IdLE is a generic, headless, configuration-driven lifecycle orchestration engine for identity and account processes (Joiner / Mover / Leaver), built for PowerShell 7+.

The key idea is to separate intent from implementation:

• What should happen is defined in a workflow (data-only configuration).
• How it happens is implemented by steps and providers (pluggable modules).
  • steps define, via StepTypes, which provider-agnostic capabilities are required to perform a workflow step
  • providers register to the core and announce the provided capabilities and implement the vendor system specific interface

JML (joiner/mover/leavers) processes are

• error prone, especially if performed manually
• time consuming and therefore
• quite annoying for operators

Self-made identity lifecycle automation often turns into long scripts that are:

• tightly coupled to one environment
• hard to test
• hard to change safely

Identity Management Systems (IdMS) on the other side are either complex or expensive (or both of it) and then often do not care about supplementary systems that also need to be covered within the workflows.

• Plan → Execute flow (preview actions before applying them)
• Joiner / Mover / Leaver orchestration (and custom lifecycle events)
• Plugin step model (idempotent, provider-agnostic)
• Structured events for audit/progress (CorrelationId, Actor, step results)

For a complete overview of concepts, see About > Concepts.

Quick install:

Install-Module -Name IdLE -Scope CurrentUser
Import-Module IdLE

For further installation instructions, requirements, and options, see Installation Guide.

Please refer to the documentation in "How to use IdLE?" for further instructions on the following topics:

1. How to write a workflow
2. Create an identity lifecycle request
3. Plan the IdLE run
4. Invoke & Execute the Plan

Run the end-to-end demo (Plan → Execute):

pwsh -File .\examples\Invoke-IdleDemo.ps1 -All

The demo shows:

• creating a lifecycle request
• building a deterministic plan from a workflow definition (.psd1)
• executing the plan using built-in steps and a mock provider

By default, the demo runs Mock workflows that work out-of-the-box without external systems. The examples folder also includes Template workflows that demonstrate real-world scenarios with Active Directory, Entra ID, Exchange Online, but these require the corresponding infrastructure and provider modules.

The documentation is also available at our project site: https://blindzero.github.io/IdentityLifecycleEngine

Start here:

• docs/about/intro.md – About IdLE
• docs/use/intro-use.md – How to use IdLE
• docs/reference/intro-reference.md - The authoritative IdLE reference

PRs welcome. Please see CONTRIBUTING.md and STYLEGUIDE.md

See Github Issues and Milestones for our roadmap.

See the LICENSE.md file.