Feedback Ideas

The action currently only takes in a static link. Being able to change the button based on factors within the app would be great. For example, I currently need to append a link with a specified user's UPN to continue our onboarding flow into an external service seamlessly, so the user does not need to input the same data twice.

Account integration between Skyward / Qmlativ and Follett Systems - As students and staff become active in Skyward / Qmlativ, patron records need to be available in Follett Systems for asset distribution and library checkouts. Currently achieved via a nightly upload which makes for delays. Also, nightly uploads only bring in new accounts, never cleans up inactive accounts.

Currently a scheduled Mail task will trigger and send even if the filter in the message is empty. It would be nice to have the option to have it not send the message if the table is empty.

A proposed enhancement to the product is the introduction of workflows, allowing requests to be reviewed and approved by designated reviewers before proceeding. This would be particularly beneficial in scenarios such as application access requests or provisioning processes, ensuring oversight and compliance. How Workflows Would Improve the Product Approval Mechanism – When a user submits a request (e.g., access to an application or a provisioning action), it enters a workflow where assigned reviewers must approve or reject it before execution. Role-Based Reviewers – Approval requests could be routed to specific individuals based on their roles (e.g., managers, security officers, or compliance teams). Multi-Step Approvals – Workflows could support multi-tiered approvals where different stakeholders must review a request at various stages. Audit and Compliance – Each approval or rejection would be logged, providing a clear audit trail for governance and regulatory requirements. Example Use Case A user requests access to an HR application. Instead of immediate access, the request follows this workflow: Step 1: The user's manager reviews and approves the request.Step 2: If approved, the HR department reviews and grants final approval.Step 3: Upon approval, the provisioning process assigns the necessary permissions automatically. By incorporating workflows, the product enhances security, ensures compliance, and streamlines access management while preventing unauthorized changes.

It's no fun getting evaluation reports every hour that show zero changes to be made. An option to only send evaluation reports when there are changes to be made in the target systems would be nice.

It would be nice to be able to structure & reorder roles either through folders, or child roles akin to filters.

Currently, you have to export all columns that are turned on in a filter. This prevents you from using ordering on data that you don't want in the export. There should be an option to select which columns that are present in the filter that we want to export in the scheduler's export and multi-export options.

This has been asked/requested by a few, so building a feedback item here for further input and research. Why it matters: Some laws and standards (like HIPAA for healthcare or PCI-DSS for payment systems) say you must encrypt personal or sensitive data to keep it safe from hackers or leaks.Encrypting inside NIM: You should be able to choose specific fields in your system tables (like passwords or SSN) and encrypt them using a key that only NIM admin controls. This keeps the data safe even if someone gets access to the database.Encrypting exported data: If you export data from NIM (for reports, backups, or sharing with partners), allow the file to be encrypted using an admin-provided key. That way, the data stays protected even outside the system. Recommendations per industry standards Use secure connections: Always send data over HTTPS with the latest version of TLS (like TLS 1.2 or 1.3). This keeps the data encrypted while it’s traveling.Strong encryption: Use trusted methods like AES-256 (for encrypting data) and RSA (for sharing keys securely). These are widely accepted and hard to break.Protect your keys: Store encryption keys in secure places like a key vault or hardware security module. Rotate them regularly and limit who can access them.Verify the data: Add digital signatures or checksums so the receiving system can confirm the data wasn’t changed or tampered with.Follow the rules: Make sure you’re meeting standards like GDPR (for privacy), NIST (for government systems), or ISO 27001 (for general security). These help you stay compliant and avoid fines

Surprisingly, the "insert link" button is not available on the email template editor. It is available in the JODIT editor, but it is not available when creating an email template. Please add it.

when I configure a system eg google, you can then pull parts of google eg delegates, users etc. some need syncing more often then others. Some take a long time. Being able to exclude or control these more granular could be advantageous.

Recently, we started implementing a new system in NIM, but were interrupted by other higher-priority issues in our department. We haven't been able to get back to it yet. A week later, our entire NIM instance goes down with errors similar to "Relationship doesn't exist" or "column doesn't exist."Everything connected to NIM, such as Apps, password reset, user creation, onboarding, studio login, etc all went down. We could log in with the break-glass account, but that is it. After working with support, we found that "retention" was enabled for the new system, and after 1 week, all imported data for that system was deleted. Once it was deleted, the relationship broke with that system, which affected other relationships, and the error cascaded down to a total NIM failure. The idea request is this: Before the retention scripts are run on any system, checks need to be made to ensure that the affected table will not be emptied, thus causing the relationship issue.

Integrate with MySchoolBucks

Integrated with KnowBe4

Integrated with Schoology

NIM currently supports only two access levels: FULL or APPS-only. It would be helpful to have an "admin light" security level for junior admins to manage existing source syncs and run existing schedules/jobs when needed, but not be able to make changes to role model, mappings, filters, or what-have-you.