In the provisioning scenario, the first available location from which the operation data can be retrieved and utilized for SecureLogin credential provisioning is in the driver's Input Transformation policy. In the sample scenario, three policies are implemented:
Set SecureLogin Credentials after successful password synchronization.
Set SecureLogin Passphrase and Answer
Remove SecureLogin Credentials if Application User Deleted (Identity Vault object not deleted)
NOTE:There is a sample policy in the SampleInputTransform.xml file that sets SecureLogin credentials after a successful password synchronization occurs. The file is located in the Credential Provisioning folder on the Identity Manager 3.0 Support Pack 1 media.
The Set SecureLogin Credentials policy needs to make sure the provisioning happens only if the returned command status is success and the previously set <operation-data> is present.