netwrix · jth-nw · Apr 20, 2026 · Apr 19, 2026 · Apr 20, 2026
@@ -100,7 +100,7 @@ To enable the OAuth authentication do the following:
 
 **Step 2 –** Go to **Advanced Setup**.
 
-![oauthauthentication](/images/identitymanager/integration-guide/connectors/references-connectors/scim/oauthauthentication.webp)
+![oauthauthentication](/images/identitymanager/oauthauthentication.webp)
 
 **Step 3 –** Go to **OAuth** and **OpenID Connect Settings** in the **Identity** drop-down menu,
 enable the option to **Allow OAuth Username-Password Flows**.

@@ -12,7 +12,7 @@ choose the installation setup that fits best your organization's needs.
 
 ## Components and Data Flow
 
-![Components & Data Flow](/images/identitymanager/installation-guide/overview/components_data_flow.webp)
+![Components & Data Flow](/images/identitymanager/components_data_flow.webp)
 
 ### Components
 
@@ -95,7 +95,7 @@ Two scenarios unfold:
 
 This approach is useful when managed systems need to run on separate and isolated networks.
 
-![Server & Agents isolated](/images/identitymanager/installation-guide/overview/distribution_1.webp)
+![Server & Agents isolated](/images/identitymanager/distribution_1.webp)
 
 **2.** The Server and one Agent are installed on the same workstation
 
@@ -104,7 +104,7 @@ process. The hosting workstation would **only host a Identity Manager Server pr
 integrated agent) and no separate agent needs to be installed. The database could be installed on
 the same workstation or on a separate one.
 
-![Server & Agent together](/images/identitymanager/installation-guide/overview/distribution_2.webp)
+![Server & Agent together](/images/identitymanager/distribution_2.webp)
 
 ## Authentication
 

@@ -102,7 +102,7 @@ The following is
 - **Application Pool** > **Identity Manager `<Organization>`** > **Advanced Settings** >
   **General** > **.NET CLR Version** > **No Managed Code**
 
-![IIS Settings](/images/identitymanager/installation-guide/production-ready/server/iis_settings.webp)
+![IIS Settings](/images/identitymanager/iis_settings.webp)
 
 This sums up IIS settings.
 
@@ -246,7 +246,7 @@ would be `IIS APPPOOL/identitymanagerAgent<Organization>`.
 **Step 5 –** Select the newly added user name in the Group or user names panel at the top of the
 window.
 
-![Object Names](/images/identitymanager/installation-guide/production-ready/server/enter-the-object-names-to-select.webp)
+![Object Names](/images/identitymanager/enter-the-object-names-to-select.webp)
 
 **Step 6 –** Check the **Allow** column for the relevant permissions. Check the **Deny** column for
 the others. See the[Server](/docs/identitymanager/6.2/installation-guide/requirements/server-requirements/index.md) topic for additional

@@ -49,7 +49,7 @@ and
 - Locate the database name dropdown, next to the **Execute** button in the top left section of the
   screen.
 
-![Execute Query](/images/identitymanager/installation-guide/production-ready/database/execute_query.webp)
+![Execute Query](/images/identitymanager/execute_query.webp)
 
 - From the dropdown, select the newly created database.
 - Click **Execute**.

@@ -79,7 +79,7 @@ The following is mandatory:
 - **Application Pool** > `Usercube<Organization>` > **Advanced Settings** > **General** > .NET CLR
   Version > `No Managed Code`
 
-![IIS Settings](/images/identitymanager/installation-guide/production-ready/server/iis_settings.webp)
+![IIS Settings](/images/identitymanager/iis_settings.webp)
 
 An SSL Certificate should also be set to the IIS Server to perform HTTPS communication with
 end-users.
@@ -183,7 +183,7 @@ This guide will show you how to perform these operations using SQL Server Manage
 the Identity Manager Database with an account member of the **sysadmin** or **securityadmin**
 server-level role.
 
-![New Login](/images/identitymanager/installation-guide/production-ready/server/newlogin.webp)
+![New Login](/images/identitymanager/newlogin.webp)
 
 **Step 2 –** Expand the **Security** and **Login** nodes, and look for the Identity Manager service
 account in the list.
@@ -208,7 +208,7 @@ then go to the **Server Roles** page on the left and make sure **public** is che
 **Step 6 –** Go to **User Mapping**and make sure `Usercube/<Organization/>` is checked (top panel),
 as well as **db_owner** and **public** (bottom panel).
 
-![Bulk](/images/identitymanager/installation-guide/production-ready/server/bulk.webp)
+![Bulk](/images/identitymanager/bulk.webp)
 
 **Step 7 –** Right-click the **Server** root node and select **Properties**, and in the
 **Permissions** tab, select the service account or group name.
@@ -252,7 +252,7 @@ The Identity Manager Server service account that was chosen previously:
 
     **Step 1 –** Click on **Edit** and then on **Add**.
 
-    ![Object Names](/images/identitymanager/installation-guide/production-ready/server/enter-the-object-names-to-select.webp)
+    ![Object Names](/images/identitymanager/enter-the-object-names-to-select.webp)
 
     **Step 2 –** In the **Enter the object names to select** textbox, enter the service account name
     in the down-level log on format, such as `CONTOSO/identitymanagerContosoServer`, then click **OK**.

@@ -27,15 +27,15 @@ The installation of Identity Manager requires:
 [portal](https://www.netwrix.com/sign_in.html?rf=my_products.html) and download the artifacts of the
 expected version.
 
-![Extranet Artifacts](/images/identitymanager/installation-guide/quick-start/extranet_v601.webp)
+![Extranet Artifacts](/images/identitymanager/extranet_v601.webp)
 
 **Step 2 –** Extract from SDK the folder Identity Manager Bootstrap anywhere on the computer.
 
 **Step 3 –** Extract the content of Runtime to Identity Manager Bootstrap.
 
 When extracting Identity Manager Bootstrap to the root of the computer, it looks like:
 
-![Project Directory](/images/identitymanager/installation-guide/quick-start/directory_v602.webp)
+![Project Directory](/images/identitymanager/directory_v602.webp)
 
 **Step 4 –** Move or copy your certificate inside the Runtime folder.
 
@@ -87,7 +87,7 @@ In our example, the command would be, still in the Runtime folder:
 as a username and the password specified in the Runtime/appsettings.json file, in the Authentication
 section.
 
-![Authentication Dialog](/images/identitymanager/installation-guide/quick-start/authentication_v601.webp)
+![Authentication Dialog](/images/identitymanager/authentication_v601.webp)
 
 Now you can start using the application.
 
@@ -96,7 +96,7 @@ Now you can start using the application.
 From there, you can start setting up Identity Manager via the **Settings** page which is accessible
 from the **Configuration** section of the home page.
 
-![Home Page - Settings](/images/identitymanager/user-guide/set-up/user-profile-configuration/home_settings_v523.webp)
+![Home Page - Settings](/images/identitymanager/home_settings_v523.webp)
 
 Then, Netwrix Identity Manager (formerly Usercube) recommends following the user guide to start the
 configuration of your IGA project from scratch. See the [User Guide](/docs/identitymanager/6.2/user-guide/index.md)

@@ -18,19 +18,19 @@ A reverse proxy is usually used when:
 - needing to encrypt the requests from/to end-users on the one hand, and on the other hand to be
   able to monitor plain text requests from/to Identity Manager's server;
 
-    ![Proxy Purposes: Encryption](/images/identitymanager/installation-guide/reverse-proxy/proxy_purpose_encryption.webp)
+    ![Proxy Purposes: Encryption](/images/identitymanager/proxy_purpose_encryption.webp)
 
 - installing Identity Manager with an integrated agent on a network isolated from the users'
   browsers, in order to be able to access sensitive systems which are protected by being set up on a
   network isolated from the Internet;
 
-    ![Proxy Installation Example](/images/identitymanager/installation-guide/reverse-proxy/proxy_example.webp)
+    ![Proxy Installation Example](/images/identitymanager/proxy_example.webp)
 
     This installation will be used for the configuration examples below.
 
 - using several Identity Manager's server instances for load-balancing purposes.
 
-    ![Proxy Purposes: Load Balancing](/images/identitymanager/installation-guide/reverse-proxy/proxy_purpose_loadbalancing.webp)
+    ![Proxy Purposes: Load Balancing](/images/identitymanager/proxy_purpose_loadbalancing.webp)
 
 As Identity Manager is session-less, working with several servers does not imply the need to
 synchronize sessions between servers, nor the need to guarantee that a particular IP will be

@@ -19,7 +19,7 @@ The page `[Usercube application's URL]/swagger` can be used to explore and test
 This page is built by the [Swagger UI tool](https://swagger.io/tools/swagger-ui/) from the Identity
 Manager [OpenAPI](https://swagger.io/specification/) definition.
 
-![Usercube server swagger page](/images/identitymanager/integration-guide/api/swagger.webp)
+![Usercube server swagger page](/images/identitymanager/swagger.webp)
 
 A function can have several versions. This is why the API description is split into several OpenAPI
 definition files.

@@ -11,7 +11,7 @@ PageSize and ContinuationToken parameters.
 
 The principle is to call the function with the ContinuationToken obtained from the previous call.
 
-![Pagination sequence diagram](/images/identitymanager/integration-guide/api/pagination/pagination.webp)
+![Pagination sequence diagram](/images/identitymanager/pagination.webp)
 
 :::note
 Pagination is optional. If PageSize is not specified, the function will return all items

@@ -15,15 +15,15 @@ Get an access token by proceeding as follows:
 1. Launch Postman.
 2. Create a new request by clicking on **+ New** then **Request**.
 
-    ![Postman: New Request](/images/identitymanager/integration-guide/api/how-tos/request-postman/postman_newrequest.webp)
+    ![Postman: New Request](/images/identitymanager/postman_newrequest.webp)
 
 3. Fill in the fields and click on **Save to Identity Manager**.
 
-    ![Postman: New Request Fields](/images/identitymanager/integration-guide/api/how-tos/request-postman/postman_requestfields.webp)
+    ![Postman: New Request Fields](/images/identitymanager/postman_requestfields.webp)
 
 4. Fill in the authentication information as follows:
 
-    ![Postman: Authentication](/images/identitymanager/integration-guide/api/how-tos/request-postman/postman_authentication.webp)
+    ![Postman: Authentication](/images/identitymanager/postman_authentication.webp)
 
     - **Method**: POST
     - **URL**: `<URL IdentityManager>`/connect/token
@@ -35,7 +35,7 @@ Get an access token by proceeding as follows:
 
 5. Click on **Send** and get the access token from the response body.
 
-    ![Postman: Access Token](/images/identitymanager/integration-guide/api/how-tos/request-postman/postman_accesstoken.webp)
+    ![Postman: Access Token](/images/identitymanager/postman_accesstoken.webp)
 
 ## Use an Access Token
 
@@ -44,7 +44,7 @@ Use an access token by proceeding as follows:
 1. Create a new request in Postman.
 2. Fill in the authorization information as follows:
 
-    ![Postman: Authorization](/images/identitymanager/integration-guide/api/how-tos/request-postman/postman_authorization.webp)
+    ![Postman: Authorization](/images/identitymanager/postman_authorization.webp)
 
     - **Method**: GET
     - **URL**: `<URL IdentityManager>`/`<URI of the API to call>`?api-version=1.0
@@ -54,7 +54,7 @@ Use an access token by proceeding as follows:
 
 3. Click on **Send** and get the result from the response body.
 
-    ![Postman: Access Token Result](/images/identitymanager/integration-guide/api/how-tos/request-postman/postman_accesstokenresult.webp)
+    ![Postman: Access Token Result](/images/identitymanager/postman_accesstokenresult.webp)
 
 ## Create a Combined Request
 
@@ -63,7 +63,7 @@ Create a combined request by proceeding as follows:
 1. Create a new request in Postman.
 2. Fill in the authorization information as follows:
 
-    ![Postman: Authorization (Combined Request)](/images/identitymanager/integration-guide/api/how-tos/request-postman/postman_authorizationcombined.webp)
+    ![Postman: Authorization (Combined Request)](/images/identitymanager/postman_authorizationcombined.webp)
 
     - **Method**: GET
     - **URL**: `<URL IdentityManager>`/`<URI of the API to call>`?api-version=1.0
@@ -73,7 +73,7 @@ Create a combined request by proceeding as follows:
 
 3. Click on **Get New Access Token** and fill in the fields as follows:
 
-    ![Postman: New Access Token Fields (Combined Request)](/images/identitymanager/integration-guide/api/how-tos/request-postman/postman_newaccesstokencombined.webp)
+    ![Postman: New Access Token Fields (Combined Request)](/images/identitymanager/postman_newaccesstokencombined.webp)
 
     - **Token Name**: `<Token Name>`
     - **Grant Type**: Client Credentials
@@ -88,8 +88,8 @@ Create a combined request by proceeding as follows:
 
 4. Click on **Request Token** to get the token.
 
-    ![Postman: Get Token (Combined Request)](/images/identitymanager/integration-guide/api/how-tos/request-postman/postman_gettokencombined.webp)
+    ![Postman: Get Token (Combined Request)](/images/identitymanager/postman_gettokencombined.webp)
 
 5. Click on **Use Token** and **Send** and get the result from the response body.
 
-    ![Postman: Access Token Result (Combined Request)](/images/identitymanager/integration-guide/api/how-tos/request-postman/postman_accesstokenresult.webp)
+    ![Postman: Access Token Result (Combined Request)](/images/identitymanager/postman_accesstokenresult.webp)
@@ -22,7 +22,7 @@ Agent and server are [ASP.Net](https://docs.microsoft.com/en-us/aspnet/core/) ap
 on Windows. Identity Manager's database is a
 [Microsoft SQLServer](https://www.microsoft.com/en-us/sql-server) relational database.
 
-![Architecture](/images/identitymanager/integration-guide/architecture/architecture.webp)
+![Architecture](/images/identitymanager/architecture.webp)
 
 See the [SaaS Environment](/docs/identitymanager/6.2/integration-guide/architecture/saas/index.md) topic for additional information on Netwrix Identity
 Manager (formerly Usercube) recommended architecture when working in a SaaS environment.

@@ -12,7 +12,7 @@ When working in an on-premises environment, Identity Manager needs a specific a
 
 Identity Manager recommends the following architecture:
 
-![On-Premises Recommended Architecture](/images/identitymanager/integration-guide/architecture/on-prem/architecture_onprem.webp)
+![On-Premises Recommended Architecture](/images/identitymanager/architecture_onprem.webp)
 
 Most situations do not need Identity Manager so much that they need a fail-over system, i.e.
 installing several Identity Manager instances in order to prevent breakdowns. In most situations, a

@@ -24,7 +24,7 @@ The idea, when sending data from the agent to the server, is the following:
 3. the server receives and decrypts the message, before encrypting it again with its own encryption
    certificate configured by Identity Manager.
 
-![Schema: Agent/Server Communication](/images/identitymanager/integration-guide/architecture/how-tos/protect-agent-server-communication/agent-server-communication.webp)
+![Schema: Agent/Server Communication](/images/identitymanager/agent-server-communication.webp)
 
 ### Configuration details
 

@@ -12,7 +12,7 @@ When working in a SaaS environment, Identity Manager needs a specific architect
 
 Identity Manager recommends the following architecture:
 
-![SaaS Recommended Architecture](/images/identitymanager/integration-guide/architecture/saas/architecture_saas.webp)
+![SaaS Recommended Architecture](/images/identitymanager/architecture_saas.webp)
 
 ### Agent(s)
 

@@ -26,7 +26,7 @@ follows:
 4. Go to **App Registrations** in the left panel.
 5. Click the **+ New Registration** button in the top menu.
 
-    ![Azure AD Export - Add New Registration](/images/identitymanager/integration-guide/connectors/how-tos/azuread-register/howtos_azuread_exportregistration.webp)
+    ![Azure AD Export - Add New Registration](/images/identitymanager/howtos_azuread_exportregistration.webp)
 
     A new registration form is displayed:
 
@@ -74,7 +74,7 @@ follows:
     Manager Agent. The same page also displays the **Directory (tenant) ID** that will also be
     needed by the Identity Manager Agent.
 
-    ![Azure AD Export - New ApplicationId](/images/identitymanager/integration-guide/connectors/how-tos/azuread-register/howtos_azuread_exportapplicationid.webp)
+    ![Azure AD Export - New ApplicationId](/images/identitymanager/howtos_azuread_exportapplicationid.webp)
 
 ### Get the application's secret key
 
@@ -91,7 +91,7 @@ A **Client Secret** key needs to be generated. Get it by proceeding as follows:
     The Client Secret is now listed in the bottom panel **Client Secrets**. The Client Secret value
     is needed by the Identity Manager Agent settings file.
 
-    ![Azure AD Export - New Client Secret](/images/identitymanager/integration-guide/connectors/how-tos/azuread-register/howtos_azuread_exportsecret.webp)
+    ![Azure AD Export - New Client Secret](/images/identitymanager/howtos_azuread_exportsecret.webp)
 
     The **Client Secret** value is only displayed in the UI in plain text at first. After a while,
     it is only displayed as `**************`. It should hence be stored in the
@@ -108,7 +108,7 @@ Grant Identity Manager directory permissions by proceeding as follows:
 3. Go to **API Permissions** in the left panel.
 4. Click on the **+ Add a permission** button.
 
-    ![Azure AD Export - Add Permission](/images/identitymanager/integration-guide/connectors/how-tos/azuread-register/howtos_azuread_exportpermissions.webp)
+    ![Azure AD Export - Add Permission](/images/identitymanager/howtos_azuread_exportpermissions.webp)
 
 5. Go to **Microsoft graph** > **Application permissions**.
 6. Search and open the **Directory** category.
@@ -117,7 +117,7 @@ Grant Identity Manager directory permissions by proceeding as follows:
     If you plan on configuring fulfillment too, you must only check the **Directory.ReadWrite.All**
     permission.
 
-    ![Azure AD Export - Directory Permission](/images/identitymanager/integration-guide/connectors/how-tos/azuread-register/howtos_azuread_exportdirectorypermission.webp)
+    ![Azure AD Export - Directory Permission](/images/identitymanager/howtos_azuread_exportdirectorypermission.webp)
 
 8. Confirm with the **Add permissions** button at the bottom of the page.
 
@@ -126,6 +126,6 @@ Grant Identity Manager directory permissions by proceeding as follows:
 
 9. Grant admin consent by clicking on **√ Grant admin consent for** name of the organization.
 
-    ![Azure AD Export - Grant Admin Consent](/images/identitymanager/integration-guide/connectors/how-tos/azuread-register/howtos_azuread_exportadminconsent.webp)
+    ![Azure AD Export - Grant Admin Consent](/images/identitymanager/howtos_azuread_exportadminconsent.webp)
 
     You should now see the status displayed as **√ Granted for** name of the organization.