/
Identity-Attribute-Owner App Registration / Custom User Attribute Process

Identity-Attribute-Owner App Registration / Custom User Attribute Process

Enumeration Control – Default Allowed Values

Purpose:
To prevent data drift and ensure that key identity attributes remain predictable and automation‑friendly. Establishing a controlled list of allowed values ensures consistency across HR, IAM, and downstream systems (Azure AD, Conditional Access, PIM, group automation, etc.).

1. Overview

Many identity attributes are used as logic drivers in workflows, automations, access policies, and governance controls. Allowing free‑text or inconsistent values introduces risk, operational overhead, and technical debt.

To maintain a stable and predictable identity schema, the following attributes are restricted to predefined enumerations. Any changes to these values require IAM oversight and alignment with HR as the authoritative source of truth.

2. Enumeration Table (Approved Default Values)

Below is the official list of controlled attributes and their allowed values.

WorkerType

Allowed Values:

  • 1099

  • FULL_TIME

  • THIRD_PARTY

  • PART_TIME

  • TEMP

  • INTERN

  • SEASONAL

Region

Allowed Values:

  • BENEFITS_PLATFORM

  • MOUNTAIN_WEST_PLATFORM

  • EAST_PLATFORM

  • SOUTH_PLATFORM

  • CORPORATE_REGION

  • NORTHEAST_REGION

  • SOUTHERN_CALIFORNIA_PLATFORM

  • NORTHWEST_PLATFORM

  • MIDWEST_PLATFORM

  • AGRICULTURE_PLATFORM

  • CENTRAL_PLATFORM

  • SHARED_SERVICES_REGION

  • MOUNTAIN_WEST_REGION

  • ZZ_(CLOSED)_CALIFORNIA_REGION

  • SOUTHWEST_REGION

  • ZZ_(CLOSED)_WEST_REGION

  • SOUTHEAST_REGION

DepartmentCode

Allowed Values:

  • BUSINESS_DEVELOPMENT

  • SALES

  • CUSTOMER_SERVICE

  • GROWTH

  • FINANCE_ACCOUNTING

  • DATA_TECHNOLOGY

  • OPERATIONS1

  • AGENCY_MANAGEMENT

  • MARKETING

  • COMPLIANCE

  • HUMAN_RESOURCES

  • COO_OFFICE

  • LEGAL

  • INTEGRATIONS

  • M_A

  • EXECUTIVE

JobLevel

Allowed Values:

  • OUTSIDE_BROKER_PRODUCER

  • PRODUCER

  • CLIENT_MANAGEMENT_TEAM_LEADER

  • ANALYST

  • INSIDE_SALES

  • SENIOR_ACCOUNTANT

  • MANAGER

  • PRODUCER_III

  • VICE_PRESIDENT

  • ACCOUNT_MANAGER

  • CLIENT_ADVOCATE

  • REPRESENTATIVE

  • MARKET_LEADER

  • SENIOR_ASSOCIATE

  • SPECIALIST

  • RECEPTIONIST

  • CLIENT_MANAGER_I

  • OPERATIONS_MANAGER

  • ASSISTANT

  • CLIENT_SERVICE_REPRESENTATIVE

  • ASSOCIATE

  • SENIOR_SPECIALIST

  • PRODUCER I

  • DIRECTOR

  • OUTSIDE_CONSULTANT

  • PRODUCER_II

  • CLIENT_MANAGER_II

  • CLAIMS_MANAGER

  • BROKER_III

  • SALES_MANAGER

  • SENIOR_VICE_PRESIDENT

  • SUPERVISOR

  • BUSINESS_PARTNER

  • CLIENT_EXECUTIVE_I

  • SERVICE_DESK

  • CLIENT_EXECUTIVE_II

  • GENERAL_COUNSEL

  • TEAM_LEAD

  • CLAIMS_REPRESENTATIVE

  • STAFF_ACCOUNTANT

  • ADMINISTRATOR

  • PROJECT_MANAGER

  • PRINCIPAL

  • CLERK

  • SYSTEMS_ADMINISTRATOR

  • INTERN

  • CLIENT_MANAGER_III

  • CONSULTANT_I

  • ACCOUNTANT

  • SALES_ASSOCIATE

  • GENERALIST

  • FIELD_VICE_PRESIDENT_PRODUCER

  • ADMINISTRATIVE_ASSISTANT

  • BROKER_I

  • INTEGRATION_SPECIALIST

  • AGENCY_ACCOUNTANT

  • SENIOR_FINANCIAL_ANALYST

  • SENIOR_ANALYST

  • STRATEGIST

  • CLIENT_EXECUTIVE_III

  • CHIEF_FINANCIAL_OFFICER

  • CHIEF_OF_STAFF

  • SYSTEMS_SPECIALIST

  • CYBERSECURITY_ENGINEER

  • VP_OPERATIONS

  • ENGINEER

  • AMS_TRAINER

  • RECRUITER

  • SVP_PLATFORM_LEADER

  • PRESIDENT_AGENCY_OPERATIONS

  • LEGAL_COUNSEL

  • SALES_ASSISTANT

  • DOWNLOADS_SPECIALIST

  • CHIEF_EXECUTIVE_OFFICER

  • BROKER_II

  • ASSISTANT_CONTROLLER

  • VP_PLATFORM_LEADER

  • CHIEF_PEOPLE_OFFICER

  • CHIEF_DEVELOPMENT_OFFICER

  • GRAPHIC_DESIGNER

  • REGIONAL_CONTROLLER

  • REGIONAL_GROWTH_LEADER

  • CONSULTANT_III

  • VP_SALES

  • JUNIOR_DATA_QUALITY_ANALYST

  • CHIEF_OPERATING_OFFICER

  • ChairmanOfTheBoard

  • CHIEF_INFORMATION_OFFICER

  • AREA_MANAGING_PARTNER

  • SENIOR_DATA_QUALITY_ANALYST

  • CONSULTANT_II

EmploymentStatus

Allowed Values:

  • Active

  • Leave

  • Terminated

TerminationDate

Allowed Value Format:

  • Date only (YYYY‑MM‑DD)

AgencyID

Allowed Value Format:

  • 5‑digit agency ID (numeric only)

PrimaryBusinessSegment

Allowed Values:

  • Benefits – Individual

  • Benefits – Group

  • Non – Retail

  • Commercial Lines

  • Personal Lines

  • Administrative

  • Agriculture

PayType

Allowed Values:

  • COMMISSION_ONLY

  • SALARY

  • HOURLY

  • SALARY_NON_EXEMPT

3. Rules & Governance

No Free‑Text Values Allowed

All attributes listed above must be sourced from the controlled values. Any attempt to introduce an unapproved value will be rejected during the CAB change process or IAM QC.

Changes Require IAM Approval

  • Any addition, removal, or modification of allowed values must be submitted via the CAB process.

  • IAM will review the impact on:

    • Lifecycle automation

    • Group membership rules

    • Conditional Access

    • Privileged Identity Management (PIM) logic

    • HRIS (Dayforce) integration mappings

HR as the Authoritative Source

  • HR defines and owns the human‑resource semantics of WorkerType, JobLevel, EmploymentStatus, and CostCenter.

  • IAM governs technical representation and controls.

4. Expected Outcomes

Predictable and Governed Attribute Values

Controlled enumeration ensures that downstream systems can reliably use these attributes without risk of mismatched or novel values.

Safe for Automation and Access Control

Because values remain consistent over time, they can be used confidently in:

  • Dynamic Groups

  • Conditional Access policies

  • PIM assignments

  • Zero‑touch lifecycle workflows

Improved Data Quality Across Systems

Eliminates data drift and assures alignment between HRIS, IAM, and directory systems (AAD/M365).

5. Document Ownership

  • Maintainer: IAM Team

  • Authoritative Business Owner: HR

  • Update Frequency: As needed via CAB request