (more conveniently) it can be a parameterized standard midPoint ItemApproval process.

  4. If approved, midPoint user would be created and the requester would get notified. If rejected, the user would not be created in midPoint, and the requester would also get notified. (After some tweaking, the self-service application could be notified as well; or it could query midPoint to see the status of the request - this is not implemented yet, but it’s not that hard to implement.)