Identity and Access Management Interview Questions
Image Source - Pixabay

Users demand quick and easy access to systems and information whether they’re located in the office, at home or on the road. To provide the better experience to the users almost all organizations do their best to provide fast access to secure data. Sensitive data and applications are secured using identity and Access Management protocol. And nowadays, most of multinational companies are looking for young talented candidates who are well-versed in Identity and Access Management. So, if you wish to start your career in this field, we’re here to help you! In this section, we have come up with the collection of most important and frequently asked Identity and Access Management Interview Questions with Detailed Answers.

All of the Identity and Access Management Interview Questions given here are gathered from the interview panel members; also we assure that we have compiled almost 90% of the Identity and Access Management Interview Questions and Answers.

Identity And Access Management Interview Questions and Answers

Question: Define an Identity

An identity is the representation of a resource including employee, customer name, partners, vendors, and so on. This identity shows what kind of relationship the user has when interacting with a company’s network.

Question: Why You Need to Implement Identity and Access Management?

Listed below are few of the main advantages of implementing identity and access management in your organization.

  • Reduce IT Operating Costs
  • Minimize Security Risks
  • Improved IT Services
  • Legal Compliances
Question: How Does IDM Work?

The process involves creating user accounts that are able to be modified, disabled or deleted. Delegated workflows, rules and policies are applied to the users account.

A user profile will tell the company: who they are, what they are entitled to do, when they are allowed to perform specific functions, where they are allowed to perform functions from and why they have been granted permissions.

Question: Define the Purpose of Rule Designer in IDM?

Use this form to create rules that can be applied to password policy selection, automatic group membership, provisioning process selection, task assignment, and prepopulating adapters

Question: Define Adapter? List Out the Different Types of Adapter Available Oracle Identity Manager (OIM)

An adapter is a Java class that is created by an Oracle Identity Manager user through the Adapter Factory.

Process Tasks adapters – automate completion of a process task and are attached to a Process Definition Form ( AD user, OID User, etc)

Entity Adapter – automatically populates a field on the OIM User form or custom User Form on pre-update, pre-delete, pre-insert, post-insert, post-update, or post-delete

Pre-Populate Adapter – specific type of rule generator attached to a user-created form field that can automatically generate data to the form but does not save that data to the OIM database but does send that information to appropriate directory user object. The data can come from manual entry on a form or from automated entry from the OIM defined forms.

Rule Generator – can populate fields automatically on an OIM form or a user-created form and save to the OIM database based on business rules

Task Assignment Adapter – automates the assignment of a process task to a user or group

Question: Briefly Describe the Step By Step Process of How Identity Management Solutions Implemented?

Step 1: Inventory and assess current investments and processes. Clean and consolidate identity data stores. Create virtual identities for enterprise users.

Step 2: Design and deploy identity infrastructure components. Create identity provisioning and deploy password management, user self-service and regulatory compliance.

Step 3: Deliver applications and services. Access management deployed to a clean environment. Leverage federated identity for improving supply chain and employee efficiencies.

Question: Define the Role of Reconciliation Manager?

Via reconciliation Manager, you can look here for recon data once reconciliation is complete. You can determine whether event received and linked for not.

Question: Define Event Handler

In an Identity Management system, any action performed by a user or system is called an operation or Event. Examples of Events are creating users, updating users, creating password policy, and so on.


Pre-process Event Handler

Post-Process Event Handler

Pre-process Event Handler: Mostly Pre-process Event Handlers are used for Validation Purpose.

Post-process Event Handler: Post-process Event Handlers are written mainly when there is a need of making changes internally after any event is triggered in OIM.

Question: How Many Types of Users are There in Oracle Identity Manager?

Two types of Oracle Identity Manager users determine access rights to specific aspects of Oracle Identity Manager.

These types include:

  • End-User Administrator
  • End-User
Question: Define OIM User

OIM user is an account which helps in managing the compliance of any organization and helps in providing the access rights according to its identity in the related organization.

Question:  What is Oracle Webgate?

n Oracle WebGate is a Web server plug-in that is shipped out-of-the-box with Oracle Access Manager. The WebGate intercepts HTTP requests from users for Web resources and forwards them to the Access Server for authentication and authorization.

Question: Describe the Different Statuses of reconciliation?
  • Confirmed: The Identity Manager user says that the account exists, and the resource agrees that the account exists
  • Deleted: The Identity Manager user says the account exists, but the resource says that the account does not exist.
  • Found: The Identity Manager user says the account may exist, and the resource says that the account does exist.
  • Missing: The Identity Manager user says the account may exist, but the resource says that the account does not exist.
  • Collision: Two or more Identity Manager users claim the same resource account.
  • Unassigned: The resource account matches exactly one Identity Manager user, but that user does not say anything about the account.
  • Unmatched: The resource account matches no Identity Manager user.
  • Disputed: The resource account matches more than one Identity Manager user.
Question: Differentiate <contains> and <containsall> tag?

The difference between contains and containsAll is that contains check if 1 Object (the parameter) exists in the list while containsAll check if the list contains ALL the elements in the given collection (hence the all in the method’s name).

Question: Mention the Connector components in OIM ?

The following components are created when you deploy a connector:

  • Reconciliation Field Definitions
  • Reconciliation Field Mappings
  • Reconciliation Rules
  • Reconciliation Action Rules
  • Reconciliation Provisioning Tasks
  • IT Resource
  • IT Resource Type
  • Lookup Definitions
  • Scheduled Tasks
Question: OIM 10g vs OIM 11g – State the Difference
OIM 10g OIM 11g
Reconciliation Manager in Design Console Event Management in Admin Console.
Object Form Request Dataset
Creation of new IT Resource from Design/Admin Console. Creation of new IT Resource from Admin Console.
Struts based UI. ADF based UI.
Approvalworkflow creation from Design/Admin Console Approval workflow creation from IDE using SOA Plugin.
Custom workflow engine Using BPEL as workflow engine.
No Notification Tasks Notification tasks which are separate from Schedule Task’s jobs.
Question: Define the Role Played by Oracle Identity Manager

An Oracle Identity Manager role is used to define the access rights that an entity may have. These defined roles use unique role names to differentiate them within the Oracle Identity Manager environment. A role may be associated with one or more access rights to Oracle Identity Manager Function. For example, a single role enables a user to create other Oracle Identity Manager user accounts and manage a specific organization. Roles determine the links and menus that are available to users when they log in to the console.

Practical Identity Access and Management Interview Questions

Question: “Tell me about yourself.”

It seems like an easy question, but it’s really a trickiest one! , Talk about what you’ve specifically done to prepare yourself to be the very best candidate for the position. Use a behavioral example or two to back it up. Then ask if they would like more details. If they do, keep giving them example after example of your background and experience.

Question: “Why should I hire you?”

Here is the sample answer:

“You should hire me because I’m the best person for the job. I realize that there are likely other candidates who also have the ability to do this job. Yet I bring an additional quality that makes me the best person for the job—my passion for excellence. I am passionately committed to producing truly world class results.”

Question: “What is your greatest weakness?”

You should select a weakness that you have been actively working to overcome. A sample response: “I have had trouble in the past with planning and prioritization. However, I’m now taking steps to correct this. I’m now using a planning app to better plan and prioritize…”

Question: “If you had to live your life over again, what one thing would you change?”

Focus on a key turning point in your life or missed opportunity. Yet also tie it forward to what you are doing to still seek to make that change.

That’s it! Follow for job interview questions and answers to get through your job interview successfully in first attempt.


Please enter your comment!
Please enter your name here