Account Mapping
Account Mappings allows users to utilize default mapping rules for accounts and identities.
To filter the table view, use the checkboxes to enable/disable view options, like
- Create Rules: These rules are used to create an identity if matches are found.
- Mapping Rules: These rules map accounts to identities.
- Default Rules: These are Hydden’s out of the box default rules, they can be viewed, but not edited.
- Custom Rules: These are rules created on your tenant.
Use Search to trim the view down to a specific context.
Creating an Account/Identity Mapping Rule
Navigate to Configuration | Identify and select the Account Mapping tab.
Click + Add Rule.
Add Custom Account Mapping Rule modal Specify the Rule Priority. A higher number specifies a higher priority in the evaluation order. By default the modal opens with a value of 20.
Enter a Name and Description for your rule for organizational clarity.
From the Category field, select if it is an Account or Identity mapping rule.
From the Match Account Using field, select if the mapping should happen via Primary Email or Display Name.
Under the Account Matching Requirements section, specify
- An Account Classification if configured. This is an optional field.
- A RegEx Pattern to be match by the rule.
- A RegEx Replacement to be used in the rule.
Use Test to verify your rule works as intended.
Once you are ready to use the rule in your environment, check the Enable Rule checkbox at the top of the modal. The Actions column indicates if a custom rule is enabled or disabled. It will either have a checkmark for enabled or an x for disabled. You may change the state by clicking the x or checkmark to enable or disable a rule without entering the Edit Custom or View Default Account Mapping Rule modals.
Action column indicating custom rule status Note: Mapping rules must be enabled on each data source separately to be active.
Click Add to save and add the rule to your environment.
Testing a RegEx Rule
RegEx testing is available via the Test button on the add or edit account rule mapping modal. Save the test if you want to keep it associated with the rule.
If you have an account with a display name of Jane Doe-admin, a RegEx of (.)\s-\s*admin$, and a test string of Doe-admin, the test returns a match and maps under the value Doe.
Mapping Migration
Previously account mapping defaulted to the following rules:
- If matches were found on the primary email and account UPN.
With the advanced Account Mapping Rules, Hydden delivers the following default account mapping and identity creation rules.
NOTE: To use any of these rules, they need to be enabled on the configured Data Sources.
| Map Account Rules: 13 | Create Identity Rules: 12 |
|---|---|
| Match Any Email Alias | Create Identity: Requires 2+ Accounts & a configured email |
| Match Exact Display Name | Create Identity: Requires 2+ Accounts & a configured Email & a space between names |
| Match Name: first last | Create Identity: Requires 2+ Accounts & a configured email or UPN |
| Match Name: first middle last | Create Identity: Requires 2+ Accounts & a configured Email or UPN & a space between names |
| Match Name: first.last | Create Identity: Requires 2+ Accounts & a configured UPN |
| Match Name: firstinital.secondinitial.last | Create Identity: Requires 2+ Accounts & a configured UPN & a space between names |
| Match Name: firstinitial last | Create Identity: Requires email |
| Match Name: firstinitial secondinitial last | Create Identity: Requires Email & a space between names |
| Match Name: firstinitial.last | Create Identity: Requires email or UPN |
| Match Name: last first | Create Identity: Requires Email or UPN & a space between names |
| Match Name: last.first | Create Identity: Requires UPN |
| Match Primary Email | Create Identity: Requires UPN & a space between names |
| Match UPN |