top of page

Identity Lifecycle

BAAR-IGA integrates with your HR system and ensures new users, changed users, and terminated users are provisioned, changed, or de-provisioned from all systems, not just applications.

Working Hands_edited.jpg

Onboarding, Off-Boarding and Changes to User Roles

User Onboarding - Active Directory

Once a new user is added to the HRMS, BAAR-IGA goes to the Active Directory or related book or record, creates an ADID and Email ID, and assigns all related security groups based on a birthright matrix.

Assignment of Licenses

BAAR-IGA will assign the appropriate O365 and other licenses to the onboarded users and cancel licenses for terminated users.

User Changes

If the user's role or department changes, BAAR-IGA will make appropriate changes to Security Groups, OUs, Application Access and update Employee Information automatically, keeping all your records in sync.

User Off-Boarding

When a user leaves the organization, BAAR-IGA revokes the user's access through changes in the Active Directory (AD). This ensures the user is de-provisioned from all the systems the user had access to, not just applications. ​

Automated Hierarchy Change

If a user's manager changes, BAAR-IGA updates the Active Directory (AD) and Azure AD/Teams in an automated manner. Automation ensures data is in sync and reduces operational time, errors, and management costs.

User Lifecycle Reports

BAAR-IGA maintains the lifecycle for each user, recording every change that takes place from when they are onboarded to when the user leaves the organization.

System Users

The onboarding activities are not limited to human users. BAAR-IGA oversees onboarding system users, API users, BOTs and other user types.

Dynamic Distribution Lists

BAAR-IGA assigns Onboarded users to appropriate dynamic distribution lists in an automated manner. Likewise, when the user's role changes or is terminated, the DDLs are provisioned and de-provisioned accordingly.

Long Leave Monitoring

When the user is on a leave of absence, the user's access can be temporarily disabled. Access is enabled a day before the user returns. 

bottom of page