Hi All,
Looking for approaches/suggestions on how to automate the role and access profile on IDN Org. Using powershell scripts via API is one option, however are there any possibilities to use workflows for doing this? Also, any other ways this can be done?
Thanks,
Shailee
The best way is indeed some kind of tool that can call the APIs in bulk. One option is the ‘role utility’ SailPoint has made, although it’s been a long time since I’ve used it.
Internally, we have created our own toolkits that can do this. With the SDKs SailPoint has shared this should be pretty easy nowadays:
Hi @sauvee ,
How about workflows on tenant? I understand that workflows have their own limitations, however finding a way if its possible to be done on tenant itself
That then depends on the input that you want to provide. You can trigger a workflow in many ways, for instance you could trigger based on an attribute changing on the identity or an aggregation finishing. However, I don’t generally see those as good triggers for role / access profile creation.
That would leave an ‘external trigger’ which would allow you to call the workflow execution via an API call. That could work, but I think this would be similar to doing this via a script / piece of code and would not be better. In fact, I think it would be more cumbersome to troubleshoot anyway.
Thanks @sauvee . That was our assessment also.
Hello,
With ISC VS code plugin it’s possible to create access profiles and roles from csv file any without code SailPoint IdentityNow VS Code Extension Now Available - Announcements - SailPoint Developer Community
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.