IdentityLifecycleEngine (IdLE)

IdLE is a generic, headless, configurable Identity or Account Lifecycle / JML (Joiner–Mover–Leaver) orchestration engine built for PowerShell.

It helps you standardize identity lifecycle processes across environments by separating:

• what should happen (workflow definition)
• from how it happens (providers/adapters)

---

Why IdLE?

Identity lifecycle automation tends to become:

• tightly coupled to one system or one environment
• hard to test
• hard to change (logic baked into scripts)

IdLE aims to be:

• portable (run anywhere PowerShell 7 runs)
• modular (steps + providers are swappable)
• testable (Pester-friendly; mock providers)
• configuration-driven (workflows as data)

---

Features

• Joiner / Mover / Leaver orchestration (and custom life cycle events)
• Plan → Execute flow (preview actions before applying them)
• Plugin step model (Test / Invoke, optional Rollback later)
• Provider/Adapter pattern (directory, SaaS, REST, file/mock…)
• Structured events for audit/progress (CorrelationId, Actor, step results)
• Idempotent execution (steps can be written to converge state)

---

Requirements

• PowerShell 7.x (pwsh)
• Pester 5.x (for tests)

---

Installation

Install from PowerShell Gallery (recommended)

Install-Module -Name IdLE -Scope CurrentUser
Import-Module IdLE

The IdLE meta-module loads the bundled nested modules (engine, built-in steps, and the mock provider used by examples) from within the installed package.

Install from source (contributors / development)

git clone https://github.com/blindzero/IdentityLifecycleEngine
cd IdentityLifecycleEngine

# Import meta module
Import-Module ./src/IdLE/IdLE.psd1 -Force

What gets loaded when you import IdLE

IdLE is the batteries-included entrypoint. Importing it loads:

• IdLE.Core — the workflow engine (step-agnostic)
• IdLE.Steps.Common — first-party built-in steps (e.g. IdLE.Step.EmitEvent, IdLE.Step.EnsureAttribute)

Built-in steps are available to the engine by default, but are intentionally not exported into the global session state. This keeps your PowerShell session clean while still allowing workflows to reference built-in steps by Step.Type.

If you want to call step functions directly (e.g. Invoke-IdleStepEmitEvent) you can explicitly import the step pack:

Import-Module ./src/IdLE.Steps.Common/IdLE.Steps.Common.psd1 -Force

Engine-only import

Advanced hosts can import the engine without any step packs:

Import-Module ./src/IdLE.Core/IdLE.Core.psd1 -Force

Option B — PowerShell Gallery (planned)

Once published:

Install-Module IdLE

---

Quickstart

Run the end-to-end demo (Plan → Execute):

pwsh -File .\examples\Invoke-IdleDemo.ps1

The demo shows:

• creating a lifecycle request
• building a deterministic plan from a workflow definition (.psd1)
• executing the plan using built-in steps (and optionally a host-provided step registry for extensions)

The execution result buffers all emitted events in result.Events. Hosts can optionally stream events live by providing -EventSink as an object implementing WriteEvent(event).

Next steps:

• Documentation entry point: docs/index.md
• Workflow samples: examples/workflows/
• Repository demo: examples/Invoke-IdleDemo.ps1
• Pester tests: tests/

---

Documentation

Start here:

• docs/index.md – documentation map
• docs/getting-started/quickstart.md – plan → execute walkthrough
• docs/advanced/architecture.md – architecture and principles
• docs/usage/workflows.md – workflow schema and validation

Project docs:

• Contributing: CONTRIBUTING.md
• Style guide: STYLEGUIDE.md

---

Contributing

PRs welcome. Please see CONTRIBUTING.md

---

Roadmap

See Github Issues and Milestones for our roadmap.

---

License

See the LICENSE.md file.