We use more and more workflows at our customer but how to avoid duplication?
For instance, we have a joiner workflow that can be triggered either at identity creation or at change of status attribute.
Today, we have 2 workflows to maintain, similar at 90%.
We also have a workflow for identities becoming inactive (trigger attribute change). But in the event that something fails, we would like to give the possibility to our IAM team to relaunch the workflow. As it’s not possible yet through the UI, we think of having the same workflow but with a launcher as trigger.
I don’t like much duplication but I don’t see clearly a way to call a workflow from a workflow.
One workflow can call another workflow. In your first example, a workflow with an identity creation trigger, and a workflow with an identity change trigger can both call the same “main” workflow to do the work.
Workflows call other workflows using the External Trigger, which could also be leveraged by someone on the IAM team. So your workflow for inactive identities triggered by attribute change, could call another workflow to do the work. The IAM team could also call that same workflow to retry the work.
Which suite your SailPoint tenant is in ? There are limitations on how many workflows you can enable at a time.
Merge the workflows if it is of same trigger, for example single workflow for Leaver. You can have conditions to manage.
You can create one Workflow with External Trigger, invoke from Postman just like any other API call. Have a parameter, based on that you can trigger a specific workflow.
These are few things I have adapted to over a period of time:
Maintain Utility Workflows that carry out a specific operation and can be called from other workflows.
Document all Utility workflows that details the operation of the workflow (trigger info, action info etc)
Utilize Error handling option (relatively a new feature which is very helpful) in HttpPost Actions so that if any operation fails the workflow does not fail and an email can be sent to people responsible
Maintain a dashboard (using Lucid, Miro etc) that has all flow diagrams for the workflows. This is really helpful on a long-term as it’s hard to find a workflow in the UI unless you remember the exact name. Wish SailPoint would add a feature to organize workflows under folders, but right now it’s a challenge when you have close to 100 workflows.
When a new requirement comes up, check if there is already a workflow that does the same job under a different circumstance. If you find one, switch to using a Utility workflow