Creation Rule:
Identity creation rules are used to set attributes on new Identity objects when they are created. New identities may be created during the aggregation of application accounts, or optionally created after pass-through authentication.
One common operation is to change the name property of the identity when the default application name is complex (such as a directory DN).
Another common operation is to assign a set of initial capabilities based on the attributes pulled from the application account.
Use Case: Generate user email, set password
Customization Rule:
This rule is configured on the application and is called after the connector has build a ResourceObject from the native application data.
Initially designed for non-rule based connectors to add SPPrivileged flag to an object, but could be used to do any transformations.
Use Case: Set IIQDisable flag to set account status
<WIP>