In the initial R1 release of FIM, any updates that were made to the object by a workflow did not trigger any authentication workflows. Within the R2 framework, the API now allows for the addition of a new flag called “ApplyAuthorizationPolicy” as a boolean.
This can be integrated into workflows where the operations that are occuring should be authorized by another user such as adding multiple members and needing individual approvals on each member. The workflow activity would take the list of members and individually submit requests for each member to get approvals.
The application of the new flag, in a code snippet provided to me by one of the developers I work with, is provided below.
this.UpdateUserResourceActivity_ActorId1 = actorId;
this.UpdateUserResourceActivity_ResourceId1 = targetId;
this.UpdateUserResourceActivity_ApplyAuthorizationPolicy1 = true;
Anyway, this is really handy for those of us who had call to use the “RMClient” project from codeplex to perform this task within the R1 framework.