Which IIQ version are you inquiring about?
IdentityIQ 8.4
Scenario:
-
Webservice REST Connector to be configured
-
Account Operations : GET, CREATE, UPDATE, DELETE
-
Group Operations : GET, ADD MEMEBRS, DELETE MEMBERS
-
No accounts available on target application
-
Groups available on target application
Requirement:
-
create an account on target application for each Identity (created from Authoritative Source)
-
Aggregate groups from target application and automatically create roles (probably beanshell script) for the aggregated groups in Sailpoint.
-
The roles created above are available for assignment to identity and provisioning to target application.
Challenges
-
How to automatically create roles for aggregated groups
-
How to configure (using beanshell scripting) these newly created roles for provisioning when we have 2 different operations for adding members and deleting members to the groups.
-
I assume Entitlement catalog will be empty as there are no accounts with group membership.
Any post, example, document reference or any other help is much appreciated.