Scenario Background:
An existing employee has enrolled to take classes, so now has affiliation and attribute data in both the institutional HR system and the institutional Student Information System (SIS).
Scenario Narrative:
- An institutionally defined process invokes the Person Registration and Update service either via a REST API (synchronous method) or by placing a Person Update message into the Person Update queue. The payload of this call/message contains this person's demographic and affiliation information from the SIS, including the unique identifier used in the SIS.
- The Person Registration and Update service invokes the Person Match service.
- The Person Match Service evaluates the demographic information to determine whether or not the SIS information matches an existing person.
- If an exact match, the affiliation is applied to the existing person.
- If a possible match, a verification process is triggered.
- If matching reveals that the SIS unique identifier is already in use by a different person, a verification process is triggered to resolve the discrepancy.
- If no match, a new person is created.
- The Person Registration and Update Service stores the new SIS affiliation and attribute information in the Person Master Store.
- The Person Registration and Update Service calls the Group Update Service (synchronous) or places a Person Update message in the Person Update queue (asynchronous).
- The Group Update service re-calculates data-driven group membership based on the person's affiliation and attribute data (including the newly added SIS attribute data).
- The Group Update service invokes the Group-Based Provisioning service (synchronous) or places a Group Update message on the Group Update queue (asynchronous).
- The Group-Based Provisioning Service evaluates the person's group memberships and performs any provisioning required by the newly added groups.
- The user is able to access resources secured by groups or attributes relating to their newly added SIS attributes.