Provisioning

A way we can make a system that executes X number of minutes after the completion of its dependent system. For example, we have customers that want us to drop O365 groups for users after we create them in AD but there is no way to create an O365 system that is dependent on the AD system that would not near immediately error because the user has not sync'd to O365 yet. If for example we could say the O365 system is dependent on the AD system with a 30 min delay it would alleviate this issue.

Currently, we support processing up to 3 million records from snapshots for reconciliation. However, this limit is insufficient for larger tenants or those with numerous target systems. To address this, we plan to increase the supported limit. This effort will be best-effort and timeboxed—we will allocate one sprint (approximately one month) to focus on scaling this capability. The goal is to achieve meaningful improvement within that timeframe, without guaranteeing support for all possible volumes.

Problem: When cloning a product in HelloID Service Automation , the associated form is linked , not copied . This is by design according to the docs, but it's inconsistent with how Delegated Forms behave — where cloning creates a full copy. This often leads to confusion. If users want a true clone (with its own form), they have to: Open the original product Switch to the editor Copy the JSON of the form Paste it into the new product's editor This process is time-consuming, error-prone, and doesn't align with expectations — especially since customers more often clone products than standalone forms. Proposal: Clone Option Prompt: When cloning a product, present a choice: - Link existing form (current behavior) - Create a full copy of the form (new behavior) Consistent Behavior: Match the cloning behavior of Delegated Forms for a more intuitive experience. Benefits: Improved Consistency: Aligns logic across different parts of HelloID Time Savings: Avoids manual copy-pasting of form data More Control: Lets users choose what fits their workflow Better Usability: Reduces confusion, especially during implementation projects

It would be very useful to also have the option to disable the source connector, just like we can do with targets. If a source is disabled, we wouldn't expect any more data from it. This would be very helpful for migrations.

I would like the name/display name of the permission definition to be visible in the Business Rules UI (Entitlements), so it's clear which permission definition a permission originates from. This can become confusing when multiple permission definitions exist. Of course, it's possible to work around this by adding a prefix via PowerShell, but it would be preferable if this functionality were natively supported in HelloID. Additionally, having a filter in the Entitlements view would be helpful to filter entitlements by permission type.

As an Administrator or end user I would like to have the option to use the OR statement to check on different attributes in a business rule. Currently only the AND statement is supported. Without this functionality I need to make a LOT of specific rules to facilitate the desired result.

Once an import of a source system is blocked, I would like to see the persons that cause this. For example, when the import is blocked because to many persons were removed from the source, I would like to information of the persons. This helps a lot when I need to validate and approve the import.

As an administrator I would like the option to also export lists in Provisioning. The possibility to export grids is now implemented in most parts of the software. There are however a lot of lists which are not exportable. For example in the business rules, which persons are in that rule. Excluded/Included persons, custom events, aggregation, etc. Could you make it that every overview can be exported?

As a HelloID Administrator, I would like to have the option to create a new user account as enabled user object. In this way we can create enabled accounts without granting the account access permission. Add account enabled attribute toggle to the Active Directory (on-premise) target system. Same option as already implemented in Microsoft Azure AD target system.

As a HelloID administrator, I would like to send notifications on multiple pre-offboarding events. For example, I would like to send a notification 14 days before the employment ends, and also seven days before the employment ends.