Order of Execution

Identity Management Service › User Console Design Guide › Validation Rules › About Validation Rules › Validation Rule Sets › Order of Execution

Order of Execution

Rules are executed in the order in which they are listed in the rule set. Identity Management executes each rule in a rule set separately, and transparently continues to each subsequent rule in the rule set unless a rule fails.

Because validation rules are executed in a predictable order, you can implement rules whose actions are dependent upon the outcome of previous rules, as in the following examples:

One rule’s output can become input to the next rule.
When a field value is changed during validation, the new value can be evaluated in subsequent rules.

Basics of Validation Rule Definition

Perform the following basic operations when defining custom validation rules:

Implement a validation rule. Implement a validation rule in any of the following ways:
- Regular expression
- JavaScript
- Java class
Integrate a validation rule with Identity Management through a task screen or directory.xml. Do so either inline (directly in the task screen or directory.xml file) or by reference (referencing a JavaScript source file or compiled Java class file), as shown in the following table:

	Inline	By Reference
Regular Expression	directory.xml or task screen	—
JavaScript	directory.xml or task screen	Source file referenced in directory.xml
Java	—	Class file referenced in directory.xml or task screen

Associate one or more validation rules with a task screen field. Do so in either or both of the following ways:
- With task-level validation, you assign a validation rule directly to a field on a particular task screen.
  Task-level validation has task-specific scope—that is, it can be used only in the context of the particular task screen where it is assigned.
- With directory-level validation, you map a rule set to a managed object attribute in directory.xml. Any task screen field that is configured with the attribute is validated against the rules in the rule set.
  Directory-level validation has global scope. This means that directory-level validation can be used on any field configured with the managed object attribute, regardless of the task screen that contains the field, and regardless of the Identity Management environment that includes the task screen.

More information:

How to Implement Custom Validation Rules

How to Configure Validation Rules