The following lists the account attributes:
The Identity Security Cloud User ID
The account schema includes the attribute ‘Roles’. As I’m not interested in having the identity’s roles rendered in the account view of the ISC Governance source, I tried to delete the attribute ‘Roles’ from the account schema (before performing any entitlement aggregation or account aggregation). However, the connector does not allow this with the message "Unable to delete attribute ‘Roles’ because it is referenced by “attribute sync configuration”. If this is how the connector is supposed to work, please include in the documentation that this is a required attribute (that can’t be deleted) or disable the delete action for this attribute in the UI.
Hi @wim_deswerts, if you remove the role attribute from account and entitlement schema object before the aggregation operation, then I don’t think there should be an issue. But looks like after performing the aggregation, it might have referred somewhere else within the Identity Security Cloud and in your case, the values are referred somewhere in the “attribute sync configuration”.
By default, role is not there as a default attribute sync entity. In your sandbox, can you please create a source and remove the Roles attribute from the account schema and as well as from the Group attributes and then perform the account aggregation.
For the existing sources, as there are references, you can delete role from rest API or you might need to reached out our support team to delete it from the backend after removing all the references but this might cause orphan data in the system.
This is not a required attribute for sure and you can delete it before bringing the details.
Thanks.